Incident Report Components Overview In the last module, you worked on incident r

Incident Report Components
Overview
In the last module, you worked on incident response strategies to implement during an event. Now you will be assessing a realworld breach while working on components of an incident report. While following response plans, you may be required to generate incident reports on the entirety or part of an incident. This is challenging because there are many times when an incident strays off on tangents and moves away from the root cause. Therefore, it is important to be able to identify the components of an incident report before you have to generate the final output.
Proper documentation is a necessity when trying to document incidents as they are happening and after the fact. This documentation may include identification of the issue, assets involved, and effects of the incident. Many organizations have their own templates on how an incident response will be documented. It is important to find a reporting mechanism that works for your organization. It should not impede the process but facilitate it. If, at any point, the documentation becomes confusing and cannot be used to learn from the situation, then the type of documentation should be revisited. Once a root cause is identified, it should be shared with all members of your organization. This will promote a stronger awareness of identifying the same type of issue as soon as possible.
As you read through the articles for this assignment, consider the complexity involved in continuing to provide aid during an active breach with weak data protection processes. Guidelines and protections exist to prevent this type of incident, but how do you best deal with it in the middle of a crisis? As you think about root cause, remember that it often entails many contributing factors and no single easy fix.
Prompt
From the Module Three Reading and Resources, review “A ‘Major Privacy Incident’ at FEMA Exposes Personal Information of 2.5 Million Disaster Survivors,” “FEMA OIG: Agency Mistakenly Shared Data on 2.3M Hurricane, Fire Victims,” and “Management Alert— FEMA Did Not Safeguard Disaster Survivors’ Sensitive Personally Identifiable Information (REDACTED).” You will use the viewpoints presented in both articles, along with the CIS Controls document, to develop components of an incident report that includes contributing factors to the root cause of the incident.
You must address the critical elements listed below.
FEMA IncidentExplain the contributing factors that could inform the root cause analysis of the incident
Identify the data assets affected by the incident
Recommend security improvements based on the recommendations from OIG
Describe how two critical controls can be used during the root cause analysis of the incident
What to Submit
Your submission should be 2 to 3 pages in length. Use double spacing, 12-point Times New Roman font, and one-inch margins. Any references should be cited according to APA style. Use a file name that includes the course code, the assignment title, and your name—for example, CYB_123_Assignment_Firstname_Lastname.docx.
Module Three Activity Rubric
CriteriaExemplary (100%)Proficient (85%)Needs Improvement (55%)Not Evident (0%)Value
FEMA Incident: Contributing FactorsMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative mannerExplains the contributing factors that could inform the root cause analysis of the incidentAddresses “Proficient” criteria, but there are gaps in clarity, logic, or detailDoes not address critical element, or response is irrelevant22.5
FEMA Incident: Data AssetsMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative mannerIdentifies the data assets affected by the incidentAddresses “Proficient” criteria, but there are gaps in clarity, logic, or detailDoes not address critical element, or response is irrelevant22.5
FEMA Incident: Security ImprovementsMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative mannerRecommends security improvements based on the recommendations from OIGAddresses “Proficient” criteria, but there are gaps in clarity, logic, or detailDoes not address critical element, or response is irrelevant22.5
FEMA Incident: Critical ControlsMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative mannerDescribes how two critical controls can be used during the root cause analysis of the incidentAddresses “Proficient” criteria, but there are gaps in clarity, logic, or detailDoes not address critical element, or response is irrelevant22.5
Articulation of ResponseSubmission is free of errors related to citations, grammar, spelling, and organization and is presented in a professional and easy-to-read formatSubmission has no major errors related to citations, grammar, spelling, or organizationSubmission has some errors related to citations, grammar, spelling, or organization that negatively impact readability and articulation of main ideasSubmission has critical errors related to citations, grammar, spelling, or organization that prevent understanding of ideas10
Total:100%