RISK MANAGEMENT PLAN
1 Introduction
The paper is intended to provide a risk plan that will help in addressing the current risk issues arising at Health Inc. There has been recent reports from the company management regarding the loss of company information due to the theft of computer hardware from the production database as well as the information contained in the hardware, client reduction due to inconsistency in software used, internet insecurity of company information and insider threats. The risk plan will therefore examine, analyze, and identify the most relevant remedies for the established risks. Furthermore, the examination of the prevailing risks may help in identifying other potential risks that may crop up as a result.
2 An
…show more content…
This will provide a strategy on how to develop and manage the responses. The risk responses will be classified and handled in the most appropriate way. For example, risk reduction, retention, risk avoidance, and risk transfer. The risk management plan will highlight the new database safety and privacy policies that will be adapted. This is intended to reduce on the case of hardware theft from the database of the company. The website proxies will also be analyzed to ascertain the company web-based information to avoid linkage to the external potential threats to the company. For purposes of client safety, there will be an update of the payment system (HNetPay) to avoid outdated information that may be misleading (Iuga, …show more content…
Standard; is a compliance law based on the quality of services provided by the participating organizations in the industry. It is usually formulated by the majority and approved by the authorized authority. It involves the formulation of mandatory acts that are supposed to be followed by all the participants (Wager et al.).
Advisory organization; within the aspect of the legal and federal law, many bodies have been identified as advisory firms to the healthcare organizations. These are entitled to giving prior advice regarding issues within the healthcare system.
Certification; this is a production certificate awarded to all legal IT healthcare companies before they commence work. It is a crucial element in the IT healthcare framework. Others also include trade association and professeional society belonging, operating rules among others.
5 the key roles and responsibilities of individuals and departments within the organization.
As the project plan is executed, different stakeholders will be assigned different