I. Why is costing information (for example, the calculation of WIP inventory valuation) important to financial reporting?
II. We discussed the firm`s perspective on security incident handling and introduced NIST`s security Incident Response Life Cycle (IRLC). (Prepare - Discover & Analysis - Containment, Eradication & Recovery - Post-Incident Activities)
Have you or people around you ever experienced a security breach? Using the IRLC and share your experience.
1. How prepared were you before the incident? (Prior training? knowledge? controls?)
2. How was the incident discovered and analyzed?
3. How did you contain, eradicate and recover from the incident?
4. Any post-incident activities were performed? What did you learn from the incident?
5. Share your experience and evaluate your "cybersecurity incident handling" using the CMM General Model, how mature was your incident handling capability? Briefly explain why.