question archive Can I get some help, please? You have been hired by a defense contractor to assess the organization's disaster recovery plan (DRP) and business continuity plan (BCP)
Subject:Computer SciencePrice: Bought3
You have been hired by a defense contractor to assess the organization's disaster recovery plan (DRP) and business continuity plan (BCP). During the assessment phase, you find that the organization has no web or SPAM filter mechanism in place. During the briefing, you mention that you could easily fix the issue for less than $2,500. The chief financial officer (CFO) states that they do not have the money in the budget and that the recent government shutdown has caused a serious cash-flow problem. The CFO asks that you leave out any mention of the need for a web or SPAM filter in your final report.
A short time later, the organization is struck with a severe security breach causing a major loss of proprietary data. The incident response team determines that the breach was caused by a careless employee opening a SPAM e-mail and clicking on an infected link within the message.
Your senior manager calls you into the office and explains that the president of the organization is considering legal action against your company due to negligence in your assessment. You defend yourself by stating that the CFO had asked that you not mention the need for either the web or SPAM filter to be used. The senior manager asks if you have any proof of the conversation.
Explain whether or not you have ever been asked to prove something that you knew to be true and factual. If you were in that situation, how would you handle it?