Risk Assessment Instructions WHAT Risk Assessment and Management are a key element of HIPAA compliance and ultimately contribute to protection of PHI and reducing the number of data breaches. This assignment is meant to: 1) Help you review basic information security practices in a personal context, and 2) Provide practice in presenting an analysis in a small number of briefing slides. You may find out there are some security habits you should work on, for your benefit and your future employers. As we’ve discussed, employees with less-than-perfect security habits are an important source of data breaches. It’s also very good experience to have to identify key findings from an analysis and think about how to present those findings, including identifying implications or recommendations based on the analysis. And PowerPoint is used so commonly in professional settings that practice in developing good slides is always valuable. HOW 1) Go through the Risk Assessment Checklist provided with this assignment and review what you are currently doing when using computers and other devices, and when accessing information by connecting to networks. Mark YES/NO for each question. 2) At the end of each section, add up the YES answers, and the NO answers. 3) At the end, add up all YES answers and NO answers across all sections, to give you a better picture of your practices overall. 4) Pretend your results represent a “typical employee” in an organization (i.e., as if all employees were surveyed and your results represent the most common responses on each item) and assess the results. Develop a briefing for the organization’s leadership on what you’ve learned about employee security habits and identify key implications/recommendations. • After viewing your checklist results based on your own security practices, if you find you already do virtually everything you should be on the checklist, you can still identify some implications and recommendations for your CEO. Just because the “typical employee” has strong habits does not mean there’s nothing to recommend for the organization to do moving forward. And bear in mind that even if a “typical employee” has strong security habits, that’s usually not the case for every employee. • Also, if there were items in the checklist that you didn’t understand, feel free to address that in your presentation if you think it’s significant. 5) There is no specific number of slides required for the PowerPoint.. Your organization’s senior leadership are busy people, but they also need to know what you’ve learned about employee security practices and what the organization should do based on that. A combination of visuals (e.g., tables and/or charts) and words is often most effective. What does the organization’s leadership need to know from your presentation? Also, are some of your recommendations a higher priority or more urgent than others? Is will help to learn if there’s anything you should improve in your habits, and more importantly to develop and present an analysis including implications/recommendations. SUBMIT 1) Submit your PowerPoint slides, via BB. 2) Submit your checklist as a Word file, via BB. 3) Please include your last name in each file name. DONE!
0 comments