Inferior Communications System and Infrastructure

Reply to the Paragraph below
Of the 8 plans offered in the NIST SP 800-34, select what you think are the most relevant three for a certain type of company. In your contribution, tell us the type and size of company that influenced your decision, and state why you selected those three over the others.
Select the three that you think cover the widest spectrum of resilience.
Respond to both discussions, including their name.
Jesse Saavedra
Discussion 2
COLLAPSE
I work for a mid-size Law Enforcement agency of approximately 150 employees (100 sworn officers and 50 support staff members) and in my career, we have experienced a tornado that partially destroyed our police station, an inferior communications system and infrastructure and threats from the public who feel they have been unfairly treated.
Of the 8 plans offered by the NIST SP 800-34 I believe our agency could have benefited from the following three plans the most:
Continuity of Operations Plan (COOP) to assist us during our displacement created by the tornado that struck our building and made it temporarily unsafe to operate from. I believe with the COOP we could have better addressed the limitations of the temporary structure and focused on those mission essential functions while we repaired the damaged portions of the police station. A Related Disaster Recovery Plan (DRP) would have also been extremely beneficial to assist the agency in returning to its normal operating capacity.
Crisis Communication Plan (CCP) can help significantly in addressing the public during those critical incident exposures that can leave an agency vulnerable as they try to investigate an incident and mitigate public demand for transparency with information that does not compromise the active investigation.
The Critical Infrastructure Plan (CIP) can help with our communications system and infrastructure. We finally received improvements to the local communications grid run by a separate entity, LCRA (Lower Colorado River Authority) and a CIP will help to establish policies and procedures for responding to outages and weak signals affecting critical communications for emergency services during critical incidents.
I chose these three plans over the others because I believe they would have been the most applicable to our agency considering our most recent obstacles. Even a law enforcement agency our size has many different divisions and operational functions and mandated procedures that implementing a version of all 8 plans is possible and probably necessary to address every aspect of the agency to include, evidence storage, transport (physical and digitized) and security of the building structure and digital information (PII, HIPPA, Juvenile, Financial, Victim, Witness) used in communications with other agencies, prosecutors, defense attorneys, insurance companies, local schools and universities, hospitals, and the media.
Cornel Davis
COLLAPSE
When selecting the three most relevant plans from the NIST SP 800-34 for a certain type of company, the type and size of the company must be taken into consideration. For a small business, the most relevant plans would be Contingency Plan, Business Impact Analysis, and Risk Assessment.
The Contingency Plan is a necessary component for any business, regardless of size. This plan outlines the steps to be taken in the event of an emergency, such as a natural disaster, power outage, or other threat. It includes details on how to respond, contact information for key personnel, and steps to restore the company’s operations. The plan also outlines the procedures for testing and exercising the plan to ensure its effectiveness.
The Business Impact Analysis (BIA) is an essential tool for any business. It is a detailed analysis of the organization’s vital operations and processes, as well as their dependencies on each other. It will help identify the potential consequences of disruptions, and the steps that can be taken to mitigate them. Additionally, the BIA can be used to develop a recovery strategy that includes cost and time estimates for restoring operations.
The Risk Assessment is also an important component of a business’s resilience plan. It should be conducted regularly to identify threats and vulnerabilities that could impact the organization’s operations. The assessment should include an analysis of internal and external threats, as well as the organization’s ability to respond. The results of the assessment can then be used to inform the organization’s risk-management strategies.
These three plans are the most relevant for a small business, as they provide the most comprehensive coverage of the organization’s resilience needs. The Contingency Plan provides a roadmap for responding to various incidents, while the BIA and Risk Assessment help identify the potential impacts of such incidents, as well as the steps to mitigate them. Together, these three plans form the foundation of a comprehensive resilience plan that can help ensure the organization’s ongoing success.