StudyDaddy Information Systems

Answered You can buy a ready-made answer or pick a professional tutor to order an original one.

QUESTION

ScenarioYou have just been hired as the security manager of Medical Credentials Company (MCC), reporting to the Chief Information Officer (CIO). MCC is a kind of clearinghouse for doctors, hospitals,

Scenario

You have just been hired as the security manager of Medical Credentials Company (MCC), reporting to the Chief Information Officer (CIO). MCC is a kind of clearinghouse for doctors, hospitals, and group practices. It stores and distributes information on its clients, including sensitive information on previous malpractice lawsuits or disciplinary action. MCC is converting from an in-house database to a distributed database, which can be queried by telecommuting employees and clients. This change requires a high level of security. It is your responsibility to provide your engineers with the security requirements and at the same time convince senior management that the system being developed is robust and secure enough to protect this sensitive information. After careful examination of the database requirements and security requirements, you decide that compliance with the current accreditation/authorization process (NIST 800-37 RMF) would sufficiently protect the database from intrusion and tampering.

Project Background

Your CIO asked you to identify security controls in the Information Assurance (IA) family that are relevant to the database, using your sound reasoning and professional judgment. Based on the assumption that your system is a moderate, moderate, moderate… which of the IA family controls do you believe would be relevant to the database and why? Using NIST SP 800-53, create a table. Include columns for the control, the description, and comments. Be sure to include comments in your matrix regarding why or why not the control applies. (NOTE: not all of the controls should be applicable).

The project deliverables for Week 3 are as follows:

WEEK 3: Appendix Development Section: (600-700 WORDS)

·      Introduction

·      Explain the content that should go into the appendix (Appendix F: Security requirements Traceability Matrix)

·      A justification as to why or why not the controls apply

·      CONCLUSION

·      REFERENCE

Show more
Elite2
Elite2
  • @
  • 331 orders completed
ANSWER

Tutor has posted answer for $20.00. See answer's preview

$20.00

*** **** just **** ***** ** *** security manager ** ******* *********** ******* ***** ********* to *** ***** *********** Officer (CIO) MCC ** * kind of ************* *** *****

Click here to download attached files: Information_Assurance_(IA)_security_controls_paper.docx
or Buy custom answer
Related Questions:

Have a similar question?

Continue to edit or attach image(s).

New questions
Homework Categories
LEARN MORE EFFECTIVELY AND GET BETTER GRADES!
Ask a Question