Browse
Search
2022-077-E-IT Dept-PUBLIC LIBRARY ASSOCIATION, a divison of the American Library Association-Digital learning
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2020's
>
2022
>
2022-077-E-IT Dept-PUBLIC LIBRARY ASSOCIATION, a divison of the American Library Association-Digital learning
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
2/23/2022 3:05:36 PM
Creation date
2/23/2022 3:00:56 PM
Metadata
Fields
Template:
Contract
Date
2/15/2022
Contract Starting Date
2/15/2022
Contract Ending Date
2/23/2022
Contract Document Type
Contract
Amount
$15,000.00
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
106
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DocuSign Envelope ID:24BBAFA9-CD81-4144-ACEF-E9036E703739 <br /> The plan will address specific incident response procedures, business recovery and continuity <br /> procedures, data backup processes, roles and responsibilities, and communication and contact strategies <br /> (e.g., informing HHS and State/Local authorities). <br /> The intent of the Incident Response Plan is to mitigate risk, and the company will respond to incidents <br /> according to the following priorities: <br /> • Human life and safety. <br /> • Sensitive or mission-critical systems and data. <br /> • Other systems and data. <br /> • Damage to systems and data. <br /> • Disruption to access or services. Specifically, this Incident Response Plan (IRP) is designed to: <br /> • Reduce potential direct and indirect financial loss from network intrusions. <br /> • Mitigate operational impact from cyber incidents. <br /> • Comply with regulatory requirements for information security. <br /> • Identify and respond to rogue devices (including wireless access devices)on networks. <br /> • Meet industry best practices as published by the FBI and National Infrastructure Protection <br /> Center(NIPC). <br /> Jende Solutions characterizes cyber incidents as any unwanted, or in some instances, unexplained <br /> network or system behavior. Jende Solutions segments these incidents into the following categories <br /> consistent with definitions published by the National Infrastructure Protection Center(NIPC): <br /> • Increased access to information assets <br /> • Unauthorized disclosure of information <br /> • Corruption of information <br /> • Denial of Service <br /> • Theft of IT resources <br /> The plan will include: <br /> • Roles, responsibilities, and communication strategies in the event of a compromise to include <br /> designation of an Incident Response Team (IRT). <br /> • Coverage and responses for all critical system components. <br /> • Establish a formal process to report incidents and track response activities <br /> • Guide response in the following phases: <br /> • Preparation <br /> • Identification <br /> • Containment <br /> • Eradication <br /> • Recovery <br /> • Follow-up/ Lessons Learned <br /> • Define escalation processes. <br /> • Procedures to conduct a post event review to determine the cause and guide control <br /> enhancements. <br /> • Procedures for notification, at a minimum, of covered entity and if applicable HHS/OCR. <br /> • A strategy for business continuity post compromise. <br /> • Reference or inclusion of incident response procedures from the covered entity and if applicable <br /> HHS/OCR. <br /> • An analysis of legal requirements for reporting compromises as required by State Privacy laws <br /> Jende Solutions will ensure: <br /> • Integrate event escalation procedures to identify incidents that require declaration of an incident. <br /> • Notice will be provided to proper authorities if sensitive data is compromised (See Appendix A for <br /> contact numbers). <br />
The URL can be used to link to this page
Your browser does not support the video tag.