Scenario: You are an information technology (IT) intern working for Health Network, Inc. (Health Network), a...

50.1K

Verified Solution

Question

General Management

Scenario: You are an information technology (IT) intern workingfor Health Network, Inc. (Health Network), a fictitious healthservices organization headquartered in Minneapolis, Minnesota.Health Network has over 600 employees throughout the organizationand generates $500 million USD in annual revenue. The company hastwo additional locations in Portland, Oregon and Arlington,Virginia, which support a mix of corporate operations. Eachcorporate facility is located near a colocation data center, whereproduction systems are located and managed by third-party datacenter hosting vendors.
Company Products Health Network has three main products:HNetExchange, HNetPay, and HNetConnect.
HNetExchange is the primary source of revenue for the company.The service handles secure electronic medical messages thatoriginate from its customers, such as large hospitals, which arethen routed to receiving customers such as clinics.
HNetPay is a Web portal used by many of the company’sHNetExchange customers to support the management of secure paymentsand billing. The HNetPay Web portal, hosted at Health Networkproduction sites, accepts various forms of payments and interactswith credit-card processing organizations much like a Web commerceshopping cart.
HNetConnect is an online directory that lists doctors, clinics,and other medical facilities to allow Health Network customers tofind the right type of care at the right locations. It containsdoctors’ personal information, work addresses, medicalcertifications, and types of services that the doctors and clinicsoffer. Doctors are given credentials and are able to update theinformation in their profile. Health Network customers, which arethe hospitals and clinics, connect to all three of the company’sproducts using HTTPS connections. Doctors and potential patientsare able to make payments and update their profiles usingInternet-accessible HTTPS Web sites.
Information Technology InfrastructureOverview
Health Network operates in three production data centers thatprovide high availability across the company’s products. The datacenters host about 1,000 production servers, and Health Networkmaintains 650 corporate laptops and company-issued mobile devicesfor its employees. Threats Identified Upon review of the currentrisk management plan, the following threats were identified:
) Loss of company data due to hardware being removed fromproduction systems ? Loss of company information on lost or stolencompany-owned assets, such as mobile devices and laptops
) Loss of customers due to production outages caused by variousevents, such as natural disasters, change management, unstablesoftware, and so on
) Internet threats due to company products being accessible onthe Internet
) Insider threats
*) Changes in regulatory landscape that may impact operationsManagement Request
Senior management at Health Network has determined that theexisting risk management plan for the organization is out of dateand a new risk management plan must be developed. Because of theimportance of risk management to the organization, seniormanagement is committed to and supportive of the project to developa new plan. You have been assigned to develop this new plan.
Additional threats other than those described previously may bediscovered when re-evaluating the current threat landscape duringthe risk assessment phase.
The budget for this project has not been defined due to seniormanagement’s desire to react to any and all material risks that areidentified within the new plan. Given the company’s annual revenue,reasonable expectations can be determined.
Project Part 2 Task 3: DisasterRecovery Plan (DRP)
Your project on risk management, the BIA, and the BCP have beenwell received by senior management at Health Network. They now wantyou to develop a DRP in order to overcome any mishaps that mightoccur in the future. You may research and use National Institute ofStandards and Technology (NIST) templates to develop a DRP plan forthe company.
Evaluation Criteria and Rubrics (Askthese questions to yourself)
Did I develop a DRP that could recover business operationswhile efforts are ongoing to restart pervious operations?
Did I completely fill out the template found in theirresearch?
Did I completely understand the DRP constructs presented inclass?
Did I create a professional, well-developed report with propergrammar, spelling, and punctuation?

Answer & Explanation Solved by verified expert

4.5 Ratings (833 Votes)

Please please please LIKE THIS ANSWER so that I can get a small benefit Please Introduction A risk is an event or provision that if it occur could have a positive or negative result on a projects objectives Risk Management is the procedure of identify assess respond to monitor and reporting risks This Risk Management Plan classifies how risks connected with the data maintain by different services provided by Health Network Inc will be recognized analyze and managed About Health Network Inc Health Network Inc is a supposed health services organization in Minnesota have its head quarters at Minneapolis The organization has an knowledgeable workforce of 600 employees and have an annual revenue of 500 million USD Besides deliver the health services the company offers a mix of corporate operations at its branches placed in Portland Oregon and Arlington Virginia all of the services of the organization is adjacent to a colocation data center manage by third party data center hosting vendors have production systems within them Products and service portfolio The company provides three products HNetExchange HNetPay and HNetConnect HNetExchange has the main share of the companys earnings This service routes the mail connected to patients securely between different clinics and hospitals HNetPay is a Web portal to execute all the payment transactions by the customers of the company to give their bills in return to the services subscribed HNetConnect is an online directory that lists doctors clinics and further medical services Overview of IT Infrastructure at Health Network Inc In order to make sure high availability across the companys products Health Network Inc operate in three production data centers which host about 1000 production servers Along with this The Health Network employees are supply with 650 laptops and companyissued mobile devices for operations and maintenance Scope Business Objectives Health Network Inc is aimed to provide secure and user friendly services to its customers ensure high accessibility all the time and reliability of the data being hosted and security to the information being exchanged through its services The deliverables of the company includes secure mail information exchange of the patients between various clinics and hospitals a web portal accepting secure payments and billing services and maintaining a directory of various hospitals and doctors The risks involved in the organization are due to Hardware theft Loss of mobile devices and laptops Software errors and natural disasters Internet threats Insider threats Changes in regulatory acts and laws Compliance laws and regulations The company is hosting healthcare and medical websites so it requires us to be compliant to laws and regulations surrounding secure See Answer

Get Answers to Unlimited Questions

Join us to gain access to millions of questions and expert answers. Enjoy exclusive benefits tailored just for you!

Membership Benefits:

Unlimited Question Access with detailed Answers
Zin AI - 3 Million Words
10 Dall-E 3 Images
20 Plot Generations
Conversation with Dialogue Memory
No Ads, Ever!
Access to Our Best AI Platform: Flex AI - Your personal assistant for all your inquiries!

Become a Member