X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 94 / 158

381 views

0 shares

0 downloads

0 comments

94 / 158

U.S. Department of Health and Human Services

Each OPDIV IRT should evolve to reflect new threats, improved technology, and lessons learned from the handling of previous incidents. As an IT Administrator, you may be asked to participate in such “lessons learned” exercises to discuss:

Exactly what happened, and at what times?

How well did staff and management perform in dealing with the incident?

Were the documented procedures followed?

Were they adequate?

What information was needed sooner?

Were any steps or actions taken that might have inhibited the recovery?

What would the staff and management do differently the next time a similar incident occurs?

What corrective actions can prevent similar incidents in the future?

What additional tools or resources are needed to detect, analyze, and mitigate future incidents?

Page 7 of 12

Operations and Maintenance Phase

Post Incident Activity

Document info
Document views381
Page views381
Page last viewedMon Dec 05 05:03:18 UTC 2016
Pages158
Paragraphs2058
Words16945

Comments