Cyberlaws Risk Analysis Paper
There are two components to the final project for this course. The first component is a risk analysis paper. The second component is a risk mitigation plan
presentation to stakeholders that illustrates an organization’s regulatory position related to a given scenario. This project is divided into two milestones, which
will be submitted at various points throughout the course to scaffold learning and ensure quality final submissions. These milestones will be submitted in
Modules Three and Five. The final product will be submitted in Module Seven.
In this assignment, you will demonstrate your mastery of the following course outcomes:
will be submitted at various points throughout the course to scaffold learning and ensure quality final submissions. These milestones will be submitted in
Modules Three and Five. The final product will be submitted in Module Seven.
In this assignment, you will demonstrate your mastery of the following course outcomes:
- Evaluate federal, regional, and state cyberlaws and ethics regulations for their impact on organizations’ IT and computing policies and operations
- Assess personal and professional ethical violations for the extent to which they impact IT and computing within organizations
Recommend policies and strategies that align with cyberlaw and ethics guidelines for facilitating compliance and addressing non-adherence - Utilize cyberlaw and ethics guidelines in creating IT-specific codes of ethics for mitigating stakeholder and organizational risk
Scenario
Cyberlaws Risk Analysis Paper
ABC Healthcare is a startup company with 50 employees. The company’s computer network is shown in Figure 1 below. The healthcare data server contains the
company’s records, including copies of patient health records with personally identifiable data, patient billing, company financials, and forms.
You have been hired as the IT network security officer, reporting directly to the chief information officer (CIO). Currently, there is a network administrator who
has very limited experience and worked as a desktop technician prior to joining ABC. This network administrator helped set up the existing network. In addition,
ABC plans to hire a desktop technician and a website developer/programmer who will report directly to the CIO.
There are no policies or guidelines for employees’ usage of the computers and network. Network setup was done by various vendors, and all of the programs
use default usernames and passwords. Wireless access has been set up for staff using wireless laptops. The same wireless access point also provides clients
access to the internet. Some staff members bring in their own computers and connect them to the network. Employees use the work systems for personal web
browsing and to check personal email accounts.
As part of network security, management set up a video monitoring system throughout the office. Employees are not notified of any monitoring.
ABC Healthcare is a startup company with 50 employees. The company’s computer network is shown in Figure 1 below. The healthcare data server contains the
company’s records, including copies of patient health records with personally identifiable data, patient billing, company financials, and forms.
You have been hired as the IT network security officer, reporting directly to the chief information officer (CIO). Currently, there is a network administrator who
has very limited experience and worked as a desktop technician prior to joining ABC. This network administrator helped set up the existing network. In addition,
ABC plans to hire a desktop technician and a website developer/programmer who will report directly to the CIO.
There are no policies or guidelines for employees’ usage of the computers and network. Network setup was done by various vendors, and all of the programs
use default usernames and passwords. Wireless access has been set up for staff using wireless laptops. The same wireless access point also provides clients
access to the internet. Some staff members bring in their own computers and connect them to the network. Employees use the work systems for personal web
browsing and to check personal email accounts.
As part of network security, management set up a video monitoring system throughout the office. Employees are not notified of any monitoring.
There is a copier/printer in the front office that is used by employees. Currently, all unused copies are left next to the copier for recycling.
Figure 1
The administration office room uses an open cubicle structure for its staff. Figure 2 depicts the cubicles and seating of its sta f. Staff members sometimes
complain that they can hear each other during the work day.
Figure 2
Prompt
Create a comprehensive risk analysis narrative in which you assess ABC Healthcare’s information systems for ethics violations and cyberlaw compliance, and
research the framework for creating an acceptable use-of-technology policy and code of ethics.
Next, using PowerPoint, Google Presentation, or Prezi, create a presentation in which you recommend appropriate strategies for remediating the instances of
ethics violations and cyberlaw noncompliance you identified in your risk analysis. Propose an organizational code of ethics related to information technology that
prevents future violations and noncompliance, and propose an acceptable use-of-technology policy that addresses non-adherence.
Specifically, the following critical elements must be addressed:
I. Risk Analysis Paper
1. Describe the information technology structure of the organization in the given scenario.
2. Identify specific cyberlaws and ethics regulations that pertain to the organization and its computing operations in the scenario.
3. Organizational ethics violations
i. Classify unethical behaviors with respect to whether they are personal or professional in nature, being sure to support your position
with specific examples.
ii. Assess the impact of the unethical behaviors on IT and computing within the organization.
4. Cyberlaw noncompliance
i. Identify instances of cyberlaw noncompliance, being sure to cite the specific regulation(s) being violated.
ii. Assess the impact of the noncompliance on IT and computing within the organization.
5. Acceptable use-of-technology policies research
i. Compare and contrast acceptable use-of-technology policies from various organizations. Youcan find suggested organizations below or
use policies of your own choosing. Cyberlaws Risk Analysis Paper
ii. Select aspects of the acceptable use-of-technology policies you have researched that you feel could be adapted to meet the needs of the organization, and explain how you would adapt them.
6. Codes of ethics research
i. Compare and contrast IT-specific codes of ethics from various organizations. Youcan find suggested organizations below or use codes of
ethics of your own choosing.
ii. Select aspects of the codes of ethics you have researched that you feel could be adapted to meet the needs of the organization, and explain how you would adapt them.
IT Acceptable Use Policies
There are many areas within the field of IT, and each area’s policies may vary based on specialization. IT does not have one rule-making body as other
professions do. IT does, however, have many professional organizations that represent different specializations, such as security, operations management,
and computing technology.
SANS Institute Acceptable Use Policy
ISSA Acceptable Use Policy
Pennsylvania College of Technology IT Acceptable Use Policy
AT&T Acceptable Use Policy
IT Codes of Ethics
Professional organizations provide codes of ethics that may vary slightly, depending on specialization. A code of ethics may also be provided by a business or
educational organization.
SANS Institute IT Code of Ethics
ISSA Code of Ethics
K-State Information Technology Employee Code of Ethics
Business Codes of Ethics
AT&T Code of Ethics
Microsoft Standards of Business Conduct
Figure 1
The administration office room uses an open cubicle structure for its staff. Figure 2 depicts the cubicles and seating of its sta f. Staff members sometimes
complain that they can hear each other during the work day.
Figure 2
Prompt
Create a comprehensive risk analysis narrative in which you assess ABC Healthcare’s information systems for ethics violations and cyberlaw compliance, and
research the framework for creating an acceptable use-of-technology policy and code of ethics.
Next, using PowerPoint, Google Presentation, or Prezi, create a presentation in which you recommend appropriate strategies for remediating the instances of
ethics violations and cyberlaw noncompliance you identified in your risk analysis. Propose an organizational code of ethics related to information technology that
prevents future violations and noncompliance, and propose an acceptable use-of-technology policy that addresses non-adherence.
Specifically, the following critical elements must be addressed:
I. Risk Analysis Paper
1. Describe the information technology structure of the organization in the given scenario.
2. Identify specific cyberlaws and ethics regulations that pertain to the organization and its computing operations in the scenario.
3. Organizational ethics violations
i. Classify unethical behaviors with respect to whether they are personal or professional in nature, being sure to support your position
with specific examples.
ii. Assess the impact of the unethical behaviors on IT and computing within the organization.
4. Cyberlaw noncompliance
i. Identify instances of cyberlaw noncompliance, being sure to cite the specific regulation(s) being violated.
ii. Assess the impact of the noncompliance on IT and computing within the organization.
5. Acceptable use-of-technology policies research
i. Compare and contrast acceptable use-of-technology policies from various organizations. Youcan find suggested organizations below or
use policies of your own choosing. Cyberlaws Risk Analysis Paper
ii. Select aspects of the acceptable use-of-technology policies you have researched that you feel could be adapted to meet the needs of the organization, and explain how you would adapt them.
6. Codes of ethics research
i. Compare and contrast IT-specific codes of ethics from various organizations. Youcan find suggested organizations below or use codes of
ethics of your own choosing.
ii. Select aspects of the codes of ethics you have researched that you feel could be adapted to meet the needs of the organization, and explain how you would adapt them.
IT Acceptable Use Policies
There are many areas within the field of IT, and each area’s policies may vary based on specialization. IT does not have one rule-making body as other
professions do. IT does, however, have many professional organizations that represent different specializations, such as security, operations management,
and computing technology.
SANS Institute Acceptable Use Policy
ISSA Acceptable Use Policy
Pennsylvania College of Technology IT Acceptable Use Policy
AT&T Acceptable Use Policy
IT Codes of Ethics
Professional organizations provide codes of ethics that may vary slightly, depending on specialization. A code of ethics may also be provided by a business or
educational organization.
SANS Institute IT Code of Ethics
ISSA Code of Ethics
K-State Information Technology Employee Code of Ethics
Business Codes of Ethics
AT&T Code of Ethics
Microsoft Standards of Business Conduct
Cyberlaws Risk Analysis Paper
WRITE MY ESSAY!Write my Essay. I am looking for someone to write my essay? Welcome, you are at the right place. Our writes will help you out. Provide us with the instructions and one of our writers will deliver a unique, no plagiarism, and professional paper.
Get help with your toughest assignments and get them solved by our team of expert writers. Get your Essay from A Simple Idea to a complete paper. Save time, money and get quality papers.
Get Professional Assistance with Writing Your Papers!
