Using the scenario presented in Week Two and the templates provided in the resources below, complete the following: A 1- to 2-page Risk Registry accurately documenting the risk elements form the scen
CYB/207 v2
Create a Risk Registry using the template below to accurately documenting the risk elements form the scenarios that can be used to track issues throughout the project.
Risk Description for Risk Registry | Likelihood | Impact | Risk Owner | Resources Required | Estimated Completion Date |
<Briefly describe the risk> | <Low, Medium, or High> | <Low, Medium, or High> | <List department or role> | <List hardware, software, personnel, and/or policy needed> | <Provide a date based on the risk complexity and today’s date> |
Using the Assignment Scenario, complete the following worksheet.
Description of Vulnerability | Security Control Number and Name | Security Control Type | System Categorization for Risk Level Impact | Last Assessment Information | Asset | Assessment Method | Policy Alignment |
<Describe the vulnerability> | <List the Security Control name and number> | <Common, System-Specific, Hybrid> | <High, moderate, or low> | <Identify any security assessments from the past> | <Describe the asset that will be tested> | <Identify at least one way you can test this asset> | <Indicate what security policy aligns with the asset> |
PHI/EPHI Policy Template
Version:
<Indicate the version of the policy, its revision date, and the approver.>
Purpose:
This policy prohibits the use, storage, and discloser of Personal Health Information (PHI) and Electronic Personal Heal information (EPHI), except as specifically permitted or required by HIPAA regulation.
Scope:
<Describe who this applies to in the organization.>
Policy:
1. <Provide accurate definitions used in the policy, like PHI.>
2. <State how data must be stored (e.g., encrypted).>
3. <Indicate covered entities.>
4. <Indicate the consequences for a confidentiality breach.>
5. <Indicate what standards the policy follows (e.g., NIST SP800-53).>
Copyright 2020 by University of Phoenix. All rights reserved.