Question
Bandos051814Need help with a question
a year ago
60
files (3)Wk1_413.docx
CYB413_v2_BCC_BSC_Template.pptx
CYB413_v2_Best_Care_Community_Profile_for_Development_of_the_Information_Security_Program.docx
Wk1_413.docx
Assignment Content
1.
Top of Form
As the newly hired chief information security officer (CISO), you are tasked with developing the Best Care Community (BCC) hospital’s information security program. There is no information security program in place, and your first task is to create the enterprise information security strategy that encompasses the company’s mission, goals, and objectives, as well as appropriately reflects the risk tolerance and risk appetite of the company as a whole.
Review the Best Care Community Profile for Development of the Information Security Program to become familiar with the mission of the hospital.
This week you will complete the first steps of the initiative to develop the BCC enterprise information security strategy.
Part 1
Create a 14- to 16-slide Microsoft® PowerPoint® informative presentation for the BCC leadership in which you:
· Describe the three phases of strategic planning.
· Diagram the three strategic planning phases with each of the five information security tasks as outlined in the BCC profile, mapping each to its respective strategic planning phase.
· Describe the balanced scorecard domains.
· Map the BCC business objectives into the appropriate balanced scorecard domains.
· Recommend a prioritized list of BCC information security objectives mapped to the business objectives.
· Map the BCC information security objectives into the appropriate balanced scorecard domains in a matrix format that depicts the objectives and initiatives.
Include a title slide.
Note: There will be two balanced scorecard sets: one for the business objectives and one for the information security objectives. The BCC BSC Scorecard Template provides a template for the scorecards in each domain. You will need to duplicate and label the scorecard slides in the template to create two sets of balanced scorecards, as well as add appropriate slides for the additional required content.
Part 2
Write a 2- to 3-page report that recommends one of the enterprise control frameworks. Your report should:
· Describe your chosen enterprise architecture framework.
· Determine how the business objectives correspond to the information security strategic objectives.
· Explain how the enterprise architecture framework can be used to achieve business and information security alignment.
Bottom of Form
CYB413_v2_BCC_BSC_Template.pptx
Copyright © 2020 by University of Phoenix. All rights reserved.
BCC Scorecard
Copyright © 2020 by University of Phoenix. All rights reserved.
Financial
| Financial | ||
| Objective | Initiative | Measurement |
Copyright © 2020 by University of Phoenix. All rights reserved.
Financial
| Customer | ||
| Objective | Initiative | Measurement |
Copyright © 2020 by University of Phoenix. All rights reserved.
Financial
| Internal Business Process | ||
| Objective | Initiative | Measurement |
Copyright © 2020 by University of Phoenix. All rights reserved.
Financial
| Learning & Growth | ||
| Objective | Initiative | Measurement |
image8.png
image1.jpg
CYB413_v2_Best_Care_Community_Profile_for_Development_of_the_Information_Security_Program.docx
CYB/413 v2
Best Care Community Profile for Development of the Information Security Program
CYB/413 v2
Page 2 of 2
Best Care Community Profile for Development of the Information Security Program
Overview
Best Care Community (BCC) has hired you as a chief information security officer (CISO) to create and implement an information security program. Throughout the years, BCC has conducted its information security in an ad hoc, reactive manner with a few security technicians. With the growth and proliferation of information threats, an aggressive and disciplined security strategy and posture is now required to ensure that BCC can protect its data and assets.
Information Security Tasks for Developing the Information Security Program
As the CISO, you are responsible for completing the following tasks in support of developing the information security program:
· Develop the BSS enterprise strategic plan aligned to established business objectives. The plan will include:
· Information security mission and objectives
· Balanced scorecard for each domain
· Control framework and its major security areas to be assessed (COBIT or ISO 27002)
· SWOT analysis of the internal and external assessment
· Operational action plan based on the information security objectives
· Create key performance indicators (KPIs) to measure the BCC enterprise strategic plan
· Develop BCC’s information security budget
· Prepare a capital budget plan
· Create a process for vendor management
Note: You will submit weekly milestone assignments in Weeks 1-5. Additionally, in Week 5, you will submit a summary proposal of your BCC information security strategy recommendations. Use this profile as a reference and resource.
Best Care Community Mission and Objectives
Best Care Community Mission
BCC’s mission is to enable the community and the individuals within it to enjoy maximum health by providing illness and injury care with the utmost excellence and compassion.
Patient satisfaction is the foundational strategy by which Best Care Community will attain its mission. It encompasses patient outcomes, compliance scores, patient and visitor experiences within the hospital, and the community’s perception of Best Care Community as a corporate neighbor and community member.
Increase Revenue
Providing excellent care requires money. Best Care Community seeks to maximize revenue wherever ethically possible through a strategy that captures, retains, and grows revenue.
Maximize Operational Efficiencies
Maximizing operational efficiencies helps Best Care Community get the most value out of each dollar of revenue. Efficient operations also directly affect the patient experience and overall patient and visitor satisfaction.
Gain Positive Returns on Capital Investments
Ensuring that new initiatives show a tangible return on investment (ROI).
Business Objectives
Best Care Community has identified the following objectives to support its mission and strategies:
· Improve the patient experience
· Broaden the revenue mix among the enterprise
· Improve operating efficiency
· Improve enterprise financial heath
· Cultivate informed leadership
· Hire key professional talent
· Develop employees through formal professional development programs
· Introduce new technologies to improve workflows, processes, and patient services
· Increase employee productivity
· Leverage assets and resources to centralize and automate processes
· Reduce the total cost of ownership (TCO) with respect to the IT infrastructure and HIT systems
· Leverage cloud-based solutions to improve fiscal and operational efficiencies
Best Care Community Profile
Best Care Community has one acute care hospital that operates with the common health IT (HIT) systems supporting these typical services:
· Clinical functions
· Radiology
· Cardiology
· Laboratory
· Bedside monitoring
· Infusion management
· Emergency department
· Labor and delivery
· Critical/urgent care (internal and external)
· Physician offices (internal and external)
· Non-clinical functions (business/finance/registration)
· Patient billing
· Patient registration
· Patient scheduling
· Reporting
· Materials management
· Bed capacity management
· Health information management
· Critical enterprise HIT systems (these are the heart of the HIT system components)
· Electronic health record (EHR)/electronic medical record (EMR)
· Clinical decision support (CDS)
· Patient registration system
· Patient billing system
Best Care Community Information Security Objectives
Using this initial set of information security objectives, BCC has tasked the CISO to develop the BCC information security program. The CISO will review the list of information security objectives for accuracy and completeness, using the following guidelines:
· Protect the confidentiality, integrity, and availability of the BCC data, assets, and systems.
· Reduce exposure to regulatory fines.
· Prevent loss of business due to malicious disruption.
· Avoid tarnished reputation from a significant data breach.
· Create a risk-based security culture through a proactive risk management framework.
· Establish countermeasures to protect BCC’s data and assets from theft, disclosure, or misuse.
· Improve compliance with security regulatory requirements, such as HIPAA, FDA, and DEA.
· Ensure BCC can continue business operations in the event of a significant information security incident.
· Develop information security employees through formal professional development programs.
Best Care Community Balanced Scorecard
The CISO has the task to complete an information security balanced scorecard based on the traditional four-domain model, as seen in Figure 1 below, that includes four domains consisting of:
· Financial
· Internal business processes
· Learning and growth
· Customer
The information security scorecard supports BCC’s information security strategic planning efforts. The BCC asks the CISO to align information security activities to the BCC objectives using the following model where the objectives, initiatives, and means of measurement are charted for each of the four domains to support the BCC’s mission and strategy. Maintaining the balanced scorecard will help BCC monitor its performance against the strategic business objectives and information security initiatives.
Figure 1: Best Care Community Scorecard
Copyright 2020 by University of Phoenix. All rights reserved.
Copyright 2020 by University of Phoenix. All rights reserved.
image1.png
image2.jpeg
- 12 Assignments on Construction Safety
- final paper
- 7 PAGES
- For maths_stats_tutor- Statistics
- ACCT 301 Week 5 Entire Course
- Need help In Marketing consumer behavior assignment(please check all files before contacting )
- Ashford BUS311
- budgetary planning and control
- Economic Reforms of Uzbekistan
- just for zeek the geek
