Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Authorization and Accreditation
The organization's risk management framework offers a structured information and process to help the company identify, assess, and take steps to reduce risks to a reasonable level. The E-Government Act requires organizations to protect their information technology and information systems that support their assets and operations (Jain & Zhang, 2012). This paper looks at how the organization will plan, implement, and manage its risk management steps. The risk management steps under the Risk Management Framework include the six steps as summarized in the following diagram.
Risk Management Steps
Approach to Implementation
To implement the first step, the organization will need to categorize the information systems, as well as the information being stored, processed, and transmitted by the system. This will be based on the possible effect to the company in case events take place to put the information and the system at risk. The organization will assign a security effect value (high, low, or moderate) for the security goals of integrity, availability or confidentiality (Bowden & Martin, 2011). This will relate to the information systems and information the company requires for achieving its mission, fulfilling its legal responsibilities, maintaining its daily functions, and protecting its individuals and assets.
The categorization of security standards for information systems and information will provide a common understanding and framework for documenting the possible effect to individuals or organizations. This is done in case of a security breach to information system or information. The organization's information system and information...
The process of categorization will likewise promote consistent reporting and effective management of information systems (Jain & Zhang, 2012).
In implementing the second step, the organization will identify an appropriate class of security controls for its information system after it has already determined its security categorizations. The E-Government Act specifies that companies meet the minimum requirements of security by choosing an appropriately tailored class of baseline security controls. This will be based on assessing risks and local conditions such as the company's security requirements, cost benefit analysis, threat information, and special circumstances. In a move to overcome minimum security requirements, the company will select appropriate security controls (Jain & Zhang, 2012). This will help the company protect its information systems according to its business requirements and mission. It will determine an initial set of security controls based on the effect analysis conducted previously. The company will supplement and tailor the selection of baseline security controls. This will be based on the company's assessment of risks.
Security controls must be implemented within the information system. The organization will configure security checklists and present information about its benefits. Further, the management will give information on how to use the checklist and locate and retrieve checklists. Security setting checklists will be useful devices, which will be developed to guide the IT department and security personnel in the selection of effective security settings (Bowden & Martin, 2011).…
References
Gantz, S.D., & Philpott, D.R. (2013). FISMA and the risk management framework: The new practice of federal cyber security. Boston: Syngress.
Bowden, A.R. & Martin, J.H. (2011). Triple Bottom Line Risk Management: Enhancing Profit, Environmental Performance, and Community Benefits. New York: John Wiley & Sons.
Jain, L.C., & Zhang, G. (2012). Handbook on Decision Making: Vol 2: Risk Management in Decision Making. Dordrecht: Springer.
Security categorizations are defined as per the level of effort needed for certification. Three categorization levels of security exist and are defined as follows: This table has the definitions the three main security categorizations degree of effort based on them This table shows the required SSP sections that are needed for systems in each of security categorizations. When the initiation phase comes to an end, then the certification phase commences. Certification 06/01 In this phase,
Agency's Role The Federal Bureau of Prisons (BOP) is an agency under the prison health care systems. The Institution was established to provide a more humane and modern care for state prisoners, make the prison service more professional, and to oversee reliable and central management of the government prisons. The key role of this agency is to restrict perpetrator to a humane, safe, secure and cost-efficient location for them to
Prison Health Care Agency In 1930, the Federal Bureau of Prisons was set up so that more progressive and benevolent care could be provided for Federal prisoners/convicts. Moreover, the purpose behind the establishment of this Bureau was to bring professionalization in the prison service and to make certain that the eleven operational Federal prisons are administered with consistency and centralization. In the present times as well, the Federal Bureau of Prisons
Federal Bureau of Prisons While most people seem to agree that prisoners should have access to basic healthcare while incarcerated, there is tremendous variation about what type of healthcare constitutes basic care. The reality is that many prison inmates receive a better quality of healthcare than non-incarcerated working-class individuals, but many inmates also suffer consequences because of significant medical neglect. For the federal prison system, the Federal Bureau of Prisons
Cross-Sectional Study to Determine Factors in the Educational Advancement of the Licensed Practical Nurse to the Registered Nurse in the State of North Carolina According to the Harvard Nursing Research Institute, United States nursing school enrollments dropped by 20.9% from 1995 to 1998 (Healthcare Review, 2000). Behind headlines such as this one are the overwhelming issues which threaten the nursing workforce: 1) staffing cuts, 2) mandatory overtime, and 3) the
History of Assessment/Testing in the United States Assessment practices in the United States are not something that started yesterday. Assessment and testing in the United States began many years ago and they have taken several transformations throughout time. For over a century use of standardized testing for the assessment of aptitudes and achievement has played a major role in shaping the educational thinking in America. Today such tests are quite common