CYB:407-WK5-PAT2-POA&&M-COMMUNICATION-TO-LEADERSHIP
docx
keyboard_arrow_up
School
University of Phoenix *
*We aren’t endorsed by this school
Course
407
Subject
Information Systems
Date
Apr 3, 2024
Type
docx
Pages
6
Uploaded by lejb1288
CYB/407-WK5-PAT2-POA&EM-COMMUNICATION-TO-LEADERSHIP POA&M Communication To Leadership Name: Leslie E. Jean-Baptiste Class: CYB 407 \ Date: 01/09/23 ’ Action Plan Introduction * The subsequent slides will review the Plan of Action & Milestones of 3 vulnerabilities that can cause harm to Health Coverage Associates. o CYB/409-WK2-DISCUSSION-RESPONSE * The three vulnerabilities are — malware attacks, employee errors, and weak passwords.
Risk Life-Cycle Summary * Categorize System: A vulnerability is put into 3 categories, such as database, network, and access risks. * Select Controls: These consist of software tools and administrative methods. * Implement Controls: software systems needed for management are MVC architecture, antivirus, firewalls, two-factor authentication, IDS, and database encryption. * Access Controls: Controls are tested for their effectiveness against threats. * Authorize System: Employee awareness training to ensure everyone is up-to-date on standard procedures. * Monitor Controls: A yearly audit and benchmarking process conducted of the risk management system. Once risk are identified they are handled by the six-step life- cycle. ,‘,’0 e database, ne access risks. ERLE oftware ELLEGLT ve | controls Authorize tra and deploy the system. - -
Risk Management Results "Every Successful Project begins with Une”
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
15t Vulnerability: Malware Attack v Pl " TILAe ?%@’ o/Jl - e
2" Vulnerability: Employee Error * Policy: To implement an intranet server that can verify PHI data, including email addresses or a verification system. Helps to ensure mitigate future errors, also providing training and awareness programs for employees to avoid future disasters. * Completion Date: November 2023 * Department in Charge: Programming and coding. * Needed Resources: Intranet servers to verify PHI data, Verification systems, and employee training. * Milestones: Every 90-day employee password changes. 3rd Vulnerability: Weak Passwords * Policy: To ensure every password meets a specific criteria. This will include, password length, special characters, multi-factor authentication, and 90-day expiration. * Completion Date: November 2023 * Department in Charge: IT * Needed Resources: Passwords meets length, required special character. * Milestones: Identifying strong password, and applying passwords in its systems.
Conclusion *" By using the 6-step risk management cycle primary HCA threats can be categorized and mitigated effectively. Thus, allowing for you to be compliant with HIPPA regulations. d. * Through the combination of different software, tools, and procedures working together can help mitigate any risk at any level. \ * Employees will be provided security and ‘) | awareness training and 3, . given periodic refreshes as needed. " Also, conducting regular audits and reviews ‘l & 0(‘ md U\ Viring each cycte.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help