Paper , Order, or Assignment Requirements
You have recently been promoted to Chief Information Security Officer of a large healthcare organization with 10 hospitals under management. Your fist task is to design an information security audit to determine the state of cyber security of your organization as you enter into your new role. You know that the implementation of a robust and effective information security program is only the start of providing for the confidentiality, integrity and availability of information assets. Those tasked with the responsibility for information security will also implement a routine audit of their information security controls. The National Institute of Standards and Technology (NIST) publishes the cyber security framework for improving critical infrastructure cyber security. Review this framework and prepare a sample audit to be reviewed by your organizations Chief Information Officer for approval. Your sample audit should include the 5 primary areas of your information security program that you would audit, the details of what you would audit for and a 1 paragraph summary per section that describe your goals for that section of the audit.