BENCHMARK-BUSINESS CONTINUITY PLAN (BCP) - PHASE 1

.docx

School

Grand Canyon University *

*We aren’t endorsed by this school

Course

CYB-515

Subject

Information Systems

Date

May 10, 2024

Type

docx

Pages

24

Uploaded by UltraRose1881 on coursehero.com

BENCHMARK-BUSINESS CONTINUITY PLAN (BCP) - PHASE 1 SamHealth Business Continuity Plan Samuel A. Ntombwen College of Science, Engineering and Technology, Grand Canyon University UNV-515-O500: Enterprise Security Infrastructure Design Instructor: Dr. Nzigia Date: March 20, 2024
BENCHMARK-BUSINESS CONTINUITY PLAN (BCP) - PHASE 1 SamHealth Business Continuity Plan Table of Contents 1. Executive Overview 2. Document Change Control 3. Introduction 3.1 Overview 3.2 Plan Scope and Applicability 4.0 Risk Assessment Matrix 4.1 Risk Identification 4.2 Risk Analysis 4.3 Threats and Vulnerabilities Assessment 4.4 Risk Mitigation 5. Critical Business Functions 5.1 Identification and Description of Critical Functions 5.2 Dependencies and Interdependence
BENCHMARK-BUSINESS CONTINUITY PLAN (BCP) - PHASE 1 SamHealth Business Continuity Plan 5.3 Purpose of SamHealth’s critical Business Design 6. Company Organizational Chat 7. SamHealth Reporting Structure for BCP Implementation 7.1 Graphical Representation of MedSecure Organizational Structure 8. Development, Structure, and Conclusion
BENCHMARK-BUSINESS CONTINUITY PLAN (BCP) - PHASE 1 SamHealth Business Continuity Plan Executive Overview “A Business Continuity Plan (BCP) framework is a procedural guidance to create plans that prevent, prepare, respond, manage, and recover a business from any disruption” (Fani, V.S., Subriadi, P.A. 2019). As Chief Information Security Officer (CISO) of SamHealth, it is part of my duty to create this framework that will guide SamHealth to “respond, recover, resume, and restore to a pre-defined level of operation following disruption” (ISO 32302). SamHealth is a modern digital healthcare organization that leverages the use of Electronic Health Records (EHR), in combination with telemedicine services, medical devices, tools for engaging patients, Health Information Exchange (HIE), and analytics to deliver the best experience in healthcare to its clients. Since we conduct remote consultation, it is in our interest to put in place a BCP that will help the business land on its feet in the event of a disruption. As patient’s information is sensitive, we will be following certain standards such as the Health Information Portability and Accountability (HIPAA) act of 1996. This document encompasses an overview of continuity operations, clearly presents the path to support SamHealth’s critical business functions, and maps roles and responsibilities to its staff. This plan discusses procedures and processes that are required to keep SamHealth functioning based on a number of disruptions that could occur at anytime. These disruptions could be caused by earthquakes, fires, wild storms or even a drop in the workforce, and failing equipments as a result of age. These can cause inaccessibility to sectors or entirety of the organization.
BENCHMARK-BUSINESS CONTINUITY PLAN (BCP) - PHASE 1 SamHealth Business Continuity Plan Document Change Control Document change control in this framework refers to the systematic process SamHealth uses to manage modifications, revisions, or updates to critical documents, such as this, within the organization. To achieve this, SamHealth has put certain procedures in place to manage document change control. They are: Change Request Submission This form is made available to all employees of SamHealth and it must be used if a change request is to be submitted. The form provides space to fill in detailed information such as document title, type of change requested, reason for requesting change, proposed revisions, impact assessment, and document number. These are mandatory sections. Review and Approval SamHealth’s change control review and approval is run by a Change control Board (CCB) which is made up of designated stakeholders who analyze every change request in order to assess the impact it will have on the document and the organizational operations. The CCB approves or denies change requests after a review. Implementation In the event of an approval of a change request by the CCB, the document owner or designated personnel or team implements the change. During this implementation phase, the responsible party makes sure that any updates are documented.
BENCHMARK-BUSINESS CONTINUITY PLAN (BCP) - PHASE 1 SamHealth Business Continuity Plan Document Revision History There is an all encompassing and comprehensive document revision history, maintained by SamHelath, that documents every change, the reasons, approvals, and upgrades over time. This helps SamHealth to ensure and maintain transparency and accountability. The above procedures helps the organization to use change control as a tool to manage changes or alterations to its IT services or devices, while ensuring smooth operations, minimizing disruptions, and maximizing efficiency by preventing downtime caused by unnecessary changes. This framework is generally used as a Standard Operating Procedure (SOP) once approved. Figure 1 below is a complete table for document change control used at SamHealth.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help