Scenario
You are an IT security intern working for Health Network, Inc. (Health Network), a fictitious health services organization headquartered in Minneapolis, Minnesota. Health Network has over 600 employees throughout the organization and generates $500 million USD in annual revenue. The company has two additional locations in Portland, Oregon and Arlington, Virginia, which support a mix of corporate operations. Each corporate facility is located near a co-location data center, where production systems are located and managed by third-party data center hosting vendors.
Task:
- Research risk management plans.
- Create an outline for a basic risk management plan with anticipated section headings (as indicated in this numbered list). This plan will include a qualitative risk assessment
- Write an introduction to the plan by explaining its purpose and importance.
- Define the scope and boundaries of the plan.
- Research and summarize compliance laws and regulations that pertain to the organization. Keep track of sources you use for citation purposes.
- Identify the key roles and responsibilities of individuals and departments within the organization as they pertain to risk management.
- Develop a proposed schedule for the risk management planning process.
- Create a draft risk management plan detailing the information above. Format the plan similar to a professional business report and cite any sources you used.
Sample Solution