1. ANSI/ISA Workshop Chapter 4: External Communications and Crisis Management Team

2. Chapter 4: Questions for your external communications and crisis management team Question 4.1 Do we fully understand the overall financial impact of mishandling communications with our key stakeholders following a cyber security event? 4.2 Have we evaluated the appropriate communications responses to our key stakeholders? 4.3 Do you have a documented, proactive crisis communication plan? 4.4 Have we identified and trained all the internal resources required to execute the communications plan? 4.5 Do we have a template timeline for executing the communications plan? 4.6 do we have contacts at specialist crisis communications firms if we need their services? 4.7 In the case of a cyber security event involving PII, do we have a system in place to quickly determine who should be notified and how? 4.8 Have we considered that, depending on the situation, we may need to craft different messages for different types or levels of clients or employees? 4.9 Have we implemented improvements as a result of an actual execution (real or mock) of the plan? 4.10 Have we budgeted for a cyber security event?

3. Project Team Approach Approach Use key questions Provide answers/direction/templates with examples (small/large org) Financial risk estimator (net cost) Communications plan Incident response plan Meet by conference call Two week intervals August: develop answers/direction, inventory best practices September: finalize content