Information System Control & Auditing Report: Healthcare Security

Verified

Added on 2022/09/12

AI Summary

This report addresses information system control and auditing within the healthcare sector, emphasizing cybersecurity measures to secure sensitive data. It explores the importance of robust security policies, employee training, and the implementation of antivirus software and strong passwords to prevent unauthorized access. The report details various audit procedures, including security policies audits, website security audits, application security audits, infrastructure security audits, and server security audits. It also highlights the significance of risk management, covering potential threats like data breaches, cloud abuse, and malware attacks. The conclusion emphasizes the need for comprehensive policies and employee awareness to maintain a secure healthcare management system, discussing potential modifications based on the presented framework.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: INFORMATION SYSTEM CONTROL & AUDITING
INFORMATION SYSTEM CONTROL & AUDITING
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1INFORMATION SYSTEM CONTROL & AUDITING
Table of Contents
Introduction................................................................................................................................2
Description.................................................................................................................................2
Conclusion..................................................................................................................................4
Referencing................................................................................................................................5

2INFORMATION SYSTEM CONTROL & AUDITING
Introduction
Cybersecurity is a huge issue that has to be maintained properly to get the solution for
making the health care system more secured. That is why it can be stated that various task
completion should be maintained to get the system secured. There are several process that
should be followed to make the framework properly acceptable for the organization. In the
following report the robustness, integrity, availability, and the framework modification
procedure will be properly addressed to make the audit for the organization(Pan and
Seow,2016).
Description
 There are several small points that needed to be considered to make the system more
flawless and proper to make the situation better. There are malware and threat can
attack the system for the sensitive data that is why these steps should be modified.
First of all, the cybersecurity training and the education of the employee is needed for
the employee maturity to save the system. Another aspect is, those mobile containing
the various documents should be properly protected (Rikhardsson and Dull, 2016).
The newly recruited employee should properly be trained, they will help to protect the
system with the device maintenance procedure. The used computer should be
firewall-protected, it will prevent various attacks from the unauthorised system. The
legal and repute antivirus should be installed in the systems to protect the system
properly. The proper updating of the anti-virus should help to prevent the system from
the new released viruses. Also the strong password is needed to complete the
procedure of the security; for this reason symbol, numeric and alphabet key mixture
will be needed to hack the system properly (Knechel and Salterio,2016). The network

3INFORMATION SYSTEM CONTROL & AUDITING
access should be limited to make the system better. Physical devices theft should be
protected; otherwise various data may be lost for this reason. Some Audit procedures:
1. Security policies Audit: The main security of the organization should be
protected to make the attacks protected/.
2. Website Security Audit: The website attacks should be prevented, also the
system checking will help to protect the system appropriately.
3. Application security audit: the application used for the company is needed to
be protected, otherwise network attack will hamper the situation hugely.
4. Infrastructure security audit: The infrastructure with the proper management
should be checked to make the system better.
5. Server security audit: The server is used to maintain the data access
appropriately, so auditing the server will help to identify the negative point of
the companies.
The cybersecurity programme, Risk management, Core improvement and the tier
modification is needed to complete the procedure properly to get the task done. In the
cybersecurity programme, the scope and the priority should be properly maintained to
make the framework better (Cherdantseva et al.,2016). The cybersecurity implementation
can be calculated to make complete the situation and the tier. The business line should be
maintained with the orient completion. The framework core will be helpful to create the
current profile properly which will support the subsequence (Adamyk, Adamyk and
Khorunzhak.,2018).
 The risk assessment is needed to be modified properly to get the solution done. A
target profile will help to address the categories and subcategorise data which will
help to submit the situation inappropriate way. Except that the gaps analysis and the

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4INFORMATION SYSTEM CONTROL & AUDITING
action plan will help to protect the system. Also, the integrity and the robustness
should be modified to make the system more powerful. Another primary area is Risk
management. There are several scopes where the cyber-attack can be done in the
system if the Risk will be not properly addressed. The data breach problem, cloud
abuse, malware attack, loss of data, data breach should be properly maintained to get
the task done. That is why not only the risk management, an employee should have to
be aware to prevent this situation.
 The security polies will help to manage the system appropriately. It can be said that
the proper usage of the antivirus, secured system, appropriate backup will help to
protect the system (Alles et al.,2018). The website surety audit will trace the lack of
the networking system. Also the malicious attacks that has been situated through the
business may affect the system appropriately. The server maintenance and audit will
help to analyse the data completion appropriately to manage the data simulation
properly. The infrastructure should be maintained with the proper method that is how
the system should be updated. Also, training is needed to create the awareness
between the systems. That is how the system should be benefited.
Conclusion
It can be concluded that polices are needed to be applied to those discussed area to
make the hospital management system secured. There are several tasks that has to be
maintained properly to get the task done for task completion. Not only should the
consciousness of the employee, but the system also is properly secured to make the path
profitable. There are several tasks that can be modified with the discussed framework. The
usual attacks and the emails are the main gateways, which will target the data system
properly to get the task done for the completion.

5INFORMATION SYSTEM CONTROL & AUDITING

6INFORMATION SYSTEM CONTROL & AUDITING
Referencing
Adamyk, O., Adamyk, B., & Khorunzhak, N. (2018). Auditing of the Software of Computer
Accounting System.
Alles, M., Brennan, G., Kogan, A., & Vasarhelyi, M. A. (2018). Continuous monitoring of
business process controls: A pilot implementation of a continuous auditing system at
Siemens. In Continuous Auditing: Theory and Application (pp. 219-246). Emerald
Publishing Limited.
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., & Stoddart, K.
(2016). A review of cyber security risk assessment methods for SCADA
systems. Computers & security, 56, 1-27.
Knechel, W. R., & Salterio, S. E. (2016). Auditing: Assurance and risk. Routledge.
Pan, G., & Seow, P. S. (2016). Preparing accounting graduates for digital revolution: A
critical review of information technology competencies and skills
development. Journal of Education for business, 91(3), 166-175.
Rikhardsson, P., & Dull, R. (2016). An exploratory study of the adoption, application and
impacts of continuous auditing technologies in small businesses. International
Journal of Accounting Information Systems, 20, 26-37.