2173 Salk Avenue, Suite 250 Carlsbad, CA

support@assignmentprep.info

COMPETENCIES 4115.1.1 : Evaluates a System Security Plan The learner evaluates a

April 3, 2024

COMPETENCIES
4115.1.1 : Evaluates a System Security Plan
The learner evaluates a system security plan in line with business organizational strategy and regulatory compliance requirements.
4115.1.2 : Develops a Remediation Plan for Compliance
The learner develops a remediation plan for security and privacy compliance issues.
INTRODUCTION
Throughout your career in cybersecurity management, you will be asked to develop and improve an IT department to support a company’s strategic goals and mission. Assessments of the organization’s cybersecurity posture will need to be conducted to secure the company’s information and systems. The organization’s leadership may decide to hire external consultants to do this assessment. The consultants will review the security policies, standards, procedures, and guidelines that are used to secure the company’s assets. Additionally, they will look at compliance issues, personnel roles and assignments, continuity plans, and overall risk management.
In this task, you will serve as a chief information security officer (CISO) to review a security assessment report provided by an external consulting firm (see the attached “Security Assessment Report for Fielder Medical Center”). You will confirm or reject the findings by evaluating the focus points of the security assessment report and will develop a remediation plan for compliance based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Rev. 5 and your company’s business needs.
SCENARIO
Fielder Medical Center (FMC) is a federally funded healthcare facility that seeks to expand its business into the local sale of medical equipment. As FMC sought to improve its data management in alignment with digitization goals, it implemented a system to manage the licensing, certificates, and relevant professional documents for the doctors working at FMC. Doctors are required to log in and upload sensitive artifacts that prove they are current in their licensing to practice. These artifacts may contain personally identifiable information about the doctor, including real name, home address, social security number, and other sensitive data.
Aside from the digitization of data for convenient management within FMC, the main purpose of this system is to allow access by the government for the purpose of validating information and securing federal funds on a recurring annual basis.
Concerns about security were discussed at a recent board meeting, and an external security consulting firm was hired to conduct a security assessment of FMC’s systems. This report identifies several potential compliance issues that would require the system security plan (SSP) to be updated, including security controls that are in place or planned for meeting system requirements.
As FMC’s CISO, you are responsible for identifying and developing a cyber strategy to address the risks identified in the attached “Security Assessment Report for Fielder Medical Center” to ensure that FMC’s security posture is brought into alignment with the Federal Information Security Management Act (FISMA) requirements. As the new FMC system includes only doctor information and does not include patient information, compliance focuses on FISMA requirements instead of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule requirements.
REQUIREMENTS
Your submission must be your original work. No more than a combined total of 30% of the submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly. The similarity report that is provided when you submit your task can be used as a guide.
You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.
Tasks may not be submitted as cloud links, such as links to Google Docs, Google Slides, OneDrive, etc., unless specified in the task requirements. All submissions must be file types that are uploaded and submitted as single attachments (e.g., .doc., .docx, .pdf).
A.  Summarize the gaps that currently exist in the company’s security framework as described in the attached “Security Assessment Report for Fielder Medical Center” (SAR).
B.  For each of the five identified controls within the SAR, do the following:
1.  Identify the associated risk rating as low, moderate, or high and explain the risk.
2.  Justify FMC’s decision to remediate the risk associated with the identified control instead of accepting the risk based on compliance and industry guidelines and support the justification with industry-respected sources.
C.  Discuss how FMC should remediate the risks with each of the five controls identified in Section 3.3 of the SAR. For each risk, include any assets, actions, or changes that will be needed for remediation.
D.  Develop a PCI DSS–compliant policy to address the three concerns identified in Section 3.2.4 of the SAR, including the roles and responsibilities associated for each requirement identified within the SAR to meet PCI DSS compliance.
E.  Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.
F.  Demonstrate professional communication in the content and presentation of your submission.

Struggling With a Similar Paper? Get Reliable Help Now.

Delivered on time. Plagiarism-free. Good Grades.

What is this?

It’s a homework service designed by a team of 23 writers based in Carlsbad, CA with one specific goal – to help students just like you complete their assignments on time and get good grades!

Why do you do it?

Because getting a degree is hard these days! With many students being forced to juggle between demanding careers, family life and a rigorous academic schedule. Having a helping hand from time to time goes a long way in making sure you get to the finish line with your sanity intact!

How does it work?

You have an assignment you need help with. Instead of struggling on this alone, you give us your assignment instructions, we select a team of 2 writers to work on your paper, after it’s done we send it to you via email.

What kind of writer will work on my paper?

Our support team will assign your paper to a team of 2 writers with a background in your degree – For example, if you have a nursing paper we will select a team with a nursing background. The main writer will handle the research and writing part while the second writer will proof the paper for grammar, formatting & referencing mistakes if any.

Our team is comprised of native English speakers working exclusively from the United States. 

Will the paper be original?

Yes! It will be just as if you wrote the paper yourself! Completely original, written from your scratch following your specific instructions.

Is it free?

No, it’s a paid service. You pay for someone to work on your assignment for you.

Is it legit? Can I trust you?

Completely legit, backed by an iron-clad money back guarantee. We’ve been doing this since 2007 – helping students like you get through college.

Will you deliver it on time?

Absolutely! We understand you have a really tight deadline and you need this delivered a few hours before your deadline so you can look at it before turning it in.

Can you get me a good grade? It’s my final project and I need a good grade.

Yes! We only pick projects where we are sure we’ll deliver good grades.

What do you need to get started on my paper?

* The full assignment instructions as they appear on your school account.

* If a Grading Rubric is present, make sure to attach it.

* Include any special announcements or emails you might have gotten from your Professor pertaining to this assignment.

* Any templates or additional files required to complete the assignment.

How do I place an order?

You can do so through our custom order page here or you can talk to our live chat team and they’ll guide you on how to do this.

How will I receive my paper?

We will send it to your email. Please make sure to provide us with your best email – we’ll be using this to communicate to you throughout the whole process.

Getting Your Paper Today is as Simple as ABC

No more missed deadlines! No more late points deductions!

}

You give us your assignments instructions via email or through our order page.

Our support team selects a qualified writing team of 2 writers for you.

l

In under 5 minutes after you place your order, research & writing begins.

Complete paper is delivered to your email before your deadline is up.

Want A Good Grade?

Get a professional writer who has worked on a similar assignment to do this paper for you