Risk Mitigation Plan For the Health Network

   Executive Summary  <Do NOT USE this as your Executive Summary – for stance only>  This Facilitate Obsoleteness Plan is for Sanity Network, Inc. (Health Network), a spurious sanity labors structure headquartered in Minneapolis, Minnesota. Sanity Netis-sue has aggravate 600 employees throughout the structure and generates $500 pet USD in annual fruits. The fraternity has two concomitant colonys in Portland, Oregon and Arlington, Virginia, which deeptenance a mix of urbane operations. Each urbane readiness is located close a co-colony postulates courage, where origination methods are located and managed by third-party postulates courage hosting vendors.  Health Netis-sue has three deep products: HNetExchange, HNetPay, and HNetConnect. HNetExvary is the first cause of fruits for the fraternity. The labor treats vindicate electronic medical messages that proceed from its customers, such as wide hospitals, which are then routed to receiving customers such as clinics. HNetPay is a Web gateway used by frequent of the fraternity’s HNetExvary customers to deeptenance the treatment of vindicate payments and billing. The HNetPay Web gateway, hosted at Sanity Netis-sue origination sites, accepts diverse forms of payments and interacts delay credit-card processing structures abundant love a Web communication shopping cart. HNetConnect is an online directory that lists doctors, clinics, and other medical facilities to remit Sanity Netis-sue customers to furnish the proper expression of heed at the proper colonys. It contains doctors’ indivisible advice, is-sue addresses, medical certifications, and expressions of labors that the doctors and clinics exhibit. Doctors are consecrated credentials and are operative to update the advice in their line. Sanity Netis-sue customers, which are the hospitals and clinics, couple to all three of the fraternity’s products using HTTPS coupleions. Doctors and virtual patients are operative to establish payments and update their lines using Internet-unsettled HTTPS Web sites. critical “1” Risks and short-term remediation < For each “1” facilitate, add the Remediation you would put into situate to Mitigate/Control that facilitate. Then, add a Cost-Benefit Analysis to demonstration the estimated absorb of the privation versus the absorb to moderate the privation. You get scarcity to believe environing how you would mitigate/moderate the facilitate and what expression of absorb would be associated delay that obsoleteness. REMOVE THIS Highlighted Quotation antecedently submitting the article for grading.> The facilitate/threats verified are: I. Privation of customers due to origination outages caused by diverse events, such as intrinsic disasters, vary treatment, unstoperative software, and others a. Remediation: <resituate this quotation delay how you would remediate this facilitate > b. CBA: <resituate this quotation delay the CBA you conducive for this facilitate> II. Privation or perdition of fraternity advice due to insider threats a. Remediation: <resituate this quotation delay how you would remediate this facilitate > b. CBA: <resituate this quotation delay the CBA you conducive for this facilitate> major “2” / Minor “3” Long-term remediation  < For each “2” facilitate and “3” facilitate, add the Remediation you would put into situate to Mitigate/Control that facilitate. Then, add a Cost-Benefit Analysis to demonstration the estimated absorb of the privation versus the absorb to moderate the privation. You get scarcity to believe environing how you would mitigate/moderate the facilitate and what expression of absorb would be associated delay that obsoleteness. REMOVE THIS Highlighted Quotation antecedently submitting the article for grading. > I. Privation of fraternity postulates due to hardware nature removed from origination methods Describe how this authority grasp situate a. Remediation: <resituate this quotation delay how you would remediate this facilitate > b. CBA: <resituate this quotation delay the CBA you conducive for this facilitate> II. Privation of fraternity advice on past or stolen fraternity-owned possessions, such as ductile devices and laptops. Describe how this authority grasp situate a. Remediation: <resituate this quotation delay how you would remediate this facilitate > b. CBA: <resituate this quotation delay the CBA you conducive for this facilitate> III. Theft of fraternity private advice due to insider threats. Describe how this authority grasp situate a. Remediation: <resituate this quotation delay how you would remediate this facilitate > b. CBA: <resituate this quotation delay the CBA you conducive for this facilitate> IV. Privation of customers or fruits due to varys in regulatory probability that may contact operations. Describe how this authority grasp situate a. Remediation: <resituate this quotation delay how you would remediate this facilitate > b. CBA: <resituate this quotation delay the CBA you conducive for this facilitate> implementation plan <Below are the Threats from the Project Scenario broad to enclose some Risks and Weaknesses along delay Domains and Facilitate Impacts/Factors. Explain in your own articulation how they direct to the scenario and some concomitant items that may end up or that you enjoy discovered in your examination.>    R-T-W Dodeep Impacted Risk   Impact / Factor   Threat: Hardware nature removed from origination methods Risk:  Loss of fraternity postulates.   Weakness: Bearing Moderate   procedures do not footprint colony of equipment as it is moved. Hardware may not be armed from hacking   if used beyond the postulates courage. System / Application   Domain “2”   Major   Threat: Privation of fraternity advice on past or stolen fraternity-owned possessions,   such as ductile devices and laptops Risk: Privation of fraternity advice   Weakness: Software not loaded   on ductile devices to lock method when notified of privation. Workstation Domain “2”   Major   Threat: Origination outages caused by diverse events, such as intrinsic   disasters, vary treatment, unstoperative software, and others. Risk:  Loss of customers. Weakness: UPS methods not   erratic to vindicate methods from outages. System / Application   Domain “1”   Critical   Threat: Internet threats due to fraternity products nature unsettled on the   Internet   Risk: Privation or perdition of fraternity   information. Weakness: Firewalls and   Intrusion Moderate methods not erratic or updated to vindicate methods from   unacknowledged bearing. LAN-to-WAN Domain Remote Bearing Domain “1”   Critical   Threat: Insider threats.  Risk:   Loss of fraternity private advice.   Weakness: Former employers,   contractors or other insiders having bearing to fraternity advice; floating   employers are not managed properly and consecrated bearing to unacknowledged   information. User Doman “3”   Minor   Threat: Changes in regulatory probability that may contact operations   Risk:   Loss of customers or fruits.  Weakness: Vary moderate   processes uneven to treat varys in regulations. System / Application   Domain “3”   Minor Toperative 1 from Facilitate Assessment Plan                     Figure 1