Risk Assessment For A Made Up Enterprise

1829 Words8 Pages
The first part of the report proposes the risk assessment for a made-up enterprise. The analysis made with reference to the threats and vulnerabilities associated to the electronics medical records information and the data centers situated in the centralized server room. The main objective of this part of the report is to discover and distinguish the possible threats to the server environment which is discussed in detail below and thereby conducting a risk assessment for the fictional enterprise to provide a resolution on how to secure the data to avoid security breaches.

Due to malfunction in power supply at the server room, a fire disaster has occurred which resulted in loss of entire medical records information system.
…show more content…
This risk analysis is made to valuate risk in the divisions of technical, operational and management of electronic medical records systems. This part of the paper will offer an outline of the potential risks that could induce harm to the medical records in a distributed ambience. According to NIST, there are nine procedures that involve for risk evaluation.

System Characterization Identifying threats Identifying Vulnerabilities Control Analysis Likelihood Determination Risk Impact Analysis Determination of risk Control recommendations Documentation of results

Section 1.1 System Characterization

In this part, risk evaluation is conducted to identify the system framework of the Medco system. This gives an idea what type of server environment we have.

1.1.1 Hardware configuration

Rack Servers, Routers, Switches and network cables.

1.1.2 Software packages

The system is comprised with five distinguished servers namely, Microsoft Exchange Server, Domain Controller, Citrix Server, Web Server, and Microsoft SQL Server. Their function is clearly described below.

 Microsoft Exchange Server: The main function of this server is to send emails quickly and efficiently. Exchange server is beneficial to users in terms of security features which comes along with the application. This application enables to make sure that the
Get Access