Computer forensics and investigations Essay Example | Topics and Well Written Essays - 2000 words

Computer forensics and investigations - Essay Example After identifying the risks, the paper goes on to name an example of legislation, which can be used against the company, in this case the Cookie law. Finally, the employee contract at the company needs to be studied with the aim of making a prospective employee be aware of these risks and know how to manage them without claiming ignorance. Question # 1 Forensic Readiness Planning Business Continuity Planning, and Their Testing Both forensic readiness planning and business continuity planning help a company in dealing with the effects of interruptions to their operations. Business continuity planning identifies the exposure of an organization to external and internal threats while synthesizing soft and hard assets to give the organization effective protection and recovery from these threats (Nelson, 2012, p. 23). It does this while maintaining the organization’s value system integrity and competitive advantage. A BCP acts as a roadmap on how to continue operations under adverse conditions. Forensic readiness planning, on the other hand, involves enabling an organization to have digital evidence available before the occurrence of an incident. Since digital evidence could be requested at any time in support of a formal process, an organization needs to have access to all evidence that supports its position in case such an occurrence takes place. While BCP encompasses an extensive range of threats to the organization’s operations, FRP is mainly concerned with the threat brought about by formal requests for digital evidence. An organization requires both an FRP and a BCP because they offer slightly different forms of protection to the company, both of which are vital and interdependent. Business continuity planning involves the development of a practical plan detailing how the organization will prepare for, while continuing to operate, a crisis or incident. The plan aids the organization to identify preventable risks, prepare for risks beyond its contr ol, and respond to the occurrence of a risk. Forensic readiness planning deals specifically with the availability of the organization’s digital data if needed as evidence. It allows for the gathering of admissible evidence in a legal manner that does not interfere with business operations. FRP specifically prepares the organization for legal battles that may involve its digital data by gathering evidence on potential disputes and crimes that may impact it (Nelson, 2012, p. 25). Having both an FRP and a BCP increases the sense of security among the organization’s clients, personnel, suppliers, partners, investors, and vendors. When an organization plans for the occurrence of risks, these stakeholders can carry on with their duties with a sense of security. Planning allows the organization to consider the effects of interruptions to its operations while making priorities for the recovery process. It also helps the personnel learn what to do when interruption occurs, in o rder to minimize data loss and disruption. An organization’s FRP and BCP need to be tested often in order to enforce them and make adjustments. Most companies that practice these plans conduct bi-annual tests on them during which a mock ‘drill’ is performed for a specific risk. Over time, personnel may change, and the new staff requires to be initiated. Old staff also needs to be re-informed on the plans once in a while, with the most excellent method to do this being to visualize