Risk Management Program Essay Assignment
Order ID:89JHGSJE83839 Style:APA/MLA/Harvard/Chicago Pages:5-10 Instructions:
Risk Management Program Essay Assignment
Running head: Risk management Program 1
Risk Management Program
Student’s name
Institutional Affiliation
Course Number and Name
Instructor name
Due Date
Introduction
Information and data are crucial to Cigna’s activities. It is devoted to safeguarding its customers’ on the whole right to security and liking the confidence they place in the company. The organization’s wide security rules and norms are the bedrock of Cigna’s network protection program. CIP has adjusted Cigna’s online protection program. Cigna Corp Company gathers and utilizes sensitive personal data about our clients’ wellbeing and prosperity to support them worldwide. The company has a thorough security program to ensure and mindfully utilize our clients’ data. The company’s security consistency program is intended to guarantee that sufficient approaches, preparing, announcing systems, episode the board cycles, and preventive measures are set up to shield individual data from hurt brought about by ill-advised assortment, use, sharing, or insurance.
Because it is a medical-based organization, HIPAA laws are among the regulatory compliance and control criteria it must conform to. These guidelines ensure that everything e-PHI they create, receive, keep, or communicate kept private, secure, and accessible. They also recognize and protect against threats to the data’s security or integrity that are reasonably foreseeable. The HIPAA rules also safeguard against reasonable expectations of prohibited uses or disclosures. HIPAA laws must be followed (Wu, Spafford and Zeni, no date). They ensure that individuals’ health information is securely protected while also considering the flow of health information required to provide and promote first-rate therapeutic benefits and ensure the overall wellbeing and success of the population.
Risk Management Framework
Cigna Corporation is committed to maintaining a globally recognized security and data assurance program that adheres to internationally established procedures and regulations, such as the National Institute of Standards and Technology’s Cyber security Framework (NIST800-37). The company’s risk management framework includes the following steps: Categorization of the company’s information systems, which specifies the type of system that should be included. The selection of security controls is the next step. Suitable security control is chosen from NIST publication 800-37 to provide a more consistent, comparable, and repeatable approach to selecting and configuring security controls for Cigna Corp Company systems (NIST, 2017).
The next stage is to put security controls in place. All processes and procedures are documented in this location. Another step is to evaluate security controls. The company ensures that all of the chosen security controls are implemented here. The following phase is information authorization, in which the organization ensures that all security safeguards are functioning properly, intending to minimize risks. Finally, security control efficacy and efficiency are monitored.
When deciding on and implementing design and framework upgrades, the company considers that each component that can be modified should be reified to be updated. For example, it’s the case with the four aforementioned critical structural components. As a result, they are regarded as first-class elements. The following options are available for engineering and framework updates: The organization begins by clearly understanding its requirements. The following stage considers every part under design and framework updates after having a decent understanding and knowledge of its destinations (NIST, 2018). The engineering and framework are then divided into several segments that may be easily examined and modified. The construction of a model comes next, followed by identifiable proof and evaluation of non-utilitarian requirements.
Risk Management Program
The integration of TVM and SRR into the NIST800-3 system at TVM allows Cigna Port Company to recognize continuously, survey, group, remedy, and relieve security flaws and fully comprehend the underlying driving investigation to address expected flaws in the strategy process. Furthermore, SRR ensures that the engineer knows the framework requirements and is ready to proceed with the underlying framework plan. This survey aims to see if the framework requirements are captured in the framework execution detail.
The NIST800-37 structure’s lifespan begins with the program’s creation, progresses to a system enhancement, and finally to program support. Each of the four phases involves a set of security duties, such as vulnerability management, risk rating/prioritization, security risk evaluation, and architecture change audits, which are required to integrate security into the system development process properly.
Conclusion
With cyber dangers rapidly evolving and data volumes skyrocketing, many firms, like Cigna, are seeking to ensure a high level of security. Implementing a solid network security system (CSF) can help you secure your company. Accepting the NIST800-37 framework is one of Cigna’s most impressive steps to ensure acceptable security within the company.
NIST800-37 system has the following merits to Cigna Corp: The organization can better understand current security threats using this methodology. The structure has also aided the firm in effectively communicating with all partners, including IT, business, and leadership teams. In addition, the NIST system has given the business the ability to examine expected instruments and cycles and identify mitigating methods.
References
Wu, R., Spafford, E. H. and Zeni, N. (no date) ‘Towards HIPAA-compliant healthcare systems
Related papers’.
National Institute National Institute of Standards and Technology. (2017). Risk management framework for information systems and organizations: NIST SP 800-37 revision 2.
National Institute National Institute of Standards and Technology. (2018). undefined. Createspace Independent Publishing Platform.
RUBRIC
Excellent Quality
95-100%
Introduction 45-41 points
The background and significance of the problem and a clear statement of the research purpose is provided. The search history is mentioned.
Literature Support
91-84 points
The background and significance of the problem and a clear statement of the research purpose is provided. The search history is mentioned.
Methodology
58-53 points
Content is well-organized with headings for each slide and bulleted lists to group related material as needed. Use of font, color, graphics, effects, etc. to enhance readability and presentation content is excellent. Length requirements of 10 slides/pages or less is met.
Average Score
50-85%
40-38 points
More depth/detail for the background and significance is needed, or the research detail is not clear. No search history information is provided.
83-76 points
Review of relevant theoretical literature is evident, but there is little integration of studies into concepts related to problem. Review is partially focused and organized. Supporting and opposing research are included. Summary of information presented is included. Conclusion may not contain a biblical integration.
52-49 points
Content is somewhat organized, but no structure is apparent. The use of font, color, graphics, effects, etc. is occasionally detracting to the presentation content. Length requirements may not be met.
Poor Quality
0-45%
37-1 points
The background and/or significance are missing. No search history information is provided.
75-1 points
Review of relevant theoretical literature is evident, but there is no integration of studies into concepts related to problem. Review is partially focused and organized. Supporting and opposing research are not included in the summary of information presented. Conclusion does not contain a biblical integration.
48-1 points
There is no clear or logical organizational structure. No logical sequence is apparent. The use of font, color, graphics, effects etc. is often detracting to the presentation content. Length requirements may not be met
You Can Also Place the Order at www.collegepaper.us/orders/ordernow or www.crucialessay.com/orders/ordernow Analyze the Water Footprint Results