Answer

Comprehensive Incident Report Plan for Wellness Technology

The existence of a robust incident report plan contributes significantly to the reduction of damage and recovery time, as well as limitation of the associated costs when catastrophic events occur.  Incidence response entails how an organisation responds to an event such as cyber-attack, data breach, or fire outbreak (Hagen et al., 2013; Alexander, 2016). This paper presents a comprehensive incident report plan (IRP) for Wellness Technology. The events covered in the paper are power failure, internet service provider (ISP) failure, fire, burst water pipe, and the voice of internet protocol (VoIP) telephone system failure employed by the sales team and 24-hours a day, seven days a week technical support team. Malicious code or virus compromising the Wellness Technology’s Web App or the wrist device is also covered.

Overview

This incident response plan is established to offer a well-defined, organized strategy for addressing any potential event or threat to the organization and embracing appropriate action when an event occurs (Alexander, 2016). The events covered are power failure, internet service provider (ISP) failure, fire, burst water pipe, and the voice of internet protocol (VoIP) telephone system failure employed by the sales team and 24-hours a day, seven days a week technical support team. Malicious code or virus compromising the Wellness Technology’s Web App or the wrist device is also covered. The plan also identifies the responsibilities and roles of the organization’s Incident Response Team.

Incident Response Team

The incident response team is formed to provide a swift, effective, and organized response to the aforementioned events. The mission of the incident response team is to deter serious loss of information assets, client confidence, or profits by offering a quick, effective, and skilled response to any unanticipated event (Hagen et al., 2013). The team is mandated to take necessary measures deemed appropriate to resolve, mitigate, or contain incidents related to the aforementioned events. The team will be in charge of investigating incidents in a timely and cost-effective way, and reporting their outcomes to the management along with relevant authorities as appropriate.

Incident Response Team Members

The following parties constitute members of the incident response team:

·         Chief Information Officer (CIO)

·         Legal counsel

·         Firm Managing Director

·         Systems/Network Manager

·         Director of Information Security

·         Director of Information Technology

·         Applications Manager

·         Help Desk Manager

Notification of Incident Response Team

To ensure ease of reporting and timely response 24 hours a day, seven days a week, the information technology department help desk will serve as the central contact point for reporting any event. Alexander (2016) asserts that all events reported to the hell desks must pass through the director of information technology. The director of information technology will then take the necessary action together with the incident response team.

Employee Responsibilities

All organizational employees have a duty to report any confirmed or suspected event to the department of information technology immediately upon identification. Organizational employees reporting any suspected event will help in the acquisition of information, preservation of evidence, and provision of extra assistance as considered appropriate by any member of the incidence response team throughout the investigation.

Identification or Classification of Events

All reports associated with the criticality of potential events shall be categorized as low, medium, or high with the aim of facilitating adoption of necessary action.

High: Events or incidents possessing a monumental impact on the organization’s service to clients or business operations. Examples of such events are massive fire outbreaks and system break down

Medium: Events or incidents that possess significant or have the capability of possessing a monumental effect on the organization’s service to clients or business operations. An examples of such events is

Low: Incidents or events that have the ability to possess a monumental or significant effect on the organization’s business or service delivery to clients

Response

Once the reporting of an event has been done, the appropriate IT department member should be informed for response (Hagen et al., 2013). IT department members will be in charge of executing the initial investigation with the aim of determining if an event has occurred.

Power Failure

·         Checking the company’s fuses or circuit breakers to ensure that the outage does not result from equipment problems within the facility

·         Ensuring that employees are safe

·         Checking elevators, the facility, and equipment for circumstances that may require immediate attention

·         Contacting the electrical contractor or electrician for outages within the company’s system

·         Contacting the power supplier for outages external to the company’s system

·         Turning off major equipment pieces not connected to the company’s stand-by generator. Such an undertaking helps to prevent damage to equipment that can start automatically when power resumes (Alexander, 2016).

·         Leaving few lights on within visible areas to ensure that power can be detected when it resumes

·         Shutting off circuit breakers to key pieces of equipment to prevent power surges and damages to equipment upon restoration of power

·         Leaving breakers that regulate the lights on to signal when power is restored

·         Contacting firms that service the organization’s communications equipment, alarm, and air conditioning systems for specific instructions

Internet Service provider (ISP) Failure

·         Identifying and assessing network outage

·         Evacuating area if necessary

·         Reviewing with IT management

·         Initiating remedial actions to ensures recovery of network assets

·         Embracing decisions aimed at invoking network disaster recovery plan

·         Reporting to senior management

·         Contracting appropriate carriers and vendors

·         Following through on procedures for recovery

Fire

·         Indicating location of fire extinguishers and first-aid boxes

·         Ensuring specialized personal protective equipment in on site

·         Locating other equipment for fighting fire such as standpipes and hydrants

·         Locating and switching main power supply source

·         Ensuring the availability of adequate medical aid supplies on site

·         Identifying worker and mobile equipment evacuation routes

·         Identifying nearest medical centre or hospital

·         Making provisions to codon off the scene of accident to safeguard workers/employees

·         Identifying emergency access routes

Burst Water Pipe

·         Identifying and shutting off water shut off valve

·         Containing water in single areas using buckets

·         Keeping water from hardwood floor areas

Voice of Internet Protocol (VoIP) Telephone System Failure

·         Checking all the phones, modems, and routers to ensure that they are plugged in

·         Checking the internet connection to ensure that it is functioning

·         Consulting company technician for minor problems

·         Consulting service provider for major problems on issues related to firewall

·         Checking for power supply to the system

·         Arranging for alternative communication system for the sales team

Malicious Code or Virus Compromising the Wellness Technology’s Web Application

·         Gathering and reviewing log files

·         Reviewing running or installed privileged programs

·         Inspecting system file tampering

·         Detecting unapproved services installed on systems

·         Evidence of changes of password files

·         Detecting unusual files

·         Examining other hosts

·         Network monitoring programs or sniffer reports

Recovery

The primary purpose of this incident response plan is to guarantee efficient recovery via the elimination of vulnerabilities and reinstatement of repaired systems. The following recovery measures should be embraced for the events:

Malicious Codes or Malware

• Assessing insurance coverage as well as claims payment
• Ensuring the point of penetration for the attacker along with any related vulnerabilities are eliminated
• Data should be backed-up and security measures such as robust passwords, firewall, and antispyware installed
• Operations of all systems should be restored and data recovery software installed.

Fires

• Assessing payment for insurance coverage and claim
• Assessment of the facility for safety
• Securing of property
• Damage assessment
• Prevention of extra damages
• Cleaning up

Water Pipe Bursts

• Arranging payments for insurance coverage and claims
• Skilled plumbers should be consulted or hired to perform necessary repairs and ensure that plumbing works well again.

·         Coordinating repairs and restorations

·         Containing and cleaning up hazardous material

·         Assessing insurance coverage as well as claims payment

·         Moving printers and computers, and helping in the replacement of damaged equipment

·         Moving furniture and equipment

·         Notifying of change by patrolling for vacant and new location

·         Assessing control at new site

·         Cleaning up and removing water

ISP Failure

• Assessing claims, as well as insurance coverage claims for losses incurred
• The network should be made more redundant by:
• Establishing numerous routes
• Ensuring fibre connection is fault tolerant
• Implementing robust Border Gateway Protocol (BGP) to deter route leaks
• Ensuring route switching can occur automatically
• Establishing agreements with several carriers to ensures that the company can switch to a different carrier when one is unavailable

Power Failure

• Assessing insurance coverage and claims compensation or payment for losses incurred
• Backing up of data
• Installation of data recovery software
• Installation of an alternative power supply such as solar power, and standby generators

Voice of Internet Protocol (VoIP) Telephone System Failure

·         Assessing claims and insurance coverage payment

·         Damage assessment

·         Coordinating repairs

·         Seeking for alternative service providers

Periodic Testing and Remediation

·         The department of information technology has the responsibility of testing and reviewing the incident response plan for the events outlined in this document on a quarterly basis. When testing is performed, every system should be subjected for scanning for open vulnerability prior to remediation after which the scanning is performed again following the remediation. Such an undertaking ensures that that all vulnerabilities are eliminated.

·         Regular trainings will also be conducted to organizational employees to ensure effective response to events discussed in the document.