Question

In: Computer Science

Plan, Develop and Manage a Security Policy Background: Consider that the Commonwealth Government of Australia is...

Plan, Develop and Manage a Security Policy

Background:

Consider that the Commonwealth Government of Australia is planning to launch ‘My Health Record’ a secure online summary of an individual’s health information. The system is available to all Australians, My Health Record is an electronic summary of an individual’s key health information, drawn from their existing records and is designed to be integrated into existing local clinical systems.

The ‘My Health Record’ is driven by the need for the Health Industry to continue a process of reform to drive efficiencies into the health care system, improve the quality of patient care, whilst reducing several issues that were apparent from the lack of important information that is shared about patients e.g. reducing the rate of hospital admissions due to issues with prescribed medications. This reform is critical to address the escalating costs of healthcare that become unsustainable in the medium to long term.

Individuals will control what goes into their My Health Record, and who is allowed to access it. An individual’s My Health Record allows them and their doctors, hospitals and other healthcare providers to view and share the individual’s health information to provide the best possible care.

The 'My Health Record' is used by various staff such as System Administrator, Doctor, Nurse, Pathologist and Patient. In order to convey and demonstrate the rules and regulations to the users of this system, Commonwealth Government of Australia needs a security policy.

You are employed as the Security Advisor for the organisation. The task that is handed to you by the Chief Information Officer now is to create, develop and manage "System Access Security Policy" for atleast any 3 users of the system.

Plan a Security Policy

  • Identify and explain the role of planning for security policy.
  • Identify and discuss the best strategic planning for security policy.
  • Explain the resources planning required for security policy.
  • Anything else you think is reasonable to place into a Plan for Security Policy based on what you have learnt.

Develop a Security Policy

  • Define the intent and rationale of the policy.
  • Any definitions which are used through out the document.
  • Responsibilities of individuals i.e. those who enforce the guideline.
  • Scope of the policy i.e. who and what it effects.
  • Anything else you think is reasonable to place into a Develop for Security Policy based on what you have learnt.

Manage a Security Policy

  • Describe how to monitor policy.
  • Explain how to control policy.
  • Identify and explain the major outcome of policy.
  • Explain how do you update policy time to time.
  • Anything else you think is reasonable to place into a Manage for Security Policy based on what you have learnt.

Conclusion.

Solutions

Expert Solution


Related Solutions

Part One Plan, Develop and Manage a Security Policy (10 marks) Background: Consider that the Commonwealth...
Part One Plan, Develop and Manage a Security Policy Background: Consider that the Commonwealth Government of Australia is planning to launch ‘My Health Record’ a secure online summary of an individual’s health information. The system is available to all Australians, My Health Record is an electronic summary of an individual’s key health information, drawn from their existing records and is designed to be integrated into existing local clinical systems. The ‘My Health Record’ is driven by the need for the...
Research and include the following: Security Risk Mitigation Plan: Develop education plan for employees on security...
Research and include the following: Security Risk Mitigation Plan: Develop education plan for employees on security protocols and appropriate use. Provide risk response. Avoidance Transference Mitigation Acceptance Address change Management/Version Control. Outline acceptable use of organizational assets and data. Present employee policies (separation of duties/training).
Describe with examples, the various layers of security that are critical to your security plan policy.
Describe with examples, the various layers of security that are critical to your security plan policy.
Define, discuss and develop information security policy with all its elements.
Define, discuss and develop information security policy with all its elements.
Develop a communication plan for an airport security project. The project entails installing the hardware and...
Develop a communication plan for an airport security project. The project entails installing the hardware and software system that (1) scans a passenger’s eyes, (2) fingerprints the passenger, and (3) transmits the information to a central location for evaluation.
Imagine that you are the Information Security Officer (ISO) of your organization. Develop a plan to...
Imagine that you are the Information Security Officer (ISO) of your organization. Develop a plan to conduct a Web application penetration test on your network. Identify and explain all steps necessary to successfully complete the test.
In point form only, develop a plan to ensure food security for when the world population...
In point form only, develop a plan to ensure food security for when the world population reaches 10-12 billion people explaining how each of those 20 points will result in food security. Why would food security be impossible if the population exceeds 10-12 billion people
Outline the major security issues related to mobile application technologies and Develop a policy and procedure...
Outline the major security issues related to mobile application technologies and Develop a policy and procedure for one of the major security issues you outlined
a) Government motive for introducing competition policy is a positive action since the incentive to develop...
a) Government motive for introducing competition policy is a positive action since the incentive to develop new production process in general is higher among competitive firms as compared to monopoly. Discuss. ( 40 marks) b) Discuss the factors that facilitate and hinder effective collusion among oligopolistics firms. ( 40 marks)
Consider a system that combines the Military security policy andBell-LaPadula confidentiality model. Given the security...
Consider a system that combines the Military security policy and Bell-LaPadula confidentiality model. Given the security levelsTOP SECRET, SECRET, CONFIDENTIAL, andUNCLASSIFIED (ordered from highest to lowest), and compartments Students, Faculty, Staff, andContractors specify what type of access (read, write, both, none) is allowed in each of the following situations.a) John, cleared for (TOP SECRET, {Faculty, Staff, Students}), wants to access a document classified as (TOP SECRET, {Faculty, Staff, Contractors}).b) Bill, cleared for (CONFIDENTIAL, {Faculty, Students}), wants to access a document...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT