ScenarioYou work for a large, private health care organization that has server, mainframe, and RSA user access. Sean, your manager, has been asked to provide the latest version of the organization’s

ScenarioYou work for a large, private health care organization that has server, mainframe, and RSA user access. Sean, your manager, has been asked to provide the latest version of the organization’s incident response policy. To his knowledge, no policy exists. He has asked you to research and create an incident response policy over the weekend.Assignment RequirementsLook for at least two incident response policies for organizations of a similar type to your organization. In addition, download NIST “Computer Security Incident Handling Guide, rev 2” SP800-61 located athttp://csrc.nist.gov/publications/nistpubs/800-61rev2/SP800-61rev2.pdfBased on your research, create an initial draft of an incident response policy for your organization. Consider HIPAA and other health care–related compliance requirements. Create a summary report that justifies the content you included in the draft policy. Reference your research so that Sean may add or refine this report before submission to senior management.Required Resources
- Access to the Internet
- Submission Requirements
- Format: Microsoft Word
- Font: Arial, 12-Point, Double-Space
- Citation Style: APA
- Length: 1–2 pages
- Self-Assessment Checklist
- I created a sound draft policy for incident response.
- I considered HIPAA and other health care–related compliance requirements.
- I wrote a summary report that justifies my selection of content in the draft policy.