ABSTRACT

The XYZ Company requires the performance of computer security services on a major application operating in a time-shared and networked environment. Federal laws, regulations, and corporate standards applicable to security analyses, security plans, testing, and the certification and accreditation process will be followed. The certification and accreditation effort will identify and evaluate ABC System hardware and software assets, organizational personnel structure, and continuity of operations, emergency action, business resumption, and disaster recovery plans and procedures currently in effect for the system. Using this information, a preliminary contingency plan will identify roles and responsibilities, critical files, backup procedures, restoration procedures, offsite storage locations, and a list of hardware and software needed to restore the system. The contractor will assist XYZ Company staff personnel in providing training to personnel and in testing and implementing developed contingency plans.