QUESTION
How often are incident response plans reviewed, updated and discussed internally?
1:17:20
·
47 sec
The Chief Information Security Officer explains that incident response plans are reviewed and updated at least annually as per citywide policy.
- The plans can also be updated more frequently after events like tabletop exercises
- Updates may involve tweaking procedures or playbooks based on changes in agency engagements
- The realignment with the Office of Technology and Innovation has also led to updates
Joann Ariola
1:17:20
Okay.
1:17:20
And how often are they reviewed and updated and
Shahana K. Hanif
1:17:25
where it's,
Joann Ariola
1:17:25
you know, you have an internal conversation about you know, what's working, what isn't.
1:17:29
So how how many times is that done?
Kelly Moan
1:17:31
So we have city wide policy for incident response plans, and We update and also in that policy, I believe.
1:17:40
It's no fewer than annually.
1:17:43
Needs to be updated, but in in reality, updates could come in the form of post tabletop exercise, testing the plan, realizing we need a tweak you know, this this playbook line item versus, you know, a procedure because the nature of a agency engagement has changed or, you know, we've updated considerably since the realignment with OTI has taken place as well.
