project11

 

OVERVIEW:

Don't use plagiarized sources. Get Your Custom Essay on
project11
Just from $13/Page
Order Essay

• Write paper in sections

• Understand the company

• Find similar situations

• Research and apply possible solutions

• Research and find other issues

HEALTH NETWORK INC

• You are an Information Technology (IT) intern

• Health Network Inc. 

• Headquartered in Minneapolis, Minnesota

• Two other locations

• Portland Oregon

• Arlington Virginia

• Over 600 employees

• $500 million USD annual revenue

DATA Centers

• Each location is near a data center

• Managed by a third-party vendor

• Production centers located at the data centers

Health network’s Three products

• HNetExchange

• Handles secure electronic medical messages between 

• Large customers such as hospitals and 

• Small customers such as clinics

• HNetPay

• Web Portal to support secure payments

• Accepts various payment methods

• HNetConnect

• Allows customers to find Doctors

• Contains profiles of doctors, clinics and patients

Health networks IT network

• Three corporate data centers

• Over 1000 data severs

• 650 corporate laptops

• Other mobile devices

Management request

• Current risk assessment outdated

• Your assignment is to create a new one

• Additional threats may be found during re-evaluation

• No budget has been set on the project

Threats identified

• Loss of company data due to hardware being removed from production systems

• Loss of company information on lost or stolen company-owned assets, such as mobile devices and laptops

• Loss of customers due to production outages caused by various events, such as natural disasters, change management, unstable software, and so on

• Internet threats due to company products being accessible on the Internet

• Insider threats

• Changes in regulatory landscape that may impact operations 

Part 1 project assignment

• Conduct a risk assessment based on the information from this presentation

• Write a 5-page paper properly APA formatted

Your paper should include

The Scope of the risk assessment i.e. assets, people, processes, and technologies

Tools used to conduct the risk assessment

Risk assessment findings

Business Impact Analysis

 

This is the second part of Project 1 that you started in Week 4.  Following the instructions on the PowerPoint Slide.  

You will add to your findings from part 1 and address them with a risk mitigation plan. 

The plan should include

The methods to reduce risk and vulnerabilities

Determine if the organization is risk-averse or risk-tolerant

Strategies to mitigate residual risks

The requirements for this half are also five pages correctly APA formatted.

Running Head:

HEALTH RISK ASSESSMENT

HEALTH RISK ASSESSMENT 7

HEALTH RISK ASSESSMENT

Student name

Professor name

Institution

Course

Date

INTRODUCTION

Basing on the current situation at this company and bearing in mind that we are living in the contemporary world that is full of change and risks in business. There is a great shift in paradigm through information technology as a department on its own where almost all the services are conducted online and linking up with the world population still needs information technology concept. Due to these continuous change which is dynamic in this health company, evaluation, as well as reevaluation of the risks that are associated with the management of IT programs and systems, is necessary and new plans need to be formulated to assess the probable risks the company may encounter as they offer services to their customers after evaluating the previous plan. This will enable the management to detect some of the flaws in the previous risk assessment plan that resulted in the company to be vulnerable so risks again according to (Vellani 2019).

When we look at the threats identified in this health network alert for the need to have a continuous check on the risk assessment methods the company needs to deploy to ensure its network is safe. These threats include loss of company data, company information, loss of customers, threats from the internet as well as insider threats. These threats are just but only enough to surface the vision of the company by hindering the free flow of services to customers and agencies. The issue of withdrawal of customers to a notable statistic simply implies an arise of worry among themselves towards the company on her workmanship and thus reduce the trust the company has from the public. I will need to conduct an assessment of the nature of risks likely or already facing the network company and then make a plan on how these risks need to be mitigated as far as IT is concerned according to (Shedden.et.al.2016).

STEPS IN CONDUCTING A RISK ASSESSMENT

The first step in risk assessment for any company is the identification of the risks in the company. This is where the team embarks to identify things that are likely to cause harm to the health network, for example, the current risk assessment plan is outdated, removal of hardware in the production system leading to loss of data as mentioned up there is another risk. This step yearns to exhaust the vulnerability of the network system to the external attackers and table these risks according to (Vellani 2019). After walking around to get the risks, you now ask people in the company or at the place you identified the risk on their take of the available risk as they will help to shed some light on the risk identified. For that case in these health networks, I will ask employees in the compound as well as immediate stakeholders on how the system has been working without a risk assessment tool then also inquire from the management of their take on how customers are leaving the enterprise.

The next step to take still on the identification of the hazard is to visit the house website which is the server, for example, the risk like loss of management data. After inquiring people you have to visit the network provider for a helpful guide on how to deal with the issue looking at the manufacturer’s instructions and the datasheets, these steps will ensure all the hazards that might occur in the company or the existing threats to progress have been identified before you move to the second step of risk assessment according to (Shameli-Sendi, Aghababaei-Barzegar & Cheriet 2016).

The second step during risk assessment after the risks have been identified is to understand the source of the hazards and threats to the company looking at how that source sends the threats to the company. This decision will be reached basing on every risk identified at glance for example for our case here at the health networks, the source of the risk like massive withdrawal of customers from the company is due to the poor service delivery in the company that aims at profit-making and not customer satisfaction. A risk like reputation, its source can be discovered as the public and the ruling power enforced by political differences where an undercover decides to spoil the image of the company and her services offered. Source of finances or just inadequate finance in the company can be the source of risk like having an outdated risk assessment plan.

Now the third step after the source of the risk has been identified for all the risks mentioned or anticipated to face the company, is to evaluate the nature of the risks at hand then decide on the precautions. In this stage, you now make decisions that you can call a meeting with the stakeholders to discuss or even just make your own decisions according to (Song.et.al.2019). These decisions also follow a certain procedure because they will be standing for years to come, this comes after you have analyzed the nature of your decisions and the core things to think as you make a decision are that will I get rid of the hazard once? if not then what are the ways to mitigate this risk to reduce the vulnerability of its occurrence again? A control against the occurrence of the risk once again follows the following principles; incorporate less risky applications in the network, guard against external attackers, make arrangements to reduce exposure of the system to external attack then provide risk recovery facilities to ensure the company or system runs again as normal.

The fourth step under risk assessment after evaluation of the risks identified is to record the findings from the evaluation then put measures in place to implement them. This is the step where a course of action is taken to ensure the technique put across to mitigate the risks are initiated and every detail is recorded and filed for the sake of reference and presentation. In this case, where the main threat comes from the IT, measures, and recordings will aim at curbing the cases of cybercrime and the protection of system data. This can be done through encryption and setting up strong passwords to protect the network from being accessed by unauthorized persons to interrupt with the privacy of information. A good risk assessment needs to show that there was a proper check in the system, ask the persons or parties affected inside and outside the company, that all the significant hazards and threats have been dealt with appropriately and also ensure the staff plus the representatives were involved in the assessment and finally a good assessment ensures that safety precautions or the mitigations measures have been set to minimize the occurrence of such risks.

The final fifth step after everything has been done is to review the risk assessment and make the necessary updates in case some information is missing. This will ensure accuracy and therefore the trustworthiness of the report as this assessment will enable the team to deduce a quantitative risk mitigation tool. In this stage, it is possible to have some of the things changed bearing in mind that a risk is something that can attack a company or system unpredicted, thus during the review the research gets into details to ensure every aspect has been captured according to (Torabi, Giah, & Sahebjamnia 2016). This is the stage where things like efficiency, cost, the accuracy of data and the whole process are investigated, as an intern student what I will do at this level is to hand over to the management for the action plan to be conducted. To make the process complete therefore I need to get feedback from the boss on the kind of assessment if it is practical and realistic or not.

CONCLUSION

For any business to thrive or a networking system to continue doing well we must consider the probable risks that business it will consider. Though these risks can be frustrating they also help to shape the management and sharpen their minds over things that can hinder one from meeting all the objectives despite having all resources in place. A company with an effective and updated risk assessment plan will always register the highest profit margins as they will have maintained a good rapport between the company and her customers according to (Bahr 2018). A good risk assessment plan will provide a blueprint to guide future projects and match with the company strategy towards meeting up the set goals and objectives. This risk assessment plan will also provide an alternative take, for example, a system failure for the health network’s software crashes or the USB storing data for the company get lost like in our case here the assessment will ensure the company doesn’t rely on one means of storage for such sensitive information. An assessment was necessary as it is one of the steps the company should take in their preparation for a successful business.

References

Bahr, N. J. (2018). System safety engineering and risk assessment: a practical approach. CRC press.

Shameli-Sendi, A., Aghababaei-Barzegar, R., & Cheriet, M. (2016). Taxonomy of information security risk assessment (ISRA). Computers & security, 57, 14-30.

Shedden, P., Ahmad, A., Smith, W., Tscherning, H., & Scheepers, R. (2016). Asset identification in information security risk assessment: A business practice approach. Communications of the Association for Information Systems, 39(1), 15.

Torabi, S. A., Giahi, R., & Sahebjamnia, N. (2016). An enhanced risk assessment framework for business continuity management systems. Safety science, 89, 201-218.

Song, W., Zhu, J., Wang, H., & Chang, A. (2019). Multistage risk assessment of direct delivery business from local oil refineries in Sinopec Group based on normal cloud model. International Journal of Production Research, 1-27.

Vellani, K. (2019). Strategic security management: a risk assessment guide for decision makers. CRC Press.

What Will You Get?

We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.

Premium Quality

Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.

Experienced Writers

Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.

On-Time Delivery

Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.

24/7 Customer Support

Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.

Complete Confidentiality

Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.

Authentic Sources

We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.

Moneyback Guarantee

Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.

Order Tracking

You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.

image

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

image

Trusted Partner of 9650+ Students for Writing

From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.

Preferred Writer

Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.

Grammar Check Report

Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.

One Page Summary

You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.

Plagiarism Report

You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.

Free Features $66FREE

  • Most Qualified Writer $10FREE
  • Plagiarism Scan Report $10FREE
  • Unlimited Revisions $08FREE
  • Paper Formatting $05FREE
  • Cover Page $05FREE
  • Referencing & Bibliography $10FREE
  • Dedicated User Area $08FREE
  • 24/7 Order Tracking $05FREE
  • Periodic Email Alerts $05FREE
image

Our Services

Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.

  • On-time Delivery
  • 24/7 Order Tracking
  • Access to Authentic Sources
Academic Writing

We create perfect papers according to the guidelines.

Professional Editing

We seamlessly edit out errors from your papers.

Thorough Proofreading

We thoroughly read your final draft to identify errors.

image

Delegate Your Challenging Writing Tasks to Experienced Professionals

Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!

Check Out Our Sample Work

Dedication. Quality. Commitment. Punctuality

Categories
All samples
Essay (any type)
Essay (any type)
The Value of a Nursing Degree
Undergrad. (yrs 3-4)
Nursing
2
View this sample

It May Not Be Much, but It’s Honest Work!

Here is what we have achieved so far. These numbers are evidence that we go the extra mile to make your college journey successful.

0+

Happy Clients

0+

Words Written This Week

0+

Ongoing Orders

0%

Customer Satisfaction Rate
image

Process as Fine as Brewed Coffee

We have the most intuitive and minimalistic process so that you can easily place an order. Just follow a few steps to unlock success.

See How We Helped 9000+ Students Achieve Success

image

We Analyze Your Problem and Offer Customized Writing

We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.

  • Clear elicitation of your requirements.
  • Customized writing as per your needs.

We Mirror Your Guidelines to Deliver Quality Services

We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.

  • Proactive analysis of your writing.
  • Active communication to understand requirements.
image
image

We Handle Your Writing Tasks to Ensure Excellent Grades

We promise you excellent grades and academic excellence that you always longed for. Our writers stay in touch with you via email.

  • Thorough research and analysis for every order.
  • Deliverance of reliable writing service to improve your grades.
Place an Order Start Chat Now
image

Order your essay today and save 30% with the discount code Happy