Week 2 Project 1 part 1
This risk management plan was called into development by the DLIS or the Defense Logistics Information Agency, a sub organization of the Defense Logistics Agency. Senior management at the DLIS has determined that the previous risk management plan for the organization is out of date and that a new risk management plan must be developed. Due to the importance of risk management to our organization, senior management is committed to and supportive of this project to develop a new plan.
This plan as sanctioned by senior management of the DLIS will cover compliance laws and regulations that pertain to our organization. It will identify key roles and responsibilities of individuals and departments within the organization as they pertain to risk management. It will develop a ...view middle of the document...
I. Control Objectives for Information and Related Technology, contains good practices for IT management provided by ISACA. Provides a extensive framework for ensuring your IT is being used to support your organization in the best possible manner.
Key Responsible individuals:
A. IT manager –planning, budgeting, performance of information systems security.
B. Senior Management- Organizational risk as a whole, funding for project.
C. Risk Manager – Development and implementation of Risk management plan.
D. Audit Team – Internal audits, scheduling of external audits, compliance with laws.
Schedule for planning process:
Rough Draft – 01/15/2014
Risk Assessment Plan – 01/25/2014
Risk Mitigation Plan – 02/05/2014
Business Impact Analysis Plan – 02/11/2014
Disaster Recovery Plan – 02/25/2014
Response Team Plan – 02/29/2014
Final Draft – 03/11/2014
Risk Management Report:
The following risk management report is compiled at the request of Senior Management of the DLIS. Step one in this plan will be to ensure that all department heads are COBIT and FISMA compliant and that all Key Responsible Individuals mentioned in section 5 of this document receive hard and digital copies of both laws in order to facilitate the compliance that is so readily needed. Secondly in the following weeks a breakdown of the plan will be delivered in various drafts including the following plans; Risk Assessment, Risk Mitigation, Business Impact Analysis, Business Continuity, Disaster Recovery, Computer Incident Response. These reports here by will be compiled on the last scheduled planning week detailed in part 6 of this document into a single document for final review by Senior management, Defense Logistics Agency officials, and ultimately the Department Of Defense for final approval. The ultimate goal of this plan is to decrease the amount of risk for the DLIS so that we may function in serving to enhance the lives of America’s warfighters, stewardship of the world’s oceans, and increase employment in America’s workforce