Reference no: EM131748911
RESPOND TO THESE DISCUSSION POST BASED ON THE TOPIC "As a risk manager, should you approach regulations as a risk to information systems?
Do you see regulations as important measures to strengthen information security or as ways to exert unnecessary control over organizations?
In response to your peers, research any organization as a point of reference or use your own place of work in discussing why regulations are important measures or ways to exert unnecessary control over organizations."
(TWO (2) PARAGRAPHS EACH WITH REFERENCES ON EACH OF THEM SEPARATELY, NOT TOGETHER)
NOTE
APA reminders - In your Discussions and Assignments -
* Use less than 10% direct quotes
* Quotes over 40 words not allowed in this classes (by exception only ahead of time)
* Every quote needs a specific page or paragraph number
* Ideas and concepts from articles on websites need to be re-written in your own thoughts, vocabulary, and ideas and not simply paraphrased.
RESOURCE
· Read Chapter 3 in our text, Managing Risk in Information Systems (Gibson 2010).
· Watch the Podcast, in Module 2, The Path from Information Security Risk Assessment to Compliance (26:17)
1.AzlaH IMPOTNT OF LnR
Laws and regulations are put in place to protect companies and businesses from any harm that may come upon them or the clients that they support/work for. However, not every regulation that has been created works for everybody. As a risk manager, regulations need to be rolled out via compliance programs for detailed checks (Gibson, 2015, p. 58).
Regulations are important measures to strengthen information security. Without regulations, it would be hard for an organization to keep their employees on the same page when it comes to the security of the company.
An example of the importance of regulations can be found within the Health Insurance Portability and Accountability Act (HIPAA). HIPAA ensures that health information data is protected(Gibson, 2015, p. 61). Companies who take on this plan must also realize that they need to create their own compliance plan that works best for their organization. One of the steps in creating the compliance plan is to continuously monitor the regulations that have been put into place.
The fact that there is a step in creating a compliance plan that involves regulations shows the importance of regulations. Some may feel as if regulations are unnecessary for an organization because it puts rules in place. However, rules are beneficial. They keep order. For instance, without a regulation that states that medical numbers should be encrypted, employees may think that simply saving the numbers would be enough.
2.BrdKrw
Regulations are put in place for a reason and should be followed throughout the entire organization. These regulations help provide a better understanding of how to process information securely and effectively. They are meant to help streamline certain processes and should not be seen as a risk to information systems. An example of high-level regulations is HIPAA, the Health Insurance Portability and Accountability Act. If a company deals with highly sensitive personal information they are required to follow HIPAA guidelines and regulations.
This act "establishes a set of national standards for the protection of certain health information" (Secretary, 2013). The main priority of this rule is "assure that individuals' health information is properly protected while allowing the flow of health information needed to provide and promote high-quality health care and to protect the public's health and wellbeing" (Secretary, 2013).
By following these regulations a person's health records and other private information is secure against possible threats. If these regulations were not followed there are legal consequences a person or organization would have to face. As a risk manager, these regulations should not be seen as a risk and should be followed as closely as possible.
PLEASE READ THIS.IT IS VERY IMPORTANT
Allow your discussion posts to be detailed and capable of sharing knowledge, ideas and points. You must discuss the topic using your own words first. Using your own words indicate you understand the topic of discussions. Secondly, you must cite your sources in-text. This is necessary to justify your points. Sources from several sources showed good research abilities. Lastly, you must provide references at the bottom of your post.
A discussion post without justification with sources does not show proper research abilities. A terse and not detailed discussions represent post that would not provide enough sharing of knowledge or proper understanding of the topic. DO NOT just copy and paste a sentence from online with citation at the end as your own discussion. I have not asked for definitions, I asked for discussions and will not buy this. You must show understanding of the discussion topic by using your own words to describe the topic and then justify that with sources.
use double spacing, 12-point Times New Roman font, and one-inch margins. Sources should be cited according to APA citation method (citation should be relevant and current). Page-length requirements:2 PAPARAGRAPHS FOR EACH PROMPT ANSWER.
Make sure you cite if you take a piece of someone's work, very important and your reference should relate to your writing (don't cite a reference because it relates to the course and not this very paper) at least 2 current and relevant academic references. No heavy paraphrasing of others work.