Risk Management Program Assignment Essay
Order ID 53563633773 Type Essay Writer Level Masters Style APA Sources/References 4 Perfect Number of Pages to Order 5-10 Pages
Risk Management Program Assignment Essay
Running head: Risk management Program 1
Risk Management Program
Course Number and Name
Information and data are crucial to Cigna’s activities. It is devoted to safeguarding its customers’ on the whole right to security and liking the confidence they place in the company. The organization’s wide security rules and norms are the bedrock of Cigna’s network protection program. CIP has adjusted Cigna’s online protection program. Cigna Corp Company gathers and utilizes sensitive personal data about our clients’ wellbeing and prosperity to support them worldwide. The company has a thorough security program to ensure and mindfully utilize our clients’ data. The company’s security consistency program is intended to guarantee that sufficient approaches, preparing, announcing systems, episode the board cycles, and preventive measures are set up to shield individual data from hurt brought about by ill-advised assortment, use, sharing, or insurance.
Because it is a medical-based organization, HIPAA laws are among the regulatory compliance and control criteria it must conform to. These guidelines ensure that everything e-PHI they create, receive, keep, or communicate kept private, secure, and accessible. They also recognize and protect against threats to the data’s security or integrity that are reasonably foreseeable. The HIPAA rules also safeguard against reasonable expectations of prohibited uses or disclosures. HIPAA laws must be followed (Wu, Spafford and Zeni, no date). They ensure that individuals’ health information is securely protected while also considering the flow of health information required to provide and promote first-rate therapeutic benefits and ensure the overall wellbeing and success of the population.
Risk Management Framework
Cigna Corporation is committed to maintaining a globally recognized security and data assurance program that adheres to internationally established procedures and regulations, such as the National Institute of Standards and Technology’s Cyber security Framework (NIST800-37). The company’s risk management framework includes the following steps: Categorization of the company’s information systems, which specifies the type of system that should be included. The selection of security controls is the next step. Suitable security control is chosen from NIST publication 800-37 to provide a more consistent, comparable, and repeatable approach to selecting and configuring security controls for Cigna Corp Company systems (NIST, 2017).
The next stage is to put security controls in place. All processes and procedures are documented in this location. Another step is to evaluate security controls. The company ensures that all of the chosen security controls are implemented here. The following phase is information authorization, in which the organization ensures that all security safeguards are functioning properly, intending to minimize risks. Finally, security control efficacy and efficiency are monitored.
When deciding on and implementing design and framework upgrades, the company considers that each component that can be modified should be reified to be updated. For example, it’s the case with the four aforementioned critical structural components. As a result, they are regarded as first-class elements. The following options are available for engineering and framework updates: The organization begins by clearly understanding its requirements. The following stage considers every part under design and framework updates after having a decent understanding and knowledge of its destinations (NIST, 2018). The engineering and framework are then divided into several segments that may be easily examined and modified. The construction of a model comes next, followed by identifiable proof and evaluation of non-utilitarian requirements.
Risk Management Program
The integration of TVM and SRR into the NIST800-3 system at TVM allows Cigna Port Company to recognize continuously, survey, group, remedy, and relieve security flaws and fully comprehend the underlying driving investigation to address expected flaws in the strategy process. Furthermore, SRR ensures that the engineer knows the framework requirements and is ready to proceed with the underlying framework plan. This survey aims to see if the framework requirements are captured in the framework execution detail.
The NIST800-37 structure’s lifespan begins with the program’s creation, progresses to a system enhancement, and finally to program support. Each of the four phases involves a set of security duties, such as vulnerability management, risk rating/prioritization, security risk evaluation, and architecture change audits, which are required to integrate security into the system development process properly.
With cyber dangers rapidly evolving and data volumes skyrocketing, many firms, like Cigna, are seeking to ensure a high level of security. Implementing a solid network security system (CSF) can help you secure your company. Accepting the NIST800-37 framework is one of Cigna’s most impressive steps to ensure acceptable security within the company.
NIST800-37 system has the following merits to Cigna Corp: The organization can better understand current security threats using this methodology. The structure has also aided the firm in effectively communicating with all partners, including IT, business, and leadership teams. In addition, the NIST system has given the business the ability to examine expected instruments and cycles and identify mitigating methods.
Wu, R., Spafford, E. H. and Zeni, N. (no date) ‘Towards HIPAA-compliant healthcare systems
National Institute National Institute of Standards and Technology. (2017). Risk management framework for information systems and organizations: NIST SP 800-37 revision 2.
National Institute National Institute of Standards and Technology. (2018). undefined. Createspace Independent Publishing Platform.
QUALITY OF RESPONSE NO RESPONSE POOR / UNSATISFACTORY SATISFACTORY GOOD EXCELLENT Content (worth a maximum of 50% of the total points) Zero points: Student failed to submit the final paper. Use of Sources (worth a maximum of 20% of the total points). Grammar (worth maximum of 20% of total points) Zero points: Student failed to submit the final paper. Structure of the Paper (worth 10% of total points) Zero points: Student failed to submit the final paper.
GET THIS PROJECT NOW BY CLICKING ON THIS LINK TO PLACE THE ORDER