Develop a Security Analysis and Risk Assessment Plan For A Hospital
- Country :
Australia
Task:
Assessment 1.
A large hospital in South Australia has asked you (as the new Information Security Manager) to develop and implement an Information Security Contingency Plan. You have already performed a Security Analysis and Risk Assessment (Assessment 1) and this phase is to create the plan outline. It will be an overview of the elements of the contingency plan and should be a well researched, supported and logically structured report which can be presented to all the hospital staff.
The report should include an outline of the four components a contingency plan as they relate to the hospital. You should include the basic activities will need to be undertaken and who should be involved in these tasks. The report must include a timeline; contain suggestions for how each task can be completed and what resources will be required. Explicitly indicate the outputs (documentation etc) that will make up the contingency plan.
Assessment Criteria.
Please see the Marking Key for this assessment. In general, the report will be assessed for:
• clarity and conciseness,
• readability for the intended audience, and
• completeness of the explanations and instructions.
Assessment 2 is the outline of what needs to be in the plan for the four sections of a contingency plan (CP):
1. Business Impact Analysis (BIA)
2. Incident Response (IR)
3. Disaster Recovery (DR)
4. Business Continuity (BC)
Please ensure you are writing this for the context of the hospital, not just a generic plan,