SlideShare ist ein Scribd-Unternehmen logo

Incident Mgmt Nov 08

E
empower

The document discusses incident management at eHealth Ontario. It defines privacy incidents, security incidents, and privacy breaches. It outlines eHealth Ontario's incident management framework, activities, and metrics. It also discusses developing incident response capabilities, the incident initiation process, and lessons learned around effective incident management.

TechnologieBusiness
1 von 20
Incident Management Michael Power eHealth Ontario IAPP KnowledgeNet Toronto, Ontario November 2008
Notes ,[object Object],[object Object],[object Object]
What’s involved… > Identify, contain, triage & remedy incidents. > Short term: Contain damage; Restore normal operations. > Long term: Avoid problems in future.
Privacy Incident : One or more events that may involve the unauthorized use, collection, disclosure, or disposal of personal or personal health information. Distinct from “breach”.
Security Incident : One or more events that have a significant probability of compromising business operations or threatening an organization’s information security .
Privacy Breach : One or more events confirmed to involve, or having a high probability of involving, the unauthorized use, collection, disclosure, or disposal of personal or personal health information.
Not every event is an incident. Internal – High Client - All Missing Equipment All Un-authorized Use Medium Privacy Medium Network Attack High Malware Severity to Trigger ESPIM Incident Type
Incident Management Framework ,[object Object],[object Object],[object Object],[object Object],[object Object]
Developing Tactical Incident Management Capabilities ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Incident Management Initiation Process ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Incident Management: Activities ,[object Object],Triage and Re-classification Analyze Cause Develop Workaround Service Recovery Root Cause Analysis Develop Solution Implement & Roll-out 1 2 3 4 5 6 7 8 Division Dept Responsible Consult Inform Accountable Helpdesk Help Desk Receives a call Operations Create RFC Test & implement Privacy & Security Investigate & diagnose Identify workaround, test and document details, risks and impact Implement workaround Determine root cause and escalate Security operations Re-classify the incident and escalate Common Activities – Communications
Planning for Incident Management
Developing an Incident Management Model
EHealth Ontario ESPIM Team Structure
Metrics ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Breach Communication Messages ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Problem…People ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Service Providers ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Lessons Learned ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Questions? ,[object Object],[object Object],[object Object],[object Object]

Empfohlen

Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Management
Nikhil Soni
 
Cybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guideCybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guide
JoAnna Cheshire
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize Risk
AlienVault
 
Remote Deposit Capture Risk Management & FFIEC Complaince
Remote Deposit Capture Risk Management & FFIEC ComplainceRemote Deposit Capture Risk Management & FFIEC Complaince
Remote Deposit Capture Risk Management & FFIEC Complaince
JTLeekley
 
Enterprise security incident management
Enterprise security incident managementEnterprise security incident management
Enterprise security incident management
zapp0
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management
Ersoy AKSOY
 
Web Application Vulnerability Management
Web Application Vulnerability ManagementWeb Application Vulnerability Management
Web Application Vulnerability Management
jpubal
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management Program
Sasha Nunke
 

Empfohlen

Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Management
Nikhil Soni
 
Cybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guideCybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guide
JoAnna Cheshire
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize Risk
AlienVault
 
Remote Deposit Capture Risk Management & FFIEC Complaince
Remote Deposit Capture Risk Management & FFIEC ComplainceRemote Deposit Capture Risk Management & FFIEC Complaince
Remote Deposit Capture Risk Management & FFIEC Complaince
JTLeekley
 
Enterprise security incident management
Enterprise security incident managementEnterprise security incident management
Enterprise security incident management
zapp0
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management
Ersoy AKSOY
 
Web Application Vulnerability Management
Web Application Vulnerability ManagementWeb Application Vulnerability Management
Web Application Vulnerability Management
jpubal
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management Program
Sasha Nunke
 
Enterprise incident response 2017
Enterprise incident response 2017Enterprise incident response 2017
Enterprise incident response 2017
zapp0
 
10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program
BeyondTrust
 
Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability Management
Vicky Ames
 
Enterprise security management II
Enterprise security management IIEnterprise security management II
Enterprise security management II
zapp0
 
Tips for IT Risk Management Prof. Hernan Huwyler Information Security Institute
Tips for IT Risk Management Prof. Hernan Huwyler Information Security InstituteTips for IT Risk Management Prof. Hernan Huwyler Information Security Institute
Tips for IT Risk Management Prof. Hernan Huwyler Information Security Institute
Hernan Huwyler, MBA CPA
 
DeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without ItDeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without It
Emerson Exchange
 
Risk Assessment And Management
Risk Assessment And ManagementRisk Assessment And Management
Risk Assessment And Management
vikasraina
 
Risk Management Methodology - Copy
Risk Management Methodology - CopyRisk Management Methodology - Copy
Risk Management Methodology - Copy
Rabah Odeh ITIL 5.0-OCP-CISA-PMP-OCP..etc
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Management
tschraider
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
CAS
 
Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?
Skybox Security
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
Piyush Jain
 
Risk Assessments
Risk AssessmentsRisk Assessments
Risk Assessments
JoAnna Cheshire
 
IT Risk Management & Leadership 23 - 26 June 2013 Dubai
IT Risk Management & Leadership 23 - 26 June 2013 DubaiIT Risk Management & Leadership 23 - 26 June 2013 Dubai
IT Risk Management & Leadership 23 - 26 June 2013 Dubai
360 BSI
 
Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala ...
Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala ...Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala ...
Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala ...
360 BSI
 
Hernan Huwyler - 10 risk concepts to throw on the bonfire
Hernan Huwyler - 10 risk concepts to throw on the bonfireHernan Huwyler - 10 risk concepts to throw on the bonfire
Hernan Huwyler - 10 risk concepts to throw on the bonfire
Hernan Huwyler, MBA CPA
 
Web Application Security Vulnerability Management Framework
Web Application Security Vulnerability Management FrameworkWeb Application Security Vulnerability Management Framework
Web Application Security Vulnerability Management Framework
jpubal
 
Quantitative Data-Driven Risk Management and Internal Audit
Quantitative Data-Driven Risk Management and Internal AuditQuantitative Data-Driven Risk Management and Internal Audit
Quantitative Data-Driven Risk Management and Internal Audit
Hernan Huwyler, MBA CPA
 
Challenges of Vulnerability Management
Challenges of Vulnerability Management Challenges of Vulnerability Management
Challenges of Vulnerability Management
Rahul Neel Mani
 
Strategy Insights - How to Quantify IT Risks
Strategy Insights - How to Quantify IT Risks Strategy Insights - How to Quantify IT Risks
Strategy Insights - How to Quantify IT Risks
Hernan Huwyler, MBA CPA
 
Developing a Privacy Culture in Health Care Organizations:The Experiences of ...
Developing a Privacy Culture in Health Care Organizations:The Experiences of ...Developing a Privacy Culture in Health Care Organizations:The Experiences of ...
Developing a Privacy Culture in Health Care Organizations:The Experiences of ...
empower
 
Incident response before:after breach
Incident response before:after breachIncident response before:after breach
Incident response before:after breach
Sumedt Jitpukdebodin
 

Weitere ähnliche Inhalte

Was ist angesagt?

Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability Management
Vicky Ames
 
Tips for IT Risk Management Prof. Hernan Huwyler Information Security Institute
Tips for IT Risk Management Prof. Hernan Huwyler Information Security InstituteTips for IT Risk Management Prof. Hernan Huwyler Information Security Institute
Tips for IT Risk Management Prof. Hernan Huwyler Information Security Institute
Hernan Huwyler, MBA CPA
 
DeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without ItDeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without It
Emerson Exchange
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Management
tschraider
 
IT Risk Management & Leadership 23 - 26 June 2013 Dubai
IT Risk Management & Leadership 23 - 26 June 2013 DubaiIT Risk Management & Leadership 23 - 26 June 2013 Dubai
IT Risk Management & Leadership 23 - 26 June 2013 Dubai
360 BSI
 
Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala ...
Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala ...Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala ...
Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala ...
360 BSI
 
Quantitative Data-Driven Risk Management and Internal Audit
Quantitative Data-Driven Risk Management and Internal AuditQuantitative Data-Driven Risk Management and Internal Audit
Quantitative Data-Driven Risk Management and Internal Audit
Hernan Huwyler, MBA CPA
 

Was ist angesagt? (20)

Enterprise incident response 2017
Enterprise incident response 2017Enterprise incident response 2017
Enterprise incident response 2017
 
10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program
 
Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability Management
 
Enterprise security management II
Enterprise security management IIEnterprise security management II
Enterprise security management II
 
Tips for IT Risk Management Prof. Hernan Huwyler Information Security Institute
Tips for IT Risk Management Prof. Hernan Huwyler Information Security InstituteTips for IT Risk Management Prof. Hernan Huwyler Information Security Institute
Tips for IT Risk Management Prof. Hernan Huwyler Information Security Institute
 
DeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without ItDeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without It
 
Risk Assessment And Management
Risk Assessment And ManagementRisk Assessment And Management
Risk Assessment And Management
 
Risk Management Methodology - Copy
Risk Management Methodology - CopyRisk Management Methodology - Copy
Risk Management Methodology - Copy
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Management
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
 
Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
 
Risk Assessments
Risk AssessmentsRisk Assessments
Risk Assessments
 
IT Risk Management & Leadership 23 - 26 June 2013 Dubai
IT Risk Management & Leadership 23 - 26 June 2013 DubaiIT Risk Management & Leadership 23 - 26 June 2013 Dubai
IT Risk Management & Leadership 23 - 26 June 2013 Dubai
 
Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala ...
Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala ...Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala ...
Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala ...
 
Hernan Huwyler - 10 risk concepts to throw on the bonfire
Hernan Huwyler - 10 risk concepts to throw on the bonfireHernan Huwyler - 10 risk concepts to throw on the bonfire
Hernan Huwyler - 10 risk concepts to throw on the bonfire
 
Web Application Security Vulnerability Management Framework
Web Application Security Vulnerability Management FrameworkWeb Application Security Vulnerability Management Framework
Web Application Security Vulnerability Management Framework
 
Quantitative Data-Driven Risk Management and Internal Audit
Quantitative Data-Driven Risk Management and Internal AuditQuantitative Data-Driven Risk Management and Internal Audit
Quantitative Data-Driven Risk Management and Internal Audit
 
Challenges of Vulnerability Management
Challenges of Vulnerability Management Challenges of Vulnerability Management
Challenges of Vulnerability Management
 
Strategy Insights - How to Quantify IT Risks
Strategy Insights - How to Quantify IT Risks Strategy Insights - How to Quantify IT Risks
Strategy Insights - How to Quantify IT Risks
 

Andere mochten auch

C-TPAT Fciq presentation 20121018 updated
C-TPAT Fciq presentation 20121018 updatedC-TPAT Fciq presentation 20121018 updated
C-TPAT Fciq presentation 20121018 updated
aryane
 
Incident Investigation Training by Zenith
Incident Investigation Training by ZenithIncident Investigation Training by Zenith
Incident Investigation Training by Zenith
Atlantic Training, LLC.
 
New Mock Drill Ppt from Nokia fALU Plot 25
New Mock Drill Ppt from Nokia fALU Plot 25New Mock Drill Ppt from Nokia fALU Plot 25
New Mock Drill Ppt from Nokia fALU Plot 25
Aritro Mukherjee
 
Incident investigation and reporting
Incident investigation and reportingIncident investigation and reporting
Incident investigation and reporting
Jillian Bower
 
NGI-Incident Reporting
NGI-Incident ReportingNGI-Incident Reporting
NGI-Incident Reporting
lifecombo
 
Incident Response Triage
Incident Response TriageIncident Response Triage
Incident Response Triage
Albert Hui
 
Incident & Accident Reporting
Incident & Accident ReportingIncident & Accident Reporting
Incident & Accident Reporting
87amanda
 

Andere mochten auch (18)

Developing a Privacy Culture in Health Care Organizations:The Experiences of ...
Developing a Privacy Culture in Health Care Organizations:The Experiences of ...Developing a Privacy Culture in Health Care Organizations:The Experiences of ...
Developing a Privacy Culture in Health Care Organizations:The Experiences of ...
 
Incident response before:after breach
Incident response before:after breachIncident response before:after breach
Incident response before:after breach
 
Splunk Webinar Best Practices für Incident Investigation
Splunk Webinar Best Practices für Incident InvestigationSplunk Webinar Best Practices für Incident Investigation
Splunk Webinar Best Practices für Incident Investigation
 
C-TPAT Fciq presentation 20121018 updated
C-TPAT Fciq presentation 20121018 updatedC-TPAT Fciq presentation 20121018 updated
C-TPAT Fciq presentation 20121018 updated
 
Drowning Incident Analysis
Drowning Incident AnalysisDrowning Incident Analysis
Drowning Incident Analysis
 
Incident Investigation Training by Zenith
Incident Investigation Training by ZenithIncident Investigation Training by Zenith
Incident Investigation Training by Zenith
 
New Mock Drill Ppt from Nokia fALU Plot 25
New Mock Drill Ppt from Nokia fALU Plot 25New Mock Drill Ppt from Nokia fALU Plot 25
New Mock Drill Ppt from Nokia fALU Plot 25
 
Incident investigation and reporting
Incident investigation and reportingIncident investigation and reporting
Incident investigation and reporting
 
A Guide to Effective Incident Investigation
A Guide to Effective Incident InvestigationA Guide to Effective Incident Investigation
A Guide to Effective Incident Investigation
 
NGI-Incident Reporting
NGI-Incident ReportingNGI-Incident Reporting
NGI-Incident Reporting
 
Incident Response Swimlanes
Incident Response SwimlanesIncident Response Swimlanes
Incident Response Swimlanes
 
The Six Stages of Incident Response
The Six Stages of Incident Response The Six Stages of Incident Response
The Six Stages of Incident Response
 
Incident Response Triage
Incident Response TriageIncident Response Triage
Incident Response Triage
 
Operational risk & incident reporting
Operational risk & incident reportingOperational risk & incident reporting
Operational risk & incident reporting
 
Incident reports
Incident reportsIncident reports
Incident reports
 
Incident & Accident Reporting
Incident & Accident ReportingIncident & Accident Reporting
Incident & Accident Reporting
 
Incident reporting
Incident reportingIncident reporting
Incident reporting
 
Accident reporting ,investigation & analysis (cif&b)
Accident reporting ,investigation & analysis (cif&b)Accident reporting ,investigation & analysis (cif&b)
Accident reporting ,investigation & analysis (cif&b)
 

Ähnlich wie Incident Mgmt Nov 08

u10a1-Risk Assessment Report-Beji Jacob
u10a1-Risk Assessment Report-Beji Jacobu10a1-Risk Assessment Report-Beji Jacob
u10a1-Risk Assessment Report-Beji Jacob
Beji Jacob
 
IT 552 Module Five Assignment Rubric The purpose of t.docx
IT 552 Module Five Assignment Rubric The purpose of t.docxIT 552 Module Five Assignment Rubric The purpose of t.docx
IT 552 Module Five Assignment Rubric The purpose of t.docx
christiandean12115
 
11-Incident Response, Risk Management Sample Question and Answer-24-06-2023.ppt
11-Incident Response, Risk Management Sample Question and Answer-24-06-2023.ppt11-Incident Response, Risk Management Sample Question and Answer-24-06-2023.ppt
11-Incident Response, Risk Management Sample Question and Answer-24-06-2023.ppt
abhichowdary16
 
BUSINESS IMPACT ANALYSIS For the project work, we .docx
BUSINESS IMPACT ANALYSIS For the project work, we .docxBUSINESS IMPACT ANALYSIS For the project work, we .docx
BUSINESS IMPACT ANALYSIS For the project work, we .docx
felicidaddinwoodie
 
Cyber security guide
Cyber security guideCyber security guide
Cyber security guide
Mark Bennett
 
Discussion Forum.300 wordsInclude at least. words in your po
Discussion Forum.300 wordsInclude at least. words in your poDiscussion Forum.300 wordsInclude at least. words in your po
Discussion Forum.300 wordsInclude at least. words in your po
widdowsonerica
 
Incident Management PowerPoint Presentation Slides
Incident Management PowerPoint Presentation SlidesIncident Management PowerPoint Presentation Slides
Incident Management PowerPoint Presentation Slides
SlideTeam
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of security
ciso_insights
 
Ingenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceIngenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM compliance
Sami Benafia
 
ITIL Incident Management Workflow PowerPoint Presentation Slides
ITIL Incident Management Workflow PowerPoint Presentation SlidesITIL Incident Management Workflow PowerPoint Presentation Slides
ITIL Incident Management Workflow PowerPoint Presentation Slides
SlideTeam
 

Ähnlich wie Incident Mgmt Nov 08 (20)

u10a1-Risk Assessment Report-Beji Jacob
u10a1-Risk Assessment Report-Beji Jacobu10a1-Risk Assessment Report-Beji Jacob
u10a1-Risk Assessment Report-Beji Jacob
 
IT 552 Module Five Assignment Rubric The purpose of t.docx
IT 552 Module Five Assignment Rubric The purpose of t.docxIT 552 Module Five Assignment Rubric The purpose of t.docx
IT 552 Module Five Assignment Rubric The purpose of t.docx
 
11-Incident Response, Risk Management Sample Question and Answer-24-06-2023.ppt
11-Incident Response, Risk Management Sample Question and Answer-24-06-2023.ppt11-Incident Response, Risk Management Sample Question and Answer-24-06-2023.ppt
11-Incident Response, Risk Management Sample Question and Answer-24-06-2023.ppt
 
ISACA Belgium CERT view 2011
ISACA Belgium CERT view 2011ISACA Belgium CERT view 2011
ISACA Belgium CERT view 2011
 
BUSINESS IMPACT ANALYSIS For the project work, we .docx
BUSINESS IMPACT ANALYSIS For the project work, we .docxBUSINESS IMPACT ANALYSIS For the project work, we .docx
BUSINESS IMPACT ANALYSIS For the project work, we .docx
 
Cyber security guide
Cyber security guideCyber security guide
Cyber security guide
 
Discussion Forum.300 wordsInclude at least. words in your po
Discussion Forum.300 wordsInclude at least. words in your poDiscussion Forum.300 wordsInclude at least. words in your po
Discussion Forum.300 wordsInclude at least. words in your po
 
IT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoIT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John Lado
 
Qatar Proposal
Qatar ProposalQatar Proposal
Qatar Proposal
 
Icab lectures chapter 5 & 6, Business and Finance, ICAB
Icab lectures chapter 5 & 6, Business and Finance, ICABIcab lectures chapter 5 & 6, Business and Finance, ICAB
Icab lectures chapter 5 & 6, Business and Finance, ICAB
 
Incident Management PowerPoint Presentation Slides
Incident Management PowerPoint Presentation SlidesIncident Management PowerPoint Presentation Slides
Incident Management PowerPoint Presentation Slides
 
Breach response
Breach responseBreach response
Breach response
 
Risk management
Risk managementRisk management
Risk management
 
Disaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA frameworkDisaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA framework
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
 
case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of security
 
Practical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfPractical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdf
 
Ingenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceIngenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM compliance
 
ITIL Incident Management Workflow PowerPoint Presentation Slides
ITIL Incident Management Workflow PowerPoint Presentation SlidesITIL Incident Management Workflow PowerPoint Presentation Slides
ITIL Incident Management Workflow PowerPoint Presentation Slides
 

Kürzlich hochgeladen

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 

Kürzlich hochgeladen (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 

Incident Mgmt Nov 08

  • 1. Incident Management Michael Power eHealth Ontario IAPP KnowledgeNet Toronto, Ontario November 2008
  • 2.
  • 3. What’s involved… > Identify, contain, triage & remedy incidents. > Short term: Contain damage; Restore normal operations. > Long term: Avoid problems in future.
  • 4. Privacy Incident : One or more events that may involve the unauthorized use, collection, disclosure, or disposal of personal or personal health information. Distinct from “breach”.
  • 5. Security Incident : One or more events that have a significant probability of compromising business operations or threatening an organization’s information security .
  • 6. Privacy Breach : One or more events confirmed to involve, or having a high probability of involving, the unauthorized use, collection, disclosure, or disposal of personal or personal health information.
  • 7. Not every event is an incident. Internal – High Client - All Missing Equipment All Un-authorized Use Medium Privacy Medium Network Attack High Malware Severity to Trigger ESPIM Incident Type
  • 8.
  • 9.
  • 10.
  • 11.
  • 12. Planning for Incident Management
  • 13. Developing an Incident Management Model
  • 14. EHealth Ontario ESPIM Team Structure
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.