Professional Documents
Culture Documents
Discussion Components of An Incident Response Plan: Roles and Responsibilities
Discussion Components of An Incident Response Plan: Roles and Responsibilities
An incident response plan plays a vital role in managing an incident by making the correct
decisions to bring the situation under control. To design an incident response plan, an
The plan highlights individual roles and responsibilities in the event of the incident. The incident
team members are allocated various duties in ensuring the incident is managed back to normal.
The BCP is a process involving creating a prevention and recovery system from potential threats
to a company (Miller and Engemann, 2019). The process's objective being ensuring that
personnel and the organization's assets are protected and that they recover quickly in the event of
an incident.
These are tools vital in analyzing, alerting, and remediating threats to an organization. The tools
are feed information by the system logs, endpoints alerts, identity systems, network flows, etc.,
in identifying threats. Further, an incident response plan contains a list of critical network and
Chain of custody is the process involved in the maintenance, documentation, and handling of
evidence. The process entails keeping a log of details regarding who was involved in collecting,
handling, transferring, analyzing evidence, and in the investigation (Legal Dictionary, 2019).
Chain of custody plays a crucial role in proving the integrity of a piece of evidence at any given
time. The record of the chain of custody must be presented in courts whenever presenting
Reference
Miller, H. E., & Engemann, K. J. (2019). Business continuity management in data center
Custody. https://www.ncbi.nlm.nih.gov/books/NBK551677/#:~:text=Importance%20of%20the
%20Chain%20of,during%20the%20trial%20if%20required.
Reply 1
Greetings Ditan, thanks for sharing your thoughts on elements that should be included in
an incident response plan. Please permit me to chip in some contributions, especially regarding
the chain of custody. As you've mentioned in your post, the chain of custody is a record
describing the scene, evidence, and personnel involved. A great chain of custody should undergo
the process of taking notes about the time and date of the incident, item description, item(s)
conditions, recovery location, etc. Further, the custody chain should be marked and packaged
and sealing the evidence to prevent tampering. To acquire a chain of custody accuracy and
completeness, the number of individuals handling the evidence should be limited, the names and
ID numbers and dates on the chain of custody documents should be confirmed, ensure proper
sealing of the evidence and are marked before being submitted, and finally, obtained a secure or
signed receipts on transferring the evidence. This ensures that evidence is protected to make it
Reference
Shah, M. S. M. B., Saleem, S., & Zulqarnain, R. (2017). Protecting digital evidence integrity and
preserving the chain of custody. Journal of Digital Forensics, Security and Law, 12(2), 12.
Reply 2:
Hello Tulasi, it was great reading your post. As you've mentioned, the chain of custody plays a
chief role during evidence presented in court. In the digital arena, digital evidence plays a crucial
role in the investigation of a cyber-crime and is used in linking persons with criminal activities.
digital evidence as it moves in the different hierarchical levels (Refe Lone and Mir, 2018). In a
criminal case, the typical evidence log constitutes of date and time of evidence collection, the
name of the investigator, location of the evidence was collected, the reason for the evidence
collection, relevant serial numbers, description of the evidence, the method used in evidence
collection, etc. For the log to be complete, it should have the signatures of parties involved in
possession of the evidence, date and time of evidence transfer, manner with which the evidence
was transferred, security conditions before the transfer, handling and storage of the evidence, etc.
Refe Lone, A. H., & Mir, R. N. (2018). Forensic-chain: ethereum blockchain based digital
CRIMINAL CASE. https://www.justcriminallaw.com/criminal-charges-
questions/2020/08/26/chain-custody-important-criminal-case/