Please create a Risk Mitigation Plan for this scenario. Scenario: You are an information technology (IT) intern...

90.2K

Verified Solution

Question

Programming

Please create a Risk Mitigation Plan for thisscenario.
Scenario: You are an information technology (IT) intern workingfor Health Network, Inc. (Health Network), a fictitious healthservices organization headquartered in Minneapolis, Minnesota.Health Network has over 600 employees throughout the organizationand generates $500 million USD in annual revenue. The company hastwo additional locations in Portland, Oregon and Arlington,Virginia, which support a mix of corporate operations. Eachcorporate facility is located near a colocation data center, whereproduction systems are located and managed by third-party datacenter hosting vendors.
Company Products Health Network has three main products:HNetExchange, HNetPay, and HNetConnect.
HNetExchange is the primary source of revenue for the company.The service handles secure electronic medical messages thatoriginate from its customers, such as large hospitals, which arethen routed to receiving customers such as clinics.
HNetPay is a Web portal used by many of the companyâ€™sHNetExchange customers to support the management of secure paymentsand billing. The HNetPay Web portal, hosted at Health Networkproduction sites, accepts various forms of payments and interactswith credit-card processing organizations much like a Web commerceshopping cart.
HNetConnect is an online directory that lists doctors, clinics,and other medical facilities to allow Health Network customers tofind the right type of care at the right locations. It containsdoctorsâ€™ personal information, work addresses, medicalcertifications, and types of services that the doctors and clinicsoffer. Doctors are given credentials and are able to update theinformation in their profile. Health Network customers, which arethe hospitals and clinics, connect to all three of the companyâ€™sproducts using HTTPS connections. Doctors and potential patientsare able to make payments and update their profiles usingInternet-accessible HTTPS Web sites.
Information Technology InfrastructureOverview
Health Network operates in three production data centers thatprovide high availability across the companyâ€™s products. The datacenters host about 1,000 production servers, and Health Networkmaintains 650 corporate laptops and company-issued mobile devicesfor its employees. Threats Identified Upon review of the currentrisk management plan, the following threats were identified:
? Loss of company data due to hardware being removed fromproduction systems ? Loss of company information on lost or stolencompany-owned assets, such as mobile devices and laptops
? Loss of customers due to production outages caused by variousevents, such as natural disasters, change management, unstablesoftware, and so on
? Internet threats due to company products being accessible onthe Internet
? Insider threats
? Changes in regulatory landscape that may impact operationsManagement Request
Senior management at Health Network has determined that theexisting risk management plan for the organization is out of dateand a new risk management plan must be developed. Because of theimportance of risk management to the organization, seniormanagement is committed to and supportive of the project to developa new plan. You have been assigned to develop this new plan.
Additional threats other than those described previously may bediscovered when re-evaluating the current threat landscape duringthe risk assessment phase.
The budget for this project has not been defined due to seniormanagementâ€™s desire to react to any and all material risks that areidentified within the new plan. Given the companyâ€™s annual revenue,reasonable expectations can be determined.
Please create a Risk Mitigation Plan
Senior management at Health Network allocated funds to support arisk mitigation plan, and have requested that the risk manager andteam create a plan in response to the deliverables produced withinthe earlier phases of the project. The risk mitigation plan shouldaddress the identified threats described in the scenario for thisproject, as well as any new threats that may have been discoveredduring the risk assessment. You have been assigned to develop thisnew plan.

Answer & Explanation Solved by verified expert

3.9 Ratings (447 Votes)

Introduction A risk is an event or provision that if it occur could have a positive or negative result on a projects objectives Risk Management is the procedure of identify assess respond to monitor and reporting risks This Risk Management Plan classifies how risks connected with the data maintain by different services provided by Health Network Inc will be recognized analyze and managed About Health Network Inc Health Network Inc is a supposed health services organization in Minnesota have its head quarters at Minneapolis The organization has an knowledgeable workforce of 600 employees and have an annual revenue of 500 million USD Besides deliver the health services the company offers a mix of corporate operations at its branches placed in Portland Oregon and Arlington Virginia all of the services of the organization is adjacent to a colocation data center manage by third party data center hosting vendors have production systems within them Products and service portfolio The company provides three products HNetExchange HNetPay and HNetConnect HNetExchange has the main share of the companys earnings This service routes the mail connected to patients securely between different clinics and hospitals HNetPay is a Web portal to execute all the payment transactions by the customers of the company to give their bills in return to the services subscribed HNetConnect is an online directory that lists doctors clinics and further medical services Overview of IT Infrastructure at Health Network Inc In order to make sure high availability across the companys products Health Network Inc operate in three production data centers which host about 1000 production servers Along with this The Health Network employees are supply with 650 laptops and companyissued mobile devices for operations and maintenance Scope Business Objectives Health Network Inc is aimed to provide secure and user friendly services to its customers ensure high accessibility all the time and reliability of the data being hosted and security See Answer

Get Answers to Unlimited Questions

Join us to gain access to millions of questions and expert answers. Enjoy exclusive benefits tailored just for you!

Membership Benefits:

Unlimited Question Access with detailed Answers
Zin AI - 3 Million Words
10 Dall-E 3 Images
20 Plot Generations
Conversation with Dialogue Memory
No Ads, Ever!
Access to Our Best AI Platform: Flex AI - Your personal assistant for all your inquiries!

Become a Member