Answer at least one of the following questions:

You’ve been hired as a consultant by an organization not due to a breach, but because their regulator documented a finding that the organization must redefine their Incident Response Program.

1. How do you garner support for this effort if the organization disagrees with the regulator’s finding?
2. What would your project plan look like if you must correct this finding prior to the next annual audit?

For this week’s “In the News”, research a recent article, providing the link to the article, that describes an incident that impacted an organization.

• How was the impact worse or reduced because of their Incident Response Program?
• What were the strengths of their Incident Response Program?

You’ve been tasked with consulting an organization that hasn’t had a breach, but their regulator documented an audit finding that they needed to redefine their Incident Response Program. Answer one of the following questions:

1. The organization believes their program is adequate; how do you impress upon management that the audit finding is valid?
2. How would you develop/draft the project plan to have a workable plan in place prior to the organization’s next annual audit?