Risk Analysis Assignment You will be given a set of anticipated threats. You will then be asked to discuss potential controls and any breach-of-confidentia

Risk Analysis Assignment You will be given a set of anticipated threats. You will then be asked to discuss potential controls and any breach-of-confidentiality activities. Based on this information, you will create a risk analysis and plan. Risk Analysis: Instructions and Worksheet
Instructions
ABC is a healthcare organization located in the Midwest who just hired their first security officer.
The organization does not have any security controls in place to include policies, reasonable
safeguards, and security measures. The first thing the new security officer does is to identify a
list of potential threats to the organization, which are listed below.
Reasonably Anticipated Threats
(1) Virus, worm, or other types of malicious code
(2) Unintentional workforce behavior—Careless acts or errors, accidental disclosures or destruction
of protected health information (PHI), or computer misuse
(3) Intentional workforce behavior—Unauthorized access, disclosures or destruction of PHI,
software license violations, or computer misuse
(4) Tampering—Programming a backdoor or trap door, installing rogue devices or sniffers, or denial
of service attacks
(5) Programming errors, software failure, or bugs
(6) Theft—Property (hardware/software/data) and identity theft
(7) Hardware or mechanical failure
(8) Power failure, fluctuation, or electrical disturbance
After evaluating the threats, the new security officer identifies a list of controls, listed below,
that could be put in place to mitigate the threat(s).
Controls
a. Policies, procedures, plans, standards, and so on.
b. Training and awareness
c. Authentication and access controls
d. Anti-virus software
e. Uninterruptible power source (UPS) and generators
f. Workforce background checks
g. Privacy or anti-glare screens
h. Fireproof media safe (for backups)
i. Encryption
j. Auditing and monitoring
k. Surveillance cameras
l. Door alarms
m. Vulnerability scanners
n. Configuration management and change control
o. Business continuity planning
p. Disaster recovery planning
q. Incident response procedures
r. Data backup or redundancy systems
Your job is to help the security officer place the appropriate control to each threat. Using the
worksheet below, identify which threats could be addressed by each control; keep in mind that
multiple controls can be used to address each threat. Once you have identified which threat
addresses each control and have completed the worksheet, pick a threat and prepare a oneRisk Analysis: Instructions & Worksheet | 1
page Word document describing how you would implement the controls for that threat. This
Word document will be presented to the new security officer.
Your plan should be at least one page in length, following APA formatting, and include all
references appropriately cited.
Worksheet
CONTROL AND THREAT WORKSHEET
CONTROL
THREAT
(1) Virus, worm, or other types of malicious code
(2) Unintentional workforce behavior—Careless acts or
errors, accidental disclosures or destruction of
protected health information (PHI), or computer misuse
(3) Intentional workforce behavior—Unauthorized
access, disclosures or destruction of PHI, software
license violations, or computer misuse
(4) Tampering—Programming a backdoor or trap door,
installing rogue devices or sniffers, or denial of service
attacks
(5) Programming errors, software failure, or bugs
(6) Theft—Property (hardware/software/data) and
identity theft
(7) Hardware or mechanical failure
(8) Power failure, fluctuation, or electrical disturbance
Risk Analysis: Instructions & Worksheet | 2
RISK ANALYSIS OVERVIEW
Instructions
You will be given a set of anticipated threats. You will then be asked to discuss potential controls and
any breach-of-confidentiality activities. Based on this information, you will create a risk analysis and
plan. The total points of this assignment is 30 points.
For more instructions, view the Risk Analysis Assignment (Links to an external site.)Links to an external
site. document.

Purchase answer to see full
attachment