Description
Preparation: Choose a real or hypothetical organization, corporation (profit or non-profit), or institution that uses IT in its product, services, activities, and/or operations. If you work in an organization or field that could benefit from an information network security policy, you might wish to apply the project to it.
Assignment: Prepare a well-written security policy proposal for your organization that utilizes the concepts learned in the course as a basis for your analysis and policy.
Make sure that your proposal includes the basic elements of a good security policy including:
- Introduction describing your organization and describing its mission, products/services, technical resources, and technical strategy
- Analysis of the organization’s relationships to its clients/customers, staff, management, and owners or other stakeholders
- A vulnerability assessment
- Your recommendation, including:
- Proposed remedial measures (as appropriate to the situation; these might include firewall/gateway provisions, authentication and authorization, encryption systems, intrusion detection, virus detection, incident reporting, education/training, etc.
- Proposed code of ethics or code of practice to be applied within the organization
- Legal/compliance requirements and description of how they will be met
- Proposed security policy statement/summary
Explanation & Answer
Running head: SECURITY POLICY PLAN- METHODIST HEALTH SCIENCE COLLEGE 1
Security Policy Plan for Methodist Health Science College
Name
Institution
SECURITY POLICY PLAN- METHODIST HEALTH SCIENCE COLLEGE
2
Security Policy Plan for Methodist Health Science College
Introduction
The adoption of the Electronic Medical Records by all health maintenance organizations
is one of the initiatives that has been put across by the government to ensure that the confidential
information of the particular health organization either relating to the patient are well taken of.
In keeping with this information, other organizations have taken the initiative of protecting and
safeguarding confidential information. With this regard, I consider one of the institutions that
have taken the initiative to implement information systems. The institution under consideration is
the Methodist health science college which has adopted the information systems security policy
with the primary aim of structuring a representative framework for the information systems
policy planning. The policy will ensure that there is an efficient implementation of an efficient
information system security (Stair & Reynolds, 2013). The motive is to protect and to secure the
high-risk data such as the electronic protected health information within the department of health...