logo

Security Management and Governance for Griffith University Medical Centre (GUMC)

Develop a report presenting the needs and requirements to implement an ICT Security Program for Griffith University Medical Centre, including tasks, roles, and a preliminary Risk Assessment/Management Plan for the patient information system.

25 Pages4222 Words80 Views
   

Added on  2023-06-07

About This Document

The report aims at providing an overview of Security Management and governance in context of Griffith University Medical Centre (GUMC). The report puts forward a discussion on how the information security is managed in a better way through the development of Security Management Program. This also involves discussion about a program involving tasks and roles for the development of a Security Management Program. The report also puts forward a preliminary management plan or risk assessment including a contingency plan for managing the information of the patients.

Security Management and Governance for Griffith University Medical Centre (GUMC)

Develop a report presenting the needs and requirements to implement an ICT Security Program for Griffith University Medical Centre, including tasks, roles, and a preliminary Risk Assessment/Management Plan for the patient information system.

   Added on 2023-06-07

ShareRelated Documents
Running head: SECURITY MANAGEMENT AND GOVERNANCE
Security Management and Governance
Name of the Student:
Name of the University:
Author Note:
Security Management and Governance for Griffith University Medical Centre (GUMC)_1
1
SECURITY MANAGEMENT AND GOVERNANCE
Executive Summary:
The report aims at providing an overview of Security Management and governance in context of
Griffith University Medical Centre (GUMC). The report puts forward a discussion on how the
information security is managed in a better way through the development of Security
Management Program. This also involves discussion about a program involving tasks and roles
for the development of a Security Management Program. The report also puts forward a
preliminary management plan or risk assessment including a contingency plan for managing the
information of the patients.
Security Management and Governance for Griffith University Medical Centre (GUMC)_2
2
SECURITY MANAGEMENT AND GOVERNANCE
Table of Contents
Purpose of the Report:.....................................................................................................................3
Structure of the Report:...................................................................................................................3
Part A...............................................................................................................................................3
1. Benefits of an Ongoing Security Management Process and Reasons for Having a Policy.........3
2. Development of Security Policy and Security Management Plan...............................................5
3. a. Functions, Tasks, Roles and Responsibilities for Security Management Program of GUMC 6
b. Roles of Different Individuals / Groups in Terms of Governance..............................................7
4. Identify of Models for the development of a Security Management Program............................8
5. Implications of Legal and Statutory Requirements of Security Management Program..............8
Part B.............................................................................................................................................10
1. a. Benefits of Risk Management Plan........................................................................................10
b. Steps Necessary for Building a Risk Management Plan...........................................................10
c. Importance of Contingency Plan and Risk Analysis and Cost Benefit Analysis......................11
2. Threats, Vulnerabilities, and Attacks that Formal Risk Management Plan Manages...............11
3. Risk Management Plan and Recommendations based on Cost Benefit Analysis.....................12
4. Responsibility of the User and Vendor......................................................................................15
References:....................................................................................................................................16
Appendix:......................................................................................................................................18
Security Management and Governance for Griffith University Medical Centre (GUMC)_3
3
SECURITY MANAGEMENT AND GOVERNANCE
Security Management and Governance for Griffith University Medical Centre (GUMC)_4
4
SECURITY MANAGEMENT AND GOVERNANCE
Purpose of the Report:
The purpose of the report is to put forward the need and requirement for the
implementation of Information and communications technology (ICT) security system for the
Griffith University Medical Centre (GUMC) in Tasmania
Structure of the Report:
The report consists of two parts. The first part discusses about the benefits of Security
Management and the importance of the policies. There is also discussion about the security
policy and the security management plan. This portion of the report also provides a descriptive
analysis of tasks, roles, responsibilities and functions. There is also discussion about the
individual roles in governance, models relevant for developing security management program
along with an implication of the statutory and legal requirements. The second part of the report
talks about the process of risk assessment along with explanation of the benefits of risk
management plan. In this portion the report helps in the identification of the assets,
vulnerabilities, threats, suggested controls and the priority sets.
Part A
1. Benefits of an Ongoing Security Management Process and Reasons for Having a Policy
The benefits an ongoing Security Management process is as follows (Soomro, Shah and
Ahmed 2016):
1. It helps in securing all forms of information: A Security Management process
ensures protecting all kinds of paper based and digital information, company related secrets,
Security Management and Governance for Griffith University Medical Centre (GUMC)_5
5
SECURITY MANAGEMENT AND GOVERNANCE
intellectual property, data on cloud and on services along with personal information and hard
copies.
2. Enhances the Resilience Towards Cyber Attacks: A Security Management process
will enhance the organization’s resilience towards the cyber attacks
3. Represents a Centrally Managed Framework: An ongoing Security Management
process helps in keeping the information of the organization safe and thereby manage it from a
single place.
4. Protection to the Organization: The presence of Security Management system not
only protects the organization from technology-based risks but common threats like ineffective
procedures and poorly informed staffs.
5. Ensures Responding to the Evolving Security Related Threats: The Security
Management process helps in continuously adapting to the changes of the environment and
within the organization thereby reducing threats of the continuously evolving risk.
6. Reduction of Cost in terms of Information Security: The risk assessment and
analysis approach of Security Management process allows organizations in reducing the cost
indiscriminately spent on adding the layers of the defensive technology that may not work.
7. Allows Protection, Integration and Availability of Data: The Security Management
process offers set of procedures, policies, physical and technical control for protecting the
availability, confidentiality and the integrity of the information
Security Management and Governance for Griffith University Medical Centre (GUMC)_6

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Security of Intellectual Property for PIA
|16
|3017
|454

Security Management and Governance
|14
|3130
|34

Security Management and Governance
|17
|3817
|35

Developing a Security Management Program and Risk Assessment Plan for Power AI
|15
|3186
|124

Risk Assessment and Information Security System
|12
|3257
|145

Security Management and Governance for Power AI
|18
|4422
|57