0% found this document useful (0 votes)

38 views6 pages

SOP 13 - Cyber Security Insident

This document outlines the Standard Operating Procedure (SOP) for handling cyber security incidents at Ethiopian Pharmaceuticals, effective from January 9, 2022. It includes guidelines for preparation, response, and follow-up on incidents, detailing the responsibilities of network administrators and the resources required. The SOP aims to ensure a structured approach to prevent and manage cyber security threats effectively.

Uploaded by

Manehcmis Mane

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

38 views6 pages

SOP 13 - Cyber Security Insident

Uploaded by

Manehcmis Mane

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 6

Ethiopian Pharmaceuticals Document No: SOP/ICT/ HO-13

Supply Service
Effective date: 09/01/22
Cyber Security Incidents Rev. No.: 0 Page 1 of 6

FOR DOCUMENT CONTROL USE

ONLY
Content

ABBREVIATIONS ........................................... 2
1 INTRODUCTION ..................................... 3
2 PURPOSE................................................... 3
3 SCOPE ........................................................ 3
4 PROCEDURE ............................................ 4
5 RESOURCE ............................................... 5
6 KPI .............................................................. 5
7 FORMS ....................................................... 6
8 AMENDMENT HISTORY ....................... 6
9 REFERENCE............................................. 6

PREPARED BY APPROVED BY

Name: 1. Shimelis Wagaw Name:

2. Manyazhal Adissie
3. Tibebe Kidanu
4. Sissay Getachew
Signature: Date: Signature: Date:
ABBREVIATIONS

HO Head Office
ICTD Information and Communication Technology Directorate
ICT Information and Communication Technology
EPSS Pharmaceuticals Fund and Supply Service
SOP Standard Operating Procedure
INSA Information Network Security Agency

2|Page
እባክዎ በዚህ ሰነድ ከመጠቀምዎ በፊት ትክክለኛ መሆኑን ያረጋግጡ
Cyber Security Incidents
Please make sure that this is the correct issue before use SOP/ICT/ HO-13,0, 21/01/2022
1 INTRODUCTION

This SOP provide the flow of procurers how to handle cyber security incidents in an
appropriate manner. It provides you with practical advice on how to prepare for,
respond to and follow up an incident in a fast and effective manner.

2 PURPOSE

The purpose of this SOP is to helps meet a range of different requirements in the
agency to know how to best respond to a cyber-security incidents.

3 SCOPE

The scope of this SOP is prevention of cyber security attacks including detailed cyber
security threat analytics, cyber security incident response and report.

3|Page
እባክዎ በዚህ ሰነድ ከመጠቀምዎ በፊት ትክክለኛ መሆኑን ያረጋግጡ
Cyber Security Incidents
Please make sure that this is the correct issue before use SOP/ICT/ HO-13,0, 21/01/2022
4 PROCEDURE

4.1 Process flowchart

INPUT PROCESS OUTPUT

1.Cyber Security 1. Accepting the request.

incident respond
request

2. Identifying the type of incidents

2.Accepted Cyber source.
Incident Request

3.Identified source of 3. Listing the type of incidents by

incidents request sources.

4. listed incident 4. Preparing materials/tools that

sources helps to identify the damage of
incidents.

5. Measuring the incidents capacity

5. Preparing the covers area for determining
identified result. incidents scope.

6. Evaluating the scope/targets of

incidents.
6. The incidents 6a. Forward to INSA if the incident
damage is beyond to EPSS ICTD.
6b.Resolve the incident issues.
6b1. Documenting all solution steps.
6b2. Generate the incidents report
in Confidential manner

7. Close the cyber incident issues.

7.Solve the Request

4|Page
እባክዎ በዚህ ሰነድ ከመጠቀምዎ በፊት ትክክለኛ መሆኑን ያረጋግጡ
Cyber Security Incidents
Please make sure that this is the correct issue before use SOP/ICT/ HO-13,0, 21/01/2022
4.2 Description of process

FLW Process Steps Description Responsibility

1 Cyber Security incident occurred Attacker
2 The Network admin address the incidents source.
3 Network admin list the incidents by internal and external Network Admins
category types
4 The network prepare packet analysis tools that helps to identify Network Admins
the incidents.
5 Using Packet analysis tools measuring the damage and range of Network Admin
the incident.
6 Checking the damage or range of incident coverage Network Admin
6a The damage or range of incident are beyond or not handle by Network Admin
internal capacity then forward to INSA
6b The damage or range of incident is can be handle by internal Network Admin
capacity then resolve the problem
6b1 Documenting all solution steps
6b2 Document in confidential manner each solutions, findings and Network Admin
incident that are taken to during incident solution.
7 Close the cyber incident issues. Network Admin

5 RESOURCE

 Wireshark
 Burp Suite
 Nmap
 SQLMap
 Nikto
 Reverse
 ILSpy.

6 KPI

 Proactive security plan

 Number of Security Incidents Investigated

5|Page
እባክዎ በዚህ ሰነድ ከመጠቀምዎ በፊት ትክክለኛ መሆኑን ያረጋግጡ
Cyber Security Incidents
Please make sure that this is the correct issue before use SOP/ICT/ HO-13,0, 21/01/2022
7 FORMS

The following forms are used for the implementation of this SOP.

Document Document Title

Number
Not Available

8 AMENDMENT HISTORY

Document Number Effective date Rev. No.

SOP/ICT/ HO-13 21/01/2022 Rev. No. 0

9 REFERENCE

1. Pharmaceutical Supply Business Process Reengineering for Pharmaceuticals Fund

and Supply Agency, July/2017
2. Pharmaceuticals Supply Transformation Plan II (PSTP II) 2020/21-2029/30,
October/2020 , Version 0

6|Page
እባክዎ በዚህ ሰነድ ከመጠቀምዎ በፊት ትክክለኛ መሆኑን ያረጋግጡ
Cyber Security Incidents
Please make sure that this is the correct issue before use SOP/ICT/ HO-13,0, 21/01/2022