7-2 Milestone Four: Evaluating Success: Develop a plan to continuously evaluate the success of the contingency plan


In this milestone, you will develop a plan to continuously evaluate the success of the contingency plan. You will create measurable outcomes and criteria by which to measure these outcomes and develop a procedure to continuously evaluate and improve the contingency plan.

To complete this assignment, review the following documents:

Don't use plagiarized sources. Get Your Custom Essay on
Need an answer from similar question? You have just landed to the most confidential, trustful essay writing service to order the paper from.
Just from $11/Page
Order Now


Developing measurable outcomes is crucial for assessing the effectiveness of a contingency plan. In the case of a ransomware incident, several key metrics can be identified to gauge the plan’s success. The first measurable outcome is the Incident Response Time, which refers to the duration required to discover, respond to, and contain a ransomware incident (Zare et al., 2020). The objective is to reduce this response time, enabling a swift and effective response to mitigate the attack’s impact. The Recovery Time Objective (RTO) is another crucial measure. Following a ransomware attack, this metric calculates how long it takes to restore critical systems and carry on with daily operations. Organizations can minimize operational disruption and the financial and reputational losses brought on by extended downtime by setting a clear target for the RTO to ensure a prompt recovery from the attack.

Another important measurable consequence is system availability. It evaluates the percentage of time that authorized personnel can access key systems. Organizations can decrease downtime by boosting system availability, allowing workers to complete their assignments quickly and accurately (Plung, 1980). By ensuring that critical systems are available when required, this objective strives to increase productivity and customer satisfaction. Finally, data loss is crucial for assessing how well a backup plan works. It gauges the quantity of data that a ransomware assault permanently destroys. For data integrity and protecting sensitive information, minimizing data loss is essential. Businesses can safeguard their priceless data assets and lessen the effect of data loss during ransomware by using reliable backup systems and security measures.

Specific criteria must be set to assess each item to gauge the effectiveness of the proposed outcomes for a contingency plan. Various factors can be used to gauge the success of the Incident Response Time, starting with that. Before anything else, it is critical to identify any bottlenecks or delays that may have occurred during the incident response process and assess how they may have affected the total response time and effectiveness (Forster et al., 2012). This analysis will assist in locating potential areas for enhancement and optimization of the response processes. Additionally, assessing how quickly the ransomware incident was found after the initial breach or suspicious activity is important. An attack’s impact can be greatly diminished by prompt identification.

Moving on, several metrics can be used to judge the success of the Recovery Time Objective. It is first vital to confirm that all important system functions have been recovered and evaluate their functioning following the recovery procedure. This assessment confirms that the retrieved systems are operational and meet the necessary criteria. Additionally, it is important to evaluate the availability and effective use of the appropriate personnel, equipment, and software during the recovery process (Zare et al., 2020). The speed of recuperation can be greatly influenced by having the appropriate resources on hand and employing them efficiently.

Several factors can be used to determine whether System Availability was successful. To ascertain whether the predetermined goals were achieved, it is crucial to first contrast the actual system availability with established targets or Service Level Agreements (SLAs) (Forster et al., 2012). This evaluation ensures the achievement of the anticipated levels of system availability. The total system downtime during the prescribed assessment period should also be measured. This criterion offers information about the organization’s real downtime, which aids in locating potential improvement areas.

Finally, specific criteria can be set to evaluate the effects of data loss. The first step in enhancing data security is determining whether any vulnerabilities or flaws in the data protection mechanisms have been found and fixed (Plung, 1980). This evaluation ensures that the company is actively strengthening its data protection strategies. In addition, it is important to examine the level of data loss brought on by the ransomware assault and the success of any preventative measures. The attack’s impact is quantified by this study, which also evaluates the efficiency of the data security safeguards already in place.

A procedure incorporating various measures to evaluate and test the plan’s effectiveness should be established to ensure the ongoing success of the contingency plan and facilitate continuous improvements. Regular monitoring should involve IT staff and security personnel to closely monitor the systems and promptly identify potential vulnerabilities or issues. Also, annual audits should be performed by the IT staff in collaboration with management to assess the overall effectiveness of the contingency plan and identify areas for improvement (Forster et al., 2012). Incident reporting should occur quarterly, involving all staff members, to gather information on incidents or near-misses, enabling the organization to identify trends and take corrective actions.

Stakeholder feedback should be collected annually, involving management and IT staff, to gain insights from key stakeholders on their experience with the contingency plan and to identify areas for enhancement. Security personnel and IT staff should conduct quarterly incident analyses to thoroughly examine incidents, understand the root causes, and implement necessary measures to prevent similar incidents (Zare et al., 2020). Monthly performance metrics should be tracked and analyzed by management to assess the ongoing performance of the contingency plan, enabling proactive adjustments and improvements.

A systemic approach can be used to implement improvements to the contingency plan, which entails several crucial elements. The first approach is performing a comprehensive study and evaluating the current contingency plan. Analyzing incident reports, performance indicators, stakeholder comments, and audit results is part of this process. It is possible to provide a clear roadmap for implementing changes by identifying potential gaps in the plan or areas needing development. Prioritizing the areas for improvement based on their significance and impact is another approach after they have been identified. This approach entails evaluating the risks that could be present in each area and considering the possible effects on system availability, data integrity, and overall company operations. Prioritizing the areas for improvement simplifies distributing resources and concentrating attention on the most important parts of the plan.

The next step is to create precise strategies and action plans for each area that needs improvement, keeping the areas’ priorities in mind. This step could entail improving incident response protocols, adding new technology or security measures, updating, or amending current procedures, or bolstering data backup and recovery procedures. In addition to being adapted to the specific demands and requirements of the firm, the strategies should align with industry best practices (Plung, 1980). Effective coordination and collaboration between many stakeholders are necessary for implementing improvement initiatives. This step involves management, the IT team, security workers, and other pertinent staff members. Communication channels should be set up to ensure all stakeholders know the planned improvements, goals, and expected results. It is crucial to develop a clear knowledge of the adjustments that must be made and the obligations of each stakeholder.

Training and awareness initiatives should ensure employees have the knowledge and skills to support the improvements. This approach could entail educating the public about security best practices, delivering training on improved processes, or doing drills and simulations to gauge the viability of the modified contingency plan.



Forster, A., Dervin, G., Martin Jr., C., & Papp, S. (2012). Improving patient safety through the systematic evaluation of patient outcomes. Canadian Journal of Surgery, 55(6), 418–425. https://doi.org/10.1503/cjs.007811

Plung, D. L. (1980). Writing the Persuasive Business Letter. Journal of Business Communication, 17(3), 45–49. https://doi.org/10.1177/002194368001700305

Zare, H., Wang, P., Zare, M. J., Azadi, M., & Olsen, P. (2020). Business continuity plan and risk assessment analysis in case of a cyber attack disaster in healthcare organizations. Advances in Intelligent Systems and Computing, 137–144. https://doi.org/10.1007/978-3-030-43020-7_19