Information Security Audit - Dissertation App

Assignment Answers
best custom paper writing service
Information Security Audit

best custom paper writing service

Information Security Audit

May 9th, 2022 Essays

Information Security Audit
You have recently been promoted to Chief Information Security Officer of a large healthcare organization with 10 hospitals under management. Your fist task is to design an information security audit to determine the state of cyber security of your organization as you enter into your new role. You know that the implementation of a robust and effective information security program is only the start of providing for the confidentiality, integrity and availability of information assets. Those tasked with the responsibility for information security will also implement a routine audit of their information security controls. The National Institute of Standards and Technology (NIST) publishes the cyber security framework for improving critical infrastructure cyber security. Review this framework and prepare a sample audit to be reviewed by your organizations Chief Information Officer for approval. Your sample audit should include the 5 primary areas of your information security program that you would audit, the details of what you would audit for and a 1 paragraph summary per section that describe your goals for that section of the audit.

www.nist.gov
Healthcare systems were recognized in the President’s Executive Order (EO) 13636 of 2013 as critical infrastructures of interest to the United States. An attack on the healthcare systems of any organizations is therefore a potential threat to economic security and national security. Consequently, the security of healthcare systems is critical to the nation.
This document provides an information security audit to determine the state of cyber security at a large healthcare organization with 10 hospitals under management. The audit follows the cyber security framework (CSF) provided by National Institute of Standards and Technology (NIST) in conjunction with other subject matter experts. NIST requires that an information security audit should prioritized, flexible, repeatable, and cost-effective. Additionally, the information security audit must continually provide mechanisms for five CSF functions that include identification, protection, detection, response, and recovery.
The main information security challenge facing the healthcare sector is the protection of patient data and information. Any threat to patient information and data is considered a threat to national security as well as the economy. Therefore, an information security audit in the healthcare sector must address all areas that relate to patient data and information.
The five areas of interest include network infrastructure, administration, and management audit. Audit in this area seeks to determine whether there is any threat to the network infrastructure including software and hardware. It also seeks to identify whether there are any human-related factors that could be a threat to the network infrastructure. It is especially important because of the nature of interconnections for all ten facilities in the network.
Database integrity and database management audit is the second critical audit area. The question on database involves issues such as how data is stored, level of encryption, information authentication levels, and the rights to read and write information as well as copying information in the database. The audit of database and database management must also include database backup features as well as data recovery protocols.
Hardware infrastructure audit is the third critical area of audit. An inventory of all information systems hardware is required, their vulnerabilities identified, and protocols for the security of the hardware determined. All hardware that store any critical information must also be identified considering that one way to gain access to the records is through the theft of hardware.
The fourth area of information security audit is the integrity of the software used in the organization. This must encompass the resilience of the electronic health systems which are used in generation of the patient data. The second important software encompasses the operating systems status as well as defense systems on all hardware. For instance, does the system allow the administrator to reject installation of software, copying of software or data, or sharing of information online? Other aspects would include how the software is prepared to deal with online threats and attacks including the download of malware into the systems. These are some of the major threats to information security.
The last audit focuses on the people. The audit must focus on the user’s understanding of information systems use protocols with a focus on cyber security. It also entails separation of powers and responsibility of data in the systems. Most importantly, there is the need to audit the behavior of the key persons with respect to the use of technology. The security of information systems can only be as good as the people want it to be.
In summary, this document provides information on key audit areas in the healthcare setting. The network, databases, hardware, software, and people are all important risk areas in the healthcare settings. The primary goal of audit in all areas is to identify vulnerabilities that may face patient data.
References
NIST (2018). Cyber Security Framework. Retrieved from https://www.nist.gov/cyberframework/new-framework#background

Australia Nursing Writing Help, Case Study Help, criminal justice essay writers, criminal law research essay writers

Published by

Essays

View all posts

RELATED ARTICLES

Annotated Bibliography on Domestic Violence

RESEARCH PAPER: ANNOTATED BIBLIOGRAPHY ASSIGNMENT INSTRUCTIONS OVERVIEW This assignment will help you begin the process of gathering information for your approved topic. You will find 10 peer-reviewed articles related to your topic. These will be used for your Research Paper: Final Submission Assignment. A strong understanding of a social problem will cover possible causes/risk factors, […]

Reliable and Expert Research Paper Writers

Research Paper Writing Services Writing research papers has been a fundamental task for students since their early academic years, spanning from high school to college levels. While many students possess the essential skills to craft effective research papers, a common challenge they encounter is the scarcity of time, a critical factor in the realm of […]

Implementing Shared Decision-Making Approach in Healthcare

Shared Decision-Making Paper Assignment The assignment will require you to write a 6 page paper formatted using APA 7th edition (this does not include the title or references page). Be sure to review the grading rubric and criteria for the assignment carefully and to include all aspects that are required as part of the assignment […]

In need of this paper or similar homework assignment answers? Order from us today and get the best custom writing services! Top grades - AI/plagiarsim free papers guaranteed

Place an order | Check price