GIS information system contingency plan as a key artifact in the cybersecurity management lifecycle

• Autorzy: Kiedrowicz Maciej , Stanik Jerzy

Identyfikatory

DOI

10.57599/gisoj.2024.4.1.39

• Języki publikacji: EN

Abstrakty

EN

The article discusses the methodology of conducting a contingency planning process that an organization can use to develop and maintain a viable contingency planning program for IT/computer GIS systems. The process steps (seven steps) are designed to be integrated into each stage of the GIS lifecycle. This document guides building the organizational chart/structure of a contingency planning team and the persons/roles responsible for preparing and maintaining information system contingency plans (ISCPs). In addition, the article discusses the basic components and processes of a contingency plan, highlights specific considerations and issues related to contingency planning relating to different types of GIS platforms, and provides elements of good practice to help readers develop their ISCPs.

Słowa kluczowe

EN

GIS; contingency plan; contingency planning team

PL

GIS; plany awaryjne; zespół planowania awaryjnego

• Wydawca: SILGIS Association ; Croatian-Polish Scientific Network
• Czasopismo: GIS Odyssey Journal
• Rocznik: 2024
• Tom: Vol. 4, no. 1
• Strony: 39--53
• Opis fizyczny: Bibliogr. 16 poz.

Twórcy

autor

Kiedrowicz Maciej

• Military University of Technology, Faculty of Cybernetics, Warsaw, Poland

• https://orcid.org/0000-0002-4389-0774

autor

Stanik Jerzy

• Military University of Technology, Faculty of Cybernetics, Warsaw, Poland

• https://orcid.org/0000-0002-0162-2579

Bibliografia

• 1. Ahmad A., Bosua R. (2014). Protecting organizational competitive advantage: A knowledge leakage perspective. Computers & Security, vol. 42, pp. 27–39.
• 2. Bhattacharya J. (2015). Quality Risk Management – Understanding and controlling the risk in the pharmaceutical manufacturing industry. International Journal of Pharmaceutical Science Invention, vol. 4, no. 1, pp. 29–4.
• 3. Coresite C. (2016). Hybrid cloud and business continuity planning. https://www.coresite.com/blog/cloud-business-continuity-planning [access: 07.05.2024].
• 4. Cybersecurity Framework v 1.1 – CSF Tools, 2018.
• 5. Czym są dobre praktyki? (What are good practices?) https://metoda.spoledkurs.pl/dobre-praktyki/wprowadzenie/ [access: 07.05.2024].
• 6. Dey M. (2021). Business Continuity Planning (BCP) Methodology-Essential For Every Business. IEEE GCC Conference and Exhibition, pp. 19–22.
• 7. Dobre praktyki (Good practices). https://mfiles.pl/pl/index.php/Dobre_praktyki [access: 07.05.2024].
• 8. Eskola J., Suoranta J. (1998). Johdatus laadulliseen tutkimukseen (An introduction to qualitative research). Vastapaino.
• 9. Kovalainen A., Eriksson P. (2008). Qualitative Methods in Business Research: Narrative Research, in series: Introducing Qualitative Methods. SAGE Publications Ltd. doi: 10.4135/9780857028044.
• 10. NIST SP 800-34, Revision 1 – Contingency Planning Guide for Federal Information Systems, Marianne Swanson.
• 11. NSC 199, Security Categorization Standards – Based on FIPS 199.
• 12. NSC 800-18, Guide for the Development of Information Systems Security Plans in Public Entities – Based on NIST SP 800-18.
• 13. NSC 800-34, Contingency Planning Guide – Based on NIST SP 800-34.
• 14. NSC 800-37, Framework for Risk Management in Organizations and Information Systems. Security and privacy in the system lifecycle – based on NIST SP 800-37.
• 15. NSC 800-61, Computer Security Incident Handling Guide – Based on NIST SP 800-61.
• 16. Patton M.Q. (2002). Qualitative research and evaluation methods, Sage Publications, 2002.