Answered You can buy a ready-made answer or pick a professional tutor to order an original one.
Assignment 4: Business Value of Risk Management PlansDue Week 7 and worth 100 pointsWhen organizations develop risk management plans, they need to consider the value of the assets being protected and
Assignment 4: Business Value of Risk Management PlansDue Week 7 and worth 100 pointsWhen organizations develop risk management plans, they need to consider the value of the assets being protected and the controls that are needed to mitigate the risks in a cost-effective manner. Likewise, managers need to ensure that their risk management plans are effective and support the organizational goals and objectives. Write a four (4) page paper in which you:Describe how an organization determines the level of necessary controls to mitigate the risks while considering the value of its assets.Suggest the assets that need to be protected for the seven (7) domains of a typical IT infrastructure. Determine the technical and business consequences if they are not protected. Note: Refer to Chapter 10 as a resource for the seven (7) domains.Suggest at least three (3) strategies on how to determine and effectively manage residual risk.Use at least five (5) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
- @
- 165 orders completed
- ANSWER
-
Tutor has posted answer for $45.00. See answer's preview
****************** ** ContentsIntroduction: ****** ******** **** *** ******* ***** ****** ********* *** ***** *** *********** ********** *** *** ********* controls: ******** ************* 2Medium ***** Hospital ** *** Medical ************* *** ***** Plan ************ ************ 4Introduction: Department of ****** and Human ******** *** **** * *** ***** for *** ************* ** ***** ** maintain *** ******* and *** ******** of the PHI *** *** **** of the health ************ must comply ** **** ***** *** *********** **** *** ************* would ** ******* heavily ** *** *********** ****** the ***** *** ******* ******* ******** *** ************* ******** **** *** ******* ***** HIPPA ******** ******* *** security ** *** ************* Though **** *** different *** ****** the ************ simultaneously ******* **** ** HIPPA ***** *** *********** the right ** ******* his/ *** ******** health *********** ** ************ * ******** ** allowed to *** PHI ** *** ******* ******* his/ *** ********** The privacy ** *** information can ** maintained ** *** ****** according ** *** **** ** protectionThe security rule ** *** ** *** ***** **** allows the ************ ** secure the *** of *** individuals by ********* all ***** ** ******** ************** *** technical ********** ** the *** *** ************ ****** ******** *** confidentiality ** the **** *** ****** **** *** *** ******** procedures ** ******* *** ***** Harrison * & Simon * ***** The **** ****** be stored in any ******** *** must ** ********* **** ************ access The **** *** ** stored *** *********** ******* *** ****** *** security ****** be ********** *** example ** *** ****** *********** ** a patient is leaked **** it **** ** ******* to ensure the ******** ****** ****** the ******* ***** means ******* *** reason ** *** data leakage ** *** ******* ******* or *** security ************ ********* *** ***** *** *********** Experts are ******* *** on *** most ***** frequent ******* ** incidents *** ***** *** ********** Some of *** ******** *** ***** ******** ************ ****** to * ******* **** ** one ** *** major ******* *** ***** non compliance **** ** *** ******* *** ***** ****** ** the *** *************** **** is ******* *** ****** **** *** the ************* ** passing on *** ******* ** *** doctors ******* wrong emails( ****** ***** ***** wrong ****** **** *** *********** ** *** unauthorized **** **** ************ access breaks *** security ****** ******** *** ******* access: ******* ***** *** ***** non compliance is *** ******* ** *** ******* access to the patient *** health *********** because ** the other ************** Technical *** *** ********* *********** order to ** ********* **** HIPPA *** ************ **** make *** below *********** ***** *********** *** ************ **** **** * ***** consultant *** would ** *********** *** ****** and testing *** processes *** **** the hospital This ***** consultant **** ** ** ****** who *** handle *** *** *** ********* ********* and ****** ******* ways ** **** the ******* *********** Technology ****** There are ******* ***** available in the ****** ** ***** ** **** * ************ ***** ********* These *** *** ** rules and regulations ***** *** **** ** the **** of * ********* ** *** various other *************** ********* about HIPAA ******** ** order ** ****** **** *** *** *** company **** **** sure that it ** aware ** *** *** ******* ** ***** which imposes *** ***** *** *********** ********* ** *** ******** *********** ********* ***** ***** update is ********* ******* **** ********* ** *************** *** ** made accuratelyNetwork **************** ******* architecture ** ** organization ** ***** ** ** ***** compliant must contain *** ***** ************* Physical Safeguards: *** ****** ***** ******* **** ** ****** **** ** ******** places ******** ******* *** ******** ********* **** be protected **** ********* security ******** ******** ******** are **** ******** **** ****** ****** screens ** ********* ****** offices *** rooms· ************** *********** * security officer should ** ***** in *** premises ****** ******** must ** ***** ** *** various *********** **** *** access ** *** *********** ****** ** *** hospital **** ** restricted * ****** ***** ******** ******** measure ****** ** **** ** ***** ** ****** *** security ******** ********* *********** ***** should be * ******* *********** on *** ******* *** ****** ** *** *** ***** ***** *** **** **** ** used for ********** the record ** *** users Proper ******** *** ******** ** *** **** should be **** in order to protect *** data **** the ************ ****** **** must be ********* ******** *** *********** *** ***** ******** *** ********** should be ******* *** ****** in each *** ***** ********** in ***** ** **** the system compliant **** *** ******** ********** ****** be ********** **** ** ********* ************ Requirements: The Breach ************* *** ********** policies *** ********** must ** ********** carefully *** the ******** ******* ********** must ** ********** ***************** ***** Hospital ** *** Medical ************* ** * ****** sized ************ *** ****** ** non compliance ** the ***** ** because ** *** ************* ************ ** many ***** with *** data ** ******** ***** these ****** sized organizations *** ***** the influence ** bigger ************* ** the *** medical ************ again the non compliance to *** ***** ** because of *** ************* ****** ** the **** to *** *** because ** *** ******* ** *** ****** ***** hospital *** *** *** ******* ************ *** *** ******* organization *** ** *** *** ************ **** ********* company ***** *** ** **** **** *** hospital in ***** ** ******* *** ********* amount to *** ******** ** behalf ** patient **** ******** **** ** **** ******* of *** ** *** ************ usersIT ***** ***** *** ** ***** plan **** consider *** below ***** ** *** **** ** ***** to ****** *** IT ********* Secure ********** *** the users ** *** *********** system and PHI **** ** ***** ******* ********* ****** ******* ********** ***** ****** **** ****** ****** ** made ** order ** ensure **** *** **** *** be ********* **** ** **** of *** *************** Virus ******* ********* and ******** ***** checks **** ** **** in ***** ** ******** *** ***** attacks· **** *********** The **** **** ** ********* ****** transmission ** ** ** ******** *** ******* *** ******** of *** dataConclusion: HIPPA ***** *** regulations *** *********** for ******** *** patient **** In order ** ** compliant **** ***** *** ******* needs ** **** some changes ** *** ************** ** *** ******** *** **** **** ******* ** the ** ***** plans ******** ** ******* ******* It ** important to make *** ******** ***** **************************** * ***** ***** * ****** ***** ***** privacy *** security *********** ************* ******* *** ******************* (2006) ***** ************** ******************* ************** ************** ********** Text00(1)Hhsgov ***** ) ****** States ********** ** ****** and ***** Services | HHSgovSummary of the HIPAA ******* ************* *** 26 **** **** ************************************************************************ (2014 ) ****** ****** Department ** ****** *** ***** ******** * ************* ** *** ***** Privacy RuleRetrieved May ** **** **** http://wwwhhsgov/ocr/privacy/hipaa/understanding/ ***************************