Introduction

Companies today face a wide variety of problems that can result in loss for the company. Risk involves events that provide the possibility of loss, and may result from any number of sources such as storms, theft, hackers, or anything else that has the probability of harming a company. To deal with these risks, risk management can be used to identify and deal with potential problems before they occur.

When significant risks occur in the form of disasters, disaster recovery plans and business continuity plans may be used to recover and restore normal business functions. Disaster recovery plans focus on restoring information systems after a disaster occurs, and provides preparation and insight when recovering from such incidents. Business continuity plans identify key functions of an organization, and implement processes and procedures that ensure these functions will not be interrupted long after an incident.

In some instances, additional measures may need to be taken to investigate the incident and determine who was responsible, how the incident occurred, and what should be done about it. By using set procedures, such investigations may incorporate computer forensic techniques for the collection, examination, preservation, and presentation of evidence. Information acquired through forensic procedures can be used in the investigation of internal problems, or for criminal or civil cases.

As will be seen in this chapter, by approaching various threats as something that can be minimized, investigated, and (to a degree) controlled, the possibility of suffering significant damage is lowered. In doing so, a company becomes safer and more secure, and may avoid similar incidents in the future.