You are here: Home Contents V4 N3 V4N3-Davis.html
Personal tools

Incident Response Planning Using Collaboration Engineering Process Development and Validation



Full text

Journal of Information Systems Security
Volume 4, Number 3 (2008)
Pages 2445
ISSN 1551-0123 (Print)
ISSN 1551-0808 (Online)
Alanah J. Davis — University of Nebraska at Omaha, USA
Mehruz Kamal — University of Nebraska at Omaha, USA
Terrance V. Schoonover — University of Nebraska at Omaha, USA
Leah R. Pietron — University of Nebraska at Omaha, USA
Josephine Nabukenya — Radboud University Nijmegen, The Netherlands
Gert-Jan de Vreede — Delft University of Technology, The Netherlands
Information Institute Publishing, Washington DC, USA




Many organizations have plans for incident response strategies as part of their contingency planning process. Of particular interest is the fact that an Incident Response Plan (IRP) is not created by a single individual as it requires the inputs and contributions from a range of organizational experts. However, orchestrating the efforts of a group of experts to produce a comprehensive IRP in a short time-frame can be a challenge. Despite IRP being an essential ingredient in conjuring security planning procedures in organizations, extensive literature reviews have revealed that there are no collaborative processes in place for such a crucial activity. This is where the contribution of this study is apparent. This study proposes a design for a facilitated incident response planning process using technology such as group support systems (GSS). Three sessions were conducted and an analysis of the sessions revealed that the facilitated IRP process design held up strongly in terms of goal attainment and session participant satisfaction. Future research implications entail devising an all-encompassing integrative general approach that would be applicable to any form of corporate security development planning process.




Incident Response Planning, Contingency Planning, Collaboration Engineering, Group Support Systems




Baskerville, R. L. (1999). Investigating information systems with action research. Communications of the AIS, 2(19), 1-32.

Briggs, R. O., de Vreede, G.-J., and Nunamaker Jr., J. F. (2003). Collaboration engineering with thinkLets to pursue sustained success with group support systems. Journal of Management Information Systems, 19(4), 31-64.

Briggs, R. O., Kolfschoten, G. L., de Vreede, G.-J., and Dean, D. L. (2006, August 4-6). Defining key concepts for collaboration engineering. Paper presented at the 12th Americas Conference on Information Systems (AMCIS-12), Acapulco, Mexico

Briggs, R. O., Reinig, B. A., and de Vreede, G.-J. (2006). Meeting satisfaction for technology-supported groups: An empirical validation of a goal-attainment model Small Group Research, 37(6), 585-611. Computer incident response guidebook. (1996). Information Systems Security (INFOSEC) Program Guidelines Module 19 Retrieved October 19, 2006, from http://www.marcorsys /sites/ia/references/don/NAVSO%20P5239-19%20CIRT%20Guide.pdf

de Vreede, G.-J., and Briggs, R. O. (2005). Collaboration engineering: Designing repeatable processes for high-value collaborative tasks. Paper presented at the 38th Annual Hawaii International Conference on Systems Science, Los Alamitos.

de Vreede, G.-J., Fruhling, A., and Chakrapani, A. (2005). A repeatable collaboration process for usability testing. Paper presented at the 38th Hawaii International Conference on System Sciences.

Dhillon, G., Backhouse, J., and Masurkar, V. (2005). Meeting the Information System Security Challenge. Journal of Information Systems Security, 1(1), 1-6.

Foix, R. (2004). Expanding responsibility for incident response. Computerworld, 38, 28.

Kolfschoten, G. L., de Vreede, G.-J., Chakrapani, A., and Koneri, P. (2006, January). The collaboration engineering approach for designing collaboration processes. Paper presented at the First HICSS Symposium on Case and Field Studies of Collaboration, Poipu, Kauai, Hawaii.

Koneri, P. G., de Vreede, G.-J., Dean, D. L., Fruhling, A. L., and Wolcott, P. (2005). The design and field evaluation of a repeatable collaborative software code inspection process Paper presented at the CRIWG, Porto de Galinhas, Pernambuco, Brazil.

Myers, M. D. (2004). Qualitative research in information systems. ISWorld Net Retrieved September, 2007, from Poindexter, D., and St. Laurent, N. (2000). Incident handling at BMDO. The Information Warfare Site (IWS) Retrieved October 19, 2006, from

Polstra, R. M. (2005). Student papers: A case study on how to manage the theft of information. Paper presented at the 2nd Annual Conference on Information Security Curriculum Development (InfoSecCD).

Powanda, E. J., Miksell, S., Nainis, W. S., and James, H. M. (2003). Guidebook for maintaining a secure operating environment. Information Technology Support Center (ITS) Retrieved October 19, 2006, from

Rollason-Reese, R. L. (2003). Incident handling: An orderly response to unexpected events. Paper presented at the 31st Annual ACM SIGUCCS Conference on User Services.

Sausner, R. (2007). There's No Substitute For Good Preparation. Bank Technology News, 20, 32.

Soper, T. (2003). Incident response: Managing security at microsoft: Microsoft Technical White Paper.

Stacey, T. R. (2005). Best practice in contingency planning or contingency planning program maturity. In H. F. Tipton & M. Krause (Eds.), Information Security Management Handbook: CRC Press LLC.

Swanson, M., Wohl, A., Pope, L., Grance, T., Hash, J., and Thomas, R. (2002). Contingency Planning Guide for Information Technology Systems. Washington: National Institute of Standards and Technology

Wack, J. P. (1991). Establishing a computer security incident response capability. Gaithersburg, Md: US National Institute of Standards and Technology.

Zuber-Skerritt, O. (1991). Action research for change and development. Aldershot: Gower Publishing.