I agree that it would be nice if we could schedule and plan all of our
emergencies according to policy. :-)
that's the whole point of an inclusive policy
to allow you to have a framework for dealing with the unknown.
when we were designing major incident policies we would sit down and
do "what if" sessions which could get pretty wild
ie "what if the British Petroleum compound at Grangemouth goes up in
flames and turns central scotland into a tar-pit"
and come up with a solution accordingly
now, in the area of operations that you are currently debating there
is a limited amount of things that can happen and they can be fully
identified with a proper approach
-attack trees &c
the british army has a phrase which applies here
"proper planning prevents piss poor performance"
the american simile for this situation would be "clusterfuck"
have a nice day
On Thu, 3 Mar 2005 23:15:15 +0000 GMT, Jason Coombs <jasonc@science.org> wrote:
Matt wrote:
In a good company Incidence
Response isn't dictated by any of
what you said above. It's dictated
by policy.
Good point. Even in a good company, though, incident response often occurs
outside of policy.
An incident response professional who works for clients during emergencies is
presented with variables and circumstances with which to contend, not a
policy playbook to follow.
I agree that it would be nice if we could schedule and plan all of our
emergencies according to policy. :-)
Cheers,
Jason Coombs
jasonc@science.org
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
