final paper
s2ssuri
projectPartITask1-ProjectManagementPlantemplate.edited.docxISOL 533 -Information Security and Risk Management Risk Management Plan University of the Cumberlands
Executive Summary
This Risk Management Plan covers the Risks, Threats, and Weaknesses of the Health Network, Inc. (Health Network). Different risks are identified that could actually affect the information security system in the long run. This way the possible threats from different risks are recognized in advance so that efforts could be made to mitigate risks. 7
Risks - Threats – Weaknesses within each domain
Compliance Laws and Regulations
…
Risk management plans are actually required to mitigate different risks that may affect health network. The health network like other network is not immune to the various threats that are present online. These include virus attacks, cyber hacking, malware attacks, Trojan, etc. The information that is stored in the health network is vital as they carry factual information about the patient. Therefore it becomes very necessary to maintain the records in such a way that any kind of manipulation could be avoided. Also keeping these records online would help in easy access when and wherever required. This way the pressure on the patient to keep safeguard their past records is declined. Also, the hospital authorities have no more to keep big chunks of files as information about the patient records. However, efforts are still required to secure these online information databases from various threats. These threats are from internal as well as external sources. The attempts are therefore required to overcome these threats so that they could not affect the database. Also saving the information inputs from virus attacks and hacking would further help in safeguarding the information from any kind of manipulation. This way Risk Management Plan covers the Risks, Threats, and Weaknesses of the Health Network. Different risks are identified that could actually affect the information security system in the long run. This way the possible threats from different risks are recognized in advance so that efforts could be made to mitigate risks.
Different compliance, laws, and regulations are therefore issued and amended from time to time so that high level of safety of the database could be attained. This includes instructions, guidelines, and activities that are required to be followed so that safety in handling and using database could be applied. This way the users are directed towards following a set of rules and guidelines so that the database could be made safe from virus and malware attacks and precautions could be taken to safeguard it from cyber hackers. Different compliance, laws, and regulations direct towards the application of detecting activities for virus attack or cyber hacking. This way the user can get aware of the possible threat to the database that has been facing due to different potential factors. Efforts could, therefore, be made towards mitigating these risks by applying various antivirus applications and security measures that could curb down cyber hacking. This way any unusual activity that may occur on the database could be identified and most appropriate action can be taken to over these problems.
A business process review is also required to be done with the purpose to identify the weaknesses that could generate risks in coming future. A Proper plan of action is therefore developed in the form of reforms, changes and proactive actions that could help in overcoming different risks and gaining access to various risk management techniques in the health network. These plans could help in avoiding the occurrence of particular risks that may affect the security measures of the database of the health network.
|
Risk – Threat – Weakness |
Domain Impacted |
|
Risk : Virus attacks Threat : information loss Weakness : Manipulation of information |
|
|
Risk : Malware attacks Threat : Information loss Weakness : Loss of information |
|
|
Risk : Trojan attacks Threat : Partial or complete loss of information Weakness : Can’t be predicted |
|
|
Risk : Cyber hacking Threat : Stealing away of information Weakness : Cannot be stopped if not realized well in time. |
|
|
Risk : Threat : Weakness : |
|
|
Risk : Threat : Weakness : |
|
|
Risk : Threat : Weakness : |
|
|
Risk : Threat : Weakness : |
|
|
Risk : Threat : Weakness : |
|
|
Risk : Threat : Weakness : |
|
|
Risk : Threat : Weakness : |
|
|
Risk : Threat : Weakness : |
|
|
Risk : Threat : Weakness : |
|
|
Risk : Threat : Weakness : |
|
|
Risk : Threat : Weakness : |
|
Table 1
Bibliography Hillson, D., 2009. Managing Risk in Projects (Fundamentals of Project Management). Gower. Jan, E., 2009. Porter's generic strategies, performance and risk an empirical investigation with German data. Hamburg: Diplomica Verlag. Robinson, N., Wu, Y. & Mooney, P., 2013. Corruption risk in the Chinese Pharmaceutical Market. Deloitte, pp.1-6. Schneider, A. & Scherer, A.G., 2015. Corporate Governance in a Risk Society. J Bus Ethics, 126(4), pp.309-23. Ulsch, N.M., 2014. Cyber threat! how to manage the growing risk of cyber attacks. New Jersey: Wiley.
ISOL 533
-
Information Security and R
isk
Management
RISK MANAGEMENT PLAN
University of the Cumberlands
EXECUTIVE SUMMARY
This Risk Management Plan covers the Risks, Threats, and Weaknesses of the
Health Network, Inc.
(Health Network).
Different risks are identified that could actually affect the information security system in
the long run. This way the possible threats from different risks are recognized in advance so that efforts
could be made to mitigate risks. 7
RISKS
-
THREATS
–
WE
AKNESSES WITHIN EACH
DOMAIN
COMPLIANCE LAWS AND
REGULATIONS
…
Risk management plans are actually required to mitigate different risks that may affect health
network. The health network like other network is not immune to the various threats that are prese
nt
online. These include virus attacks, cyber hacking, malware attacks, Trojan, etc. The information that is
stored in the health network is vital as they carry factual information about the patient. Therefore it
becomes very necessary to maintain the reco
rds in such a way that any kind of manipulation could be
avoided. Also keeping these records online would help in easy access when and wherever required. This
way the pressure on the patient to keep safeguard their past records is declined. Also, the hospi
tal
authorities have no more to keep big chunks of files as information about the patient records. However,
efforts are still required to secure these online information databases from various threats. These threats
are from internal as well as external so
urces. The attempts are therefore required to overcome these
threats so that they could not affect the database. Also saving the information inputs from virus attacks
and hacking would further help in safeguarding the information from any kind of manipulat
ion.
This
way
Risk Management Plan covers the Risks, Threats, and Weaknesses of the
Health Network. Different risks
are identified that could actually affect the information security system in the long run. This way the
possible threats from different risk
s are recognized in advance so that efforts could be made to mitigate
risks.
ISOL 533 -Information Security and Risk Management RISK MANAGEMENT PLAN
University of the Cumberlands
EXECUTIVE SUMMARY
This Risk Management Plan covers the Risks, Threats, and Weaknesses of the Health Network, Inc.
(Health Network). Different risks are identified that could actually affect the information security system in
the long run. This way the possible threats from different risks are recognized in advance so that efforts
could be made to mitigate risks. 7
RISKS - THREATS – WEAKNESSES WITHIN EACH DOMAIN
COMPLIANCE LAWS AND REGULATIONS
…
Risk management plans are actually required to mitigate different risks that may affect health
network. The health network like other network is not immune to the various threats that are present
online. These include virus attacks, cyber hacking, malware attacks, Trojan, etc. The information that is
stored in the health network is vital as they carry factual information about the patient. Therefore it
becomes very necessary to maintain the records in such a way that any kind of manipulation could be
avoided. Also keeping these records online would help in easy access when and wherever required. This
way the pressure on the patient to keep safeguard their past records is declined. Also, the hospital
authorities have no more to keep big chunks of files as information about the patient records. However,
efforts are still required to secure these online information databases from various threats. These threats
are from internal as well as external sources. The attempts are therefore required to overcome these
threats so that they could not affect the database. Also saving the information inputs from virus attacks
and hacking would further help in safeguarding the information from any kind of manipulation. This way
Risk Management Plan covers the Risks, Threats, and Weaknesses of the Health Network. Different risks
are identified that could actually affect the information security system in the long run. This way the
possible threats from different risks are recognized in advance so that efforts could be made to mitigate
risks.
