Use NIST Special Publication (SP) 800-34 and NIST Special Publication (SP) 800-53 for the Risk Assessment...
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
Use NIST Special Publication (SP) 800-34 and NIST Special Publication (SP) 800-53 for the Risk Assessment framework. NIST SP 800-34 outlines in Chapter 3 Table 3-6 ISCP TT&E Activities. Here is the table: Table 3-6: ISCP TT&E Activities TT&E Event ISCP Training (CP-3) Instruction (CP-3) Contingency Plan Test /Exercise (CP-4) Tabletop Exercise (CP-4) Sample Activity A seminar and/or briefing used to familiarize personnel with the overall ISCP purpose, phases, activities, and roles and responsibilities. Instruction of contingency personnel on their roles and responsibilities within the ISCP and includes refresher training. (For a high-impact system, incorporate simulated events.) FIPS 199 Availability Security Objective Low Impact = Yes Mod. Impact = Yes High Impact = Yes Discussion-based simulation of an emergency situation in an informal, stress- free environment; designed to elicit constructive scenario-based discussions for an examination of the existing ISCP and individual state of preparedness. Low Impact = Yes Mod. Impact = Yes High Impact = Yes Test and/or exercise the contingency plan Low Impact = Yes to determine effectiveness and the organization's readiness. This could include planned and unplanned maintenance activities Mod. Impact = Yes High Impact = Yes Low Impact = Yes Using the same table with three columns (3), briefly research an organization you work at or are affiliated with like MNSU. Detail realistic TT&E events at the organization in column one, explain the sample activity in column two, and place the impact level using FIPS 199 in the last column. Add at least four (4) rows of TT&E events. Use NIST Special Publication (SP) 800-34 and NIST Special Publication (SP) 800-53 for the Risk Assessment framework. NIST SP 800-34 outlines in Chapter 3 Table 3-6 ISCP TT&E Activities. Here is the table: Table 3-6: ISCP TT&E Activities TT&E Event ISCP Training (CP-3) Instruction (CP-3) Contingency Plan Test /Exercise (CP-4) Tabletop Exercise (CP-4) Sample Activity A seminar and/or briefing used to familiarize personnel with the overall ISCP purpose, phases, activities, and roles and responsibilities. Instruction of contingency personnel on their roles and responsibilities within the ISCP and includes refresher training. (For a high-impact system, incorporate simulated events.) FIPS 199 Availability Security Objective Low Impact = Yes Mod. Impact = Yes High Impact = Yes Discussion-based simulation of an emergency situation in an informal, stress- free environment; designed to elicit constructive scenario-based discussions for an examination of the existing ISCP and individual state of preparedness. Low Impact = Yes Mod. Impact = Yes High Impact = Yes Test and/or exercise the contingency plan Low Impact = Yes to determine effectiveness and the organization's readiness. This could include planned and unplanned maintenance activities Mod. Impact = Yes High Impact = Yes Low Impact = Yes Using the same table with three columns (3), briefly research an organization you work at or are affiliated with like MNSU. Detail realistic TT&E events at the organization in column one, explain the sample activity in column two, and place the impact level using FIPS 199 in the last column. Add at least four (4) rows of TT&E events.
Expert Answer:
Answer rating: 100% (QA)
Here is an example of a table with TTE events sample activities and impact levels for an organizatio... View the full answer
Related Book For
Auditing and Assurance Services Understanding the Integrated Audit
ISBN: 978-0471726340
1st edition
Authors: Karen L. Hooks
Posted Date:
Students also viewed these accounting questions
-
Here is the discussion "Consumerism and Planned Obsolescence" The purpose of this discussion is to help you understand the growing concerns surrounding consumerism and how this concept is applied to...
-
This exercise will familiarize you with skill requirements, job descriptions, and salaries for accounting careers. Address: www.careers-in-accounting.com, or go to www.wiley.com/college/weygandt...
-
The chapter discusses Circumstances that Demand Special Risk Assessment attention. Pick 4 of the 8 shown in the exhibit. Explain how these situations might ultimately result in financial statement...
-
You decided to buy a TV set on an installment basis and agree to pay 2, 999 every end of the month, with 18 equal monthly payments at a 2% interest rate. How much are your payments after 18 months?...
-
Nucor Corporation produces steel and steel products at its eight mills and is a major recycler of scrap metal. The following data relate to Nucor for four years. Required: 1. Calculate Nucors ROA for...
-
What is accounting analysis? Explain.
-
Which backup method is the fastest? a. full daily backup c. differential daily backup b. incremental daily backup d. complete daily backup
-
Using Excel or another program, estimate the linear OLS demand regression for the iTunes focus group data in the Managerial Solution. What is the R2? What are the coefficient estimates, the standard...
-
Sandhill Bottling Company reported the following information at the end of the year. Total current assets are worth $239,400 at book value and $220,200 at market value. In addition, plant and...
-
On December 31, the Income Summary account of Davidson Company has a debit balance of $111,000 after revenue of $117,000 and expenses of $228,000 were closed to the account. Jackson Davidson, Drawing...
-
Suppose a hotel decided to add social-media responsiveness to a balanced scorecard for its marketing and customer-service managers. What percentage of the total pay do you think should be based on...
-
You work in a hedge fund and want to acquire the call option embedded in a Convertible Bond in order to have exposure only limited to this specific derivatives instrument. What financial transactions...
-
Write each expression as a single logarithm. 13. log(x2+3x+2)-2log(x+1) 14. log(x+2x-3)-log(x-7x+6)
-
Consider the following table of average annual CRE mortgage rates and yields on 10-year Treasury securities: Year 10-Year U.S. Treasury Yield (%) Mortgage Rate (%) 2000 5.97 8.07 2001 4.99 7.28 2002...
-
make a Project Charter Template with MS Word that consists of the following 11 sections: A. Project Identification (Project Name, Sponsor Name, Project Manager Name) B. Background and Business Needs...
-
How does the integration of cross-functional expertise within multifunctional teams facilitate synergistic collaboration and enhance problem-solving capabilities within complex organizational...
-
Using Johnson's rule for 2-machine scheduling, the sequence is: Scheduled Order Job 1 A 2 3 4 5 6 For the schedule developed using Johnson's rule, the total length of time taken to complete the six...
-
All of the following assets can be depreciated, except: (a) A bulldozer (b) A copper mine (c) A surgical robot (d) A conveyor belt
-
Why are controls in the purchasing, payroll and sales cycles important to the audit of inventory?
-
What would a first-year audit staff member learn from participating in the audit planning meeting of a client to which he or she has been assigned?
-
What is the auditors concern regarding a company that lacks a competent management team?
-
Part 1: Calculating Short-Term Measurements The following annual information is available for Lakewood Industries, an investment center: a. Calculate ROI (return on investment). Base your...
-
Four years ago, based on a pre-tax NPV analysis, Harper Inc. decided to add new equipment with a cost of \(\$ 85,000\), allowing the company to expand its product offerings. The data used in the...
-
For each of the following performance measures, indicate (a) whether the measure is an internal performance measure or an external performance measure and (b) whether the measure primarily relates to...
Study smarter with the SolutionInn App