Part 1
It is important to keep an Incident Response Plan (IRP) up-to-date with changes in a business because it plays a major role in business continuity and disaster recovery. An IRP helps an organization minimize risks. It is important to keep the IRP up-to-date because it should reflect significant changes in the organization's environment. The effectiveness of the IRP in helping a business survive the unexpected is deeply tied to how up-to-date it is and consequently its applicability to the situation. The reason for corporations having outdated IRP is because the IRP is a living document that requires revised constantly. Most organizations ignore updating their IRP because they find the work too much for a document that does not serve any significant purpose. Some of the problems of having an IRP that is not up-to-date is that there is a risk of employees not knowing what to classify as incidents. There will also be confusion as to how to respond to security breaches such as what, when, who.
Part 2
As a Chief Information Security Officer for a large corporation some of the communication procedures I would consider utilizing for incident response include creating the chain of command. During an incident, clear communication is essential and should be achieved in the least time possible (Millar et al. 2012). For example, the incident handler would have to notify the system administrator when he classifies the issue as an incident. I would also set procedures of how each team member should contact their counterpart in the organization. I would also include the procedures of forming a crisis command center and who would be part of it and how they would be notified. The communications would show who informs who in the system hierarchy until the information reaches the CISO.
Reference
Millar, T., Tim, G., Paul, C. & Karen, S. (2012) Computer Security Incident Handling Guide. National Institute of Standards and Technology, SP- 800-61.
