PM Plan

<in a short paragraph, define what a Risk Management plan should provide. Use the textbook and do research to provide an executive summary that fits an Executive Summary.>

<make sure you also identify how this Risk Management plan applies to this industry>

Introduction

Health Network, Inc. (Health Network), a fictitious health services organization headquartered in Minneapolis, Minnesota… <copy the relevant information about Health Network, Inc. from the project scenario and enter it in this Introduction section. At the end, add a sentence identifying which systems are supported by 3rd party vendors and as such will not be directly covered by this Risk Management plan.>

risk identification process

<in a short paragraph, define Risk Identification using the textbook and other research as it related to this Risk Management plan.>

Strengths, Weaknesses, Opportunities, and Threats

< use the textbook and do research to define and provide a short description about SWOT>

Roles and responsibilities

< use the textbook and do research to create a TABLE reflecting the Type of people (managers, users, specialists, 3rd party vendors, stakeholders, etc.), their Roles and their Responsibilities in supporting this Risk Management Plan. The TABLE may also need to reflect the Roles and Responsibilities unique to this industry>

Assumptions and constraints

< use the textbook and do research to determine how to define the scope of this Risk Management plan; i.e. what Corporate sites, departments, systems? Does it include 3rd party vendors? Does it include any Service Level Agreements (SLAs) with external agencies, partners and vendors?>

risk register

Appendix C contains a Risk Register that documents current and potential Risks.

<complete Appendix C at the end of this template by entering one (or more) Threats and Weaknesses/Vulnerabilities and Countermeasures/Controls for the 7 Risks identified in the Project Scenario.>

Compliance Laws and Regulations

< use the textbook and do research to define the laws and regulations that affect this Risk Management Plan and this industry.>

risk assessment and prioritization process

<in a short paragraph, describe the Risk Assessment and Prioritization process using the textbook and other research as it related to this Risk Management plan.>

The Risk Assessment Plan is included as Appendix A.

Risk mitigation process

<in a short paragraph, describe the Risk Mitigation process using the textbook and other research as it related to this Risk Management plan.>

The Risk Mitigation Plan is included as Appendix B.

Implementation and Monitoring process

<describe the Risk Implementation and Monitoring process using the textbook and other research as it related to this Risk Management plan.>

Risk Response Planning

< use the textbook and do research to determine how to describe strategies for responding to both Negative and Positive risks/opportunities (Avoid, Transfer, Mitigate, Accept, Exploit, Share, Enhance).>

Risk escalation

< use the textbook and do research to describe the process to escalate risks.>

reporting

< use the textbook and do research to define the reporting procedures.>

Review and Update process

< use the textbook and do research to describe the Risk Management Plan review and update process.>

Risk monitoring

<use the textbook and do research to describe how often a new Risk Assessment will be executed>

risk Controlling

<use the textbook and do research to describe what procedures will be followed when a risk’s probability or impact changes significantly OR a new critical risk is identified.>

risk plan maintenance

<use the textbook and do research to describe how often will the Risk Management plan be reviewed>

ISOL 533 - Information Security and Risk Management Health Network, Inc. University of the Cumberlands

< use the textbook and do research to determine how to create a TABLE reflecting the Project Management Schedule – Plan of Action. The TABLE should include the “start-up”, “regular”, “special” and “close-out” events WITHIN the Risk Identification process, the Implementation & Monitor process and the Review & Update process. i.e. what is the Task that needs to be completed; who owns the task; who represents the owner; what is the estimated time to complete the task; does it recur and if so, how frequently; etc.

Appendix C

Figure 1