Project: Risk Assesment
Running Head: EXECUTIVE SUMMARY 6
Executive Summary
Student’s Name:
Professor’s Name:
Date:
Executive Summary
The Health Network Hospital has its headquarters located in Minneapolis, Minnesota with 600 employees and generates an average of $500 million annually. Furthermore, it has its branches in Portland, Oregon, and Arlington, Virginia which support combinations of collective operations with each carrying out production systems managed by respective third-party data center hosting buyers in the strategic locations near a co-location data center.
The company comprises of three major products, that is, the net exchange which securely handles electronic media message from large hospital customers and routes them to the receiving customers like clinics. HNetPay, on the other hand, is a web portal that deals with the management of safe payments and billing. HNetConnect is an online directory listing medical staffs and facilities enabling customers to choose the service of their choice as even doctors credentials are updated frequently in their respective profiles
The institution operates in 3 production data centers providing high availability across its products which host an average of 1,000 production servers, with 650 laptops as well as mobile devices issued to employees.
The Information Technology in the Health Network Inc. provides information security with the following objectives;
i) Information is made accessible to only the authorized users whether externally or internally
ii) Protection of the information, as a way of maintaining credibility and integrity to the Health Network users.
iii) Ensuring training of personnel pertaining to information security
iv) Ensuring that breach of information and any suspected weaknesses are reported on time.
Risks - Threats – Weaknesses within each domain
|
Project Part |
Deliverable |
|
Project Part 1 |
Task 1: Risk Management Plan |
|
|
Task 2: Risk Assessment Plan |
|
|
Task 3: Risk Mitigation Plan |
|
Project Part 2 |
Task 1: Business Impact Analysis (BIA) Plan |
|
|
Task 2: Business Continuity Plan (BCP) |
|
|
Task 3: Disaster Recovery Plan (DRP) |
|
|
Task 4: Computer Incident Response Team (CIRT) Plan |
|
Project Part 3 |
Task 1: Data Loss |
|
|
Task 2: Information Loss |
|
|
Task 3: Customer Loss |
|
|
Task 4: Internet Threat |
|
|
Task 5: Internal Threats |
|
|
Task 6: Regulatory Changes |
|
R-T-W |
Domain Impacted |
Risk Impact / Factor |
||
|
|
User Domain |
Minor |
||
|
Risk : A user computer or devices which provide access to computer resources Threat : Stealing of assets owned by company like laptops and mobile devices Weakness : insufficient Security on Company’s Equipment .
|
Workstation Domain |
Critical |
||
|
Risk: loss of Customers Threat : production outages due to unforeseen circumstances like natural calamities. Weakness : possible weakness involves generation of alerts.
|
LAN Domain |
Major |
||
|
Risk: configuration errors of routers and firewall
Threat : viruses and communication outages well as DDoS Attacks Weakness : lack of Backup data due to a failure of following procedures.
|
WAN-to-LAN Domain |
Major |
||
|
Risk: loss of Customers Threat : production outages due to unforeseen circumstances like natural calamities. Weakness : lack of Backup data due to a failure of following procedures.
|
WAN Domain |
Major |
||
|
Remote Access Domain |
Major |
||
|
System/Application Domain |
Major |
Compliance Laws and Regulations
Health Network Inc. Laws and regulations include;
i) Offering quality standards to their patients
ii) Offering Internet-related products and services through IT-enabled systems,
References
Righthand, S., Kerr, B. B., & Drach, K. (2013). Child Maltreatment Risk Assessments: An Evaluation Guide. Hoboken: Taylor and Francis.
Rushton, R. (2006). What a week to risk it all. London: Piccadilly Press.
Tasler, Nick, Schirner, & Buck. (2015). The Impulse Factor: Why Some of Us Play It Safe and Others Risk It All. Brilliance Audio.