logo

Report on Implementing Security Management Program at Griffith University Medical GUMC

Develop a report on implementing an ICT Security Program for GUMC, including a preliminary Risk Assessment/Management Plan and discussion of Costs and Benefits.

16 Pages3393 Words138 Views
   

Added on  2023-06-04

About This Document

This report discusses how information security can be better managed by GUMC organization. It covers the development of a security policy and plan, roles and responsibilities, and legal compliance.

Report on Implementing Security Management Program at Griffith University Medical GUMC

Develop a report on implementing an ICT Security Program for GUMC, including a preliminary Risk Assessment/Management Plan and discussion of Costs and Benefits.

   Added on 2023-06-04

ShareRelated Documents
Security Management and Governance 1
A Report on the Need to Implement Security Management Program at Griffith University
Medical GUMC
Student
Course
Tutor
Institutional Affiliations
State
Date
Report on Implementing Security Management Program at Griffith University Medical GUMC_1
Security Management and Governance 2
Abstract
The purpose of this document is to develop a report that discusses how information
security can be better managed by GUMC organization. Security management information is
akin to an organization’s nervous system. Security system management is a core component of
every organization activities as it embrace confidentiality, availability as well as integrity
assurance in an organization’s information system and assets. It as well minimize crisis such as
disasters that may compromise the organization’s operations.
Key words: Security management, risks, threats, assessments, NIST, GUMC.
Table of Contents
Report on Implementing Security Management Program at Griffith University Medical GUMC_2
Security Management and Governance 3
Abstract......................................................................................................................................................2
The development of a Security Policy and Security Management Plan................................................4
i. Information system assets to be secured......................................................................................5
ii. The reason why the policy security is developed.........................................................................5
iii. Mission and vision......................................................................................................................5
iv. Identify who will take responsibility.........................................................................................6
v. Draft a policy..................................................................................................................................6
Security management plan........................................................................................................................6
The functions, tasks, roles and responsibilities that need to be defined for the Security Management
Program.....................................................................................................................................................7
The roles of different individuals/groups would play in terms of governance in general....................7
GUMC administrator............................................................................................................................8
Chief information officer......................................................................................................................8
The entire information management team in the organization will guarantee the following:.........9
The model that would be useful in development of security management plan in GUMC’s case.....10
The legal and statutory that will be addressed......................................................................................10
Reference list............................................................................................................................................11
Appendix..................................................................................................................................................13
Risk Assessment/Management............................................................................................................13
Assessment process..........................................................................................................................13
Risk identification............................................................................................................................14
Threats identified in patient information area..................................................................................15
Priorities set to mitigate the risks.......................................................................................................15
Report on Implementing Security Management Program at Griffith University Medical GUMC_3
Security Management and Governance 4
Introduction
Security management is an overreaching process that involves protection of systems,
network as well as other information assets to prevent them from security threats. The benefits
that various organizations have achieved by security management plan are far reaching. Security
management planning creates indicators that help in identifying a potential hazard occasion and
give an early cautioning (Subashini, and Kavitha, 2011, pp.1-11). Key estimations and
estimations of danger moreover improve the advantage of reporting an examination and enable
to track potential vulnerabilities that can compromise system.
Another noteworthy advantage is that security management plan prompts detection of
hazards. Security management planning facilitates detection and examination of security dangers
that may compromise system thus initiating immediate action (Whitman, and Mattord, 2013,
pp.11). Following the indispensable advantages of implementing the security management
technique, it is imperative that every organization adopt the security management program
(Ernest Chang, and Lin, 2007, pp.438-458; Robson, 2015, pp. 31). The Griffith University
Medical GUMC is no exception. As a critical action to venture into this fundamental aspect, the
organization personnel shall take their roles and responsibilities as defined in the following
section.
The development of a Security Policy and Security Management Plan
Security policy refer to procedures that governs the use of information system in an
organization. The primary objective of security policy is to protect an organization’s information
system from cyber-attacks (Peltier, 2016, pp.234-246). This section focus on development of
Report on Implementing Security Management Program at Griffith University Medical GUMC_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Security Management and Governance for Griffith University Medical Centre (GUMC)
|25
|4222
|80

Risk Assessment and Information Security System
|12
|3257
|145

Security Management and Governance
|17
|3817
|35

Cybersecurity Assignment 2022
|12
|3058
|22

An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments
|31
|5779
|484

Information Governance and Cyber Security
|17
|6166
|47