Background -Company Overview
You have just been hired as Director of Compliance for a large, publicly tradedhealth insurance company named “Green Sword, Purple Armor” (GSPA).
GSPA is a leading health insurance and managed healthcare provider in Illinois and has the following aspects to consider:
- Only provides services to Illinois, Wisconsin and Indiana residents.
- Offices located in Chicago, Milwaukee, Indianapolis, Springfield (IL) and Schaumburg.
- About 1000 employees in Illinois.
- Publicly traded on Nasdaq.
- Revenue of $2.5 Billions in 2019.
- Net profits of $500 Millions in 2019.
- Allows its customers to pay for their deductibles via all major credit cards
Part 1: Determine compliance requirements Based on the overview presented above, research and document the major laws, regulations or industry standards that GSPA must comply with. You should be able to identify at least 3 major compliance requirements. Document these compliance requirements and justify why GSPA need/should comply.
- Part 2: Security controls requirements table. Based on the compliance requirements identified in step one, create a table or an XLS spreadsheet that lists all the security controls that you should implement and document the section(s) from the compliance/standards/laws that refer to the control. Also mention if mandatory or optional. Your table/XLS may look like this:
|
# |
Control Name |
CIP v5 |
French Regulation 123 |
Polar Laws |
Yet Another Industry |
|
1 |
Firewall protect French People |
N/A |
Part 1, paragraph12 Required |
Law #45,b |
N/A |
|
2 |
Encrypt critical data |
CIP xxx page 123 |
NA |
NA |
Page 44 |
|
3 |
…etc… |
- Make sure that you group similar controls for different regulations together even if names are different. For example, one compliance requirement would be to “filter packet” while another may refer to “firewall”
- Part 3: Explain the controls For each of the control, write a few lines explaining the controls and how they apply for each regulation Also if you feel other controls, not required should be in place, please include them here and describe them in more details.
Part 4: Recommendation for Implementation
Please present your plan for implementing these control and prioritize the implementation based on what you think is most critical. Assume that no controls are currently in place.
Requirements: 4 pages
Get this or a similar paper done in as fast as 4 hours, 24/7.
NB: We do not sell prewritten papers. All essays are written from scratch according to specific needs and instructions
Leave a Reply
You must be logged in to post a comment.