AIS paper
7 Pages

AIS paper

Course Number: ICS BAC410, Spring 2010

College/University: Wilmington DE

Word Count: 2021

Rating:

Document Preview

Information Systems 1 Running head: INFORMATION SYSTEMS Information Systems Security at Kent General Hospital Amanda Ridgeway BAC 435 Mr. Chuck Donovan Aug. 15, 09 Information Systems 2 Information Systems Security at Kent General Hospital Information systems security evaluates the potential risks within the companys computer systems and software. These potential risks are weighted in whether they are...

Unformatted Document Excerpt
Coursehero >> Delaware >> Wilmington DE >> ICS BAC410

Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.

Course Hero has millions of student submitted documents similar to the one below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.

Systems 1 Running Information head: INFORMATION SYSTEMS Information Systems Security at Kent General Hospital Amanda Ridgeway BAC 435 Mr. Chuck Donovan Aug. 15, 09 Information Systems 2 Information Systems Security at Kent General Hospital Information systems security evaluates the potential risks within the companys computer systems and software. These potential risks are weighted in whether they are detrimental or mediocre. Every company has precious information that competitors or thieves would profit from. Anywhere from account balances to personal information that would be caustic if stolen or lost. It is very important that the people in charge of creating the security systems have great knowledge of systems and creating a secure lock so others cant hack into this information. At Kent General Hospital the information systems (IS) team is responsible for analyzing vulnerabilities or threats, actions to take against these threats, what to do in a disastrous situation and aspects of the system its self. There is a cycle that the IS team should follow when making and maintaining a security system. Computer security systems are developed by applying the established methods of system analysis; design; implementation; and operation, evaluation, and control (p155). Systems analysis is the process of investigate the potential risks to the systems information if it was taken or lost. In a hospital there are many different files that need to be protected. There are accounting information files and patient files. The accounting information files contain all the financial information of the company like financial statements, patient finance, insurance payment documents, state or federal payment documents, and much more. The patient files include all patient information from address and social security numbers to procedures done. If these documents were tampered or lost this could be detrimental. The hospital keeps back-up files in order to prevent files from being lost. The system must be secure to ensure that hackers arent changing account amounts and so employees arent changing numbers in order to steal from the company. Security must be in place in order to keep the company safe from external Information Systems 3 and internal threats. The design is used to have different controls like password entry and limited access to different people. In the hospital not all workers are able to get to all files in the system. Every worker has an access account that is linked to them. This account is password protected and is programmed by IS. Each employee account has access to information pertaining to their job, rank, and need. For example, a unit secretary has access to inpatient accounts for patients in the hospital but limited to only seeing information for that specific stay in the hospital. They dont get access to all patient medical records for all procedures and stays in the hospital. In order to get information they must go through the medical records department. These employees have access to that information but can be limited on their position in that field. This is an implementation of the security design by showing that not only one person can have access to all files. The IS team at the hospital continually operates the system and tests in effectiveness and efficiency. They continually update and make proper changes to provide that the system is safe, secure, and proficient. Along with continually updating and changing the system is that they continually monitor the system. The information system team continually monitors activity in the system. They look for vulnerability and threats in the system. Active threats include information systems fraud and computer sabotage, and passive threats include systems faults, as well as natural disasters, such as earthquakes, floods, fires, and hurricanes (p157). The active threats are more important than the passive but passive threats dont go unnoticed. The hospital prepares for passive threats by maintaining reliable backup of the system and information. They also have an alternative plan if the systems shut down. For example, if the power goes out in the hospital, which shuts off the system, we go to all paper documentation. Most documentation is sent through the system and these paper documents will be scanned into the patient records once the system is restarted. Kent Information Systems 4 General Hospital just went to electronic documentation almost a year ago and the system can still have faults like freezes, online connection losses, and much more. The IS team works with this new system daily to make it more efficient. Active threats are usually by internal or external people. These threats are more severe and usually less predictable. Many companies dont disclose information about breach of their information systems. People caught doing computer based crimes are usually doing fraudulent acts. Statistics have shown that corporate losses due to fraud and embezzlement exceed total losses due to bribery, burglary, and shoplifting by a wide margin (p158). These crimes are kept secret to keep the public image of the company safe and they are a federal crime. The people who are a possible threat of these crimes are computer maintenance people, programmers, network operators, information systems administrative personnel, and data control clerks. Intruders and hackers can also pose as a threat. In the hospital the IS team has access to all parts of the system for the most part. They have the ability to change passwords, view individual computers screens, put potential glitches into the system, and much more. These people are very knowledgeable and have a lot of power at their fingers. Possible active threats are input manipulation, program alteration, direct file alteration, data theft, sabotage, viruses, and worms (p162). It is very important that IS team members have segregation of duties and access. The information systems security systems are implemented to prevent these problems. The security system consists of controls and backups to keep the system secure and safe. The most important is management philosophy operating and style. Practicing management philosophy is making sure you have good communication with your employees, maintain a good relationship with them, continue to monitor security rules and regulations, and watch the actions and mood of your employees. These actions will help prevent fraudulent thoughts or stop acts Information Systems 5 before they start. The employees should also be well trained on the security and rules of the system. They should know all the consequences that could happen if they attempt to break the rules. At the hospital there is a security department who watches over all operations like security cameras, IS computer system operations, employee traffic, and much more. They take their job very seriously and they maintain a safe environment for all hospital staff. Keeping an organized system is also important. The structure of the system must have clean lines of who is responsible for different functions and who has access to certain capabilities. For example, a nurse doesnt have access to the financial files of a patient, just what is needed to take care of them. But when making a system the IS department has to refer to the accounting department because they dont always know how the systems should be divided up. If payroll isnt able to access employee time sheets then they wouldnt be able to complete their job. This could cause problems if certain people get access to files they shouldnt. The Board of Directors oversees the audit committee who oversees the security officer. This is a method of checks and balances to make sure everyone is doing their job in a professional, ethical manner. Management overall in each department is responsible for keeping a record of all activities and budget of spending. They also control the budget which is over seen by the Board of Directors. Internal control is very important if finding faults in systems and possible fraudulent acts be employees. The computer security system must be audited constantly and then modified to meet changing needs (p167). The changes in the system must follow the rule and regulations of security policies. This is important so that there is a consistency in the systems. In these tests they should look at files and making sure master files havent been tampered with. In the hospitals it is important that there is consistence in systems from one unit to another. Currently Kent General is in the transition period where the systems Information Systems 6 dont match. It is different in each part of the hospital. The IS team is working on implementing the same upgraded system throughout the hospital. The nursing units where doing all paper charting and now have changed to computer charting but this charting doesnt match with other departments. Over the next year they are changing all systems to link but this takes time and education. Employees must be trained on the systems but should be segregated based on their jobs. There are different segregations in the hospital from finance, to nursing, to doctors, to janitorial. Each department and employee in each department has been trained based on their positions. The hospital also has to segregate people from different areas with badge access. For example, the unit secretary has access to all nursing capabilities but the drug cabinets and machines. These are checks put in place to keep not only the patients safe but protect against theft. Also with high alert medications it is important that two nurses sign off when this drug is being administered. Those different controls are appropriate for a hospital to run safely. Many other controls are put on the internet systems. The topic of Internet security deserves special attention because a companys connection to the Internet makes it a potential target for every hacker in the world (p174). The Web server is part of the operating system and if it is weak this will make it easier for hackers to enter that database. The hospital has both Internet and Intranet. Internet is the World Wide Web and it has access to all different pages. The Intranet is a secure site produced by the company with limited Web access and is only accessible from inside the companys network. Making both these Web servers secure is important so that the other information in the network is safe from hackers and viruses. These controls are not only monitored by internal control and security but also looked at by the state and federal law enforcers. Information Systems 7 State and Federal law enforcers have the job of going into a company and making sure all aspects of the company are following the law. There are groups of people who come into the hospital to test all parts of the system and there are groups who watch the staff to make sure they are doing their job right. Many state officials come in to examine the nurse to patient care to ensure nursing staff isnt harming the patient and to evaluate the facility. These state officials are responsible for passing or failing a hospital for state financial aid. This is a large percent of money that helps pay for the hospital expenses. The computer software programs must meet legal policies, if not they will be fined and can be taken to court. It is very important that the information system security meet company policies but state and federal as well. As technology advances every day it causes for the stress of better security. Many companies are centered around their software systems and important documents filed on their hard drives. The Information Systems Security must be updated constantly to keep up with hackers. Ways to keep safe are always have a back up of personal important information, keep financial documents backed up, have strict policies for employees when using these systems, and make sure to always check the system. Internal controls must be in place and continually tested for safety. Information System Security is very important in the hospital because they hold not only their company financials but a lot of confidential patient documents. If these systems are checked and tested continuously they should continue to work efficiently and safely.

Find millions of documents on Course Hero - Study Guides, Lecture Notes, Reference Materials, Practice Exams and more. Course Hero has millions of course specific materials providing students with the best way to expand their education.

Below is a small sample set of documents:

UIllinois - ACCY - 202
NAME:(If your scantron is lost- having your name on your exam is the only way to prove you took the exam)!Do NOT open your exam until you are told to do so!Before you turn in your exam please do the following: 1) Initial that you have read the course p
UIllinois - ACCY - 202
NAME:(If your scantron is lost- having your name on your exam is the only way to prove you took the exam)!Do NOT open your exam until you are told to do so!Before you turn in your exam please do the following: 1) Initial that you have read the course p
UIllinois - ACCY - 202
Do NOT open your exam until you are told to do so!While you are waiting please do the following: 1) Keep your exam closed but pull out your bubble-sheet 2) Using your pencil, fill in your last name & first initial your net id (this is the same as your En
UIllinois - ACCY - 202
UIllinois - ECON - 302
Final Version A December 17, 2008Economic 302 Section 9Name:_ Net-ID:_Before beginning the exam, please verify that you have 11 pages with 50 questions in your exam booklet. On Your scantron sheet, you must place yourfull name, university ID number, N
UIllinois - ECON - 302
Midterm I Version A October 2, 2008Economic 302 Section 9Name:_ Net-ID:_Before beginning the exam, please verify that you have 7 pages with 28 questions in your exam booklet. On Your scantron sheet, you must place your full name, university ID number,
UIllinois - ECON - 302
Midterm II Version A December 4, 2008Economic 302 Section 9Name:_ Net-ID:_Before beginning the exam, please verify that you have 7 pages with 32 questions in your exam booklet. On Your scantron sheet, you must place yourfull name, university ID number
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - CS - 105
UIllinois - CS - 105
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - CS - 105
UIllinois - CS - 105
UIllinois - CS - 105
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - CS - 105
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - CS - 105
UIllinois - CS - 105
UIllinois - CS - 105
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - CS - 105
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - CS - 105
Warning Concerning Copyright RestrictionsThe Copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyright material. Under certain conditions specified in the law, libraries and ar
UIllinois - ACCY - 201
201 Competitive Strategy1 Competitive Strategy Market Niche focus Broad Emphasis Cost leadership 1. proximity to key suppliers 2. vertical integration 3. economies of scale 4. susceptible to becoming inflexible Differentiation 1. reduce its customers cos
UIllinois - ACCY - 201
201 Value ChainBS 2 Value ChainPrimary activity Inbound logistics 1. warehouse 2. track incoming material orders Operation Outbound delivery Marketing/sales Post sales Supporting activity Procurement - buy materials Human resources hire, pay, train, ret
UIllinois - ACCY - 201
201 Macro EnvironmentBS 3 Macro Environment-Key Demographic 1. baby boomers/aging population 2. incomes 3. age 4. gender 5. geographic distribution Social/cultural 1. women in workplace 2. environment 3. health &fitness Technological Economic 1. interest
UIllinois - ACCY - 201
201 Porters Five ForcesBS 4 Porter's Five Forces-Key Threat of new entrants is low when 1. large scale operations 2. product differentiation 3. capital requirements 4. switching cost 5. distribution channel Threat of substitutes is high when 1. different
UIllinois - ACCY - 201
201 Gains from Trade BS 5 Gains from Trade-KeySource a. Preferences art auction b. Uniqueness c. A thin market d. Comparative advantage near a textile mill long-term purchasing agreement mutually advantageous seller p < agreed p < buyer p property rights
UIllinois - ACCY - 201
201 Property Rights & Exchange1.Melba owns a condo in Chicago. She can sell it if she chooses because a. Her property rights are alienable b. Her decision rights are alienable c. Her property rights are private d. Her decision rights are alienable e. No
UIllinois - ACCY - 201
201 General & Specific KnowledgeBS 7 General & Specific Knowledge-Key a. General b. Specific culture/language c. idiosyncratic d. scientific CPA e. assembled 1. Martin is the CEO of his own business. He holds a maters degree in computer science and an MB
UIllinois - ACCY - 201
201 Contracting Costs in MarketsBS 8 Contracting Costs-Key a. search or information cost b. bargaining or decision cost c. policing or enforcing cost contract/lawsuit d. opportunity cost 1. A sorority at the U of I is planning philanthropy to raise money
UIllinois - ACCY - 201
201 Advantages of a Firm BS 9 Advantages of a Firm-Key How many Transactions? Market (M*N) no firm exists/does not open the restaurant Firm (M+N) opens a wocket factory/ a firm exists How much is the Transaction cost? Transactions*cost1.A wocket is made
Carleton CA - MATH - 1005
A. AlacaMATH 1005Winter 20102BERNOULLIs DIFFERENTIAL EQUATIONS Denition: An equation of the form y + P (x)y = Q(x) y n , where n is any real number is called Bernoulis equation.Note: When n = 0, we have a rst order lin. di. eqn. If n = 1 (and y = 0),
Carleton CA - MATH - 1005
A. AlacaMATH 1005Winter 20101MATH 1005 WINTER 2010 LECTURE SLIDES Prepared by Aye Alaca s Last modied: February 8, 2010 These Slides replace neither the Text Book nor the LecturesCAUCHY-EULER DIFFERENTIAL EQUATIONSA. AlacaMATH 1005Winter 20102CA
Carleton CA - MATH - 1005
O O restart: with(plots): O implicitplot(cfw_x^2-x*y+y^2=1,x^2-x*y+y^2=3, x^2-x*y+y^2=9, x=-4. .4, y=-4.4,grid=[30,30],color=blue,scaling=constrained, title= "x^2-x*y+y^2=c^2", thickness=2);x^ 2-x* y+ y^ 2= c ^ 2 32 y 1K 3K 2K 1 K 101 x23K 2K 3
Carleton CA - MATH - 1005
A. AlacaMATH 1005FFall 20081FIRST ORDER LINEAR DIFFERENTIAL EQUATIONS A rst order linear dierential equation is an equation of the form y + P (x)y = Q(x) ()where P (x) and Q(x) continuous functions on a given interval. Method of solution: We are look
Carleton CA - MATH - 1005
A. AlacaMATH 1005Winter 20108Integrating factor for non-exact dierential equations It is sometimes possible to convert a non-exact DE into an exact DE by multiplying it an integrating factor I (x, y ): P (x, y ) + Q(x, y ) y = 0 () (non-exact.) (exact
Carleton CA - MATH - 1005
A. AlacaMATH 1005Winter 20101MATH 1005 WINTER 2010 LECTURE SLIDES Prepared by Aye Alaca s Last modied: January 1, 2010 These Slides replace neither the Text Book nor the LecturesPARTIAL DERIVATIVESA. AlacaMATH 1005Winter 20102Partial Derivatives
Carleton CA - MATH - 1005
A. AlacaMATH 1005Winter 20102SECOND-ORDER LINEAR DIFFERENTIAL EQUATIONS A Second-order linear dierential equation has the form P (x)y + Q(x)y + R(x)y = G(x) ()where P, Q, R and G are continuous functions. If G(x) = 0 for all x, then () is called homo
Carleton CA - MATH - 1005
A. AlacaMATH 1005Winter 20102INFINITE SEQUENCES AND SERIES A sequence is an ordered list having a rst element but no last element: a1, a2, a3, ., an, . a1 is the rst term, a2 is the second term, an is the nth term or general term. Each term an of an i
Carleton CA - MATH - 1005
A. AlacaMATH 1005Winter 2010 1Last modied: January 11, 2010 Table of Dierential equationsDiential Eqn. Separable DE. Homogeneous DE.General Form y = f ( x) g ( y ) y = f (x, y) = g(v), v = y/xMethod of Solution h(y) dy = f (x) dx, h(y) = 1/g(y) dv d
Carleton CA - MATH - 1005
A. AlacaMATH 1005Winter 201016The Method of Variation of Parameters For any equation of the form y + P (x)y + Q(x)y = G(x), (1)where P (x), Q(x) and G(x) are continuous functions of x, a particular solution can be obtained by variation of parameters.
Arkansas - ECON - 4033
University of Arkansas ECON 4033 History of Economic Analysis TTh 2:00-3:20 p.m., WCOB 3393/11/08 Exam BName (only on the back of the last page of these exam pages) Please put your name only on the outside of your blue book and only on the back of the l
Tel Aviv Uni. - ENGINEERIN - 50-22-43-2
1 ' 9-8002 )' ( / :: . : , : , V , . , , : : ) (. : ) ; : (
Tel Aviv Uni. - ENGINEERIN - 50-22-43-2
u.multinet.co.ilu.multinet.co.ilu.multinet.co.ilu.multinet.co.ilu.multinet.co.ilu.multinet.co.il
Tel Aviv Uni. - ENGINEERIN - 50-22-43-2
, )S . ,S ." + NIL s-.Relax . u ," .s- (BF) .O(|V|E|) : . 3 6 7 10 DFS All-Pairs Shortest Paths 2 5 7 9 12 (3) . .din(v)=dout(v) :V- v . .din(u)=dout(u) uv,w . . FW BFS (" 0/1 ) " (2) (1) : (*) . 1 4 7 8 11 (" )BFu.multinet.co.ilmin O(|V|4) : 3 .
Tel Aviv Uni. - ENGINEERIN - 50-22-43-2
u.multinet.co.il5: .1G .. .o iG = g1, g2, gn G :" .T-Wi . : , , . . Ok ,( .O k : O(n) O(nlogn) G O(n) O(nlogn) " G G " OL . . . " . ,( T Oi .a*wi=T" . ) T>0 Wi<T . oi c , " .T gi , ,,. ) OL Gk>GL Ok ...O(2n) .2 Fun : . : ,n=0 .".0IFFun . O(
Tel Aviv Uni. - ENGINEERIN - 50-22-43-2
u.multinet.co.ilu.multinet.co.ilu.multinet.co.ilu.multinet.co.ilu.multinet.co.ilu.multinet.co.il
Tel Aviv Uni. - ENGINEERIN - 50-22-43-2
u.multinet.co.ilu.multinet.co.ilu.multinet.co.ilu.multinet.co.ilu.multinet.co.il
Tel Aviv Uni. - ENGINEERIN - 50-22-43-2
TA Marathon "http:/TAMarathon.net? TA Marathon "http:/TAMarathon.net? TA Marathon "http:/TAMarathon.net?
Tel Aviv Uni. - ENGINEERIN - 50-22-43-2
- om ommunication aboratory : 6002m(t )vm (t )vmr (t )mr (t ) 1 2 . 1. .1 : 1.1 .1.1v h (t ) = A cos( 0 t + ) = A cos[ 0 (t + d )] = Re Ae j e j o t = Vh ( jf ) =cfw_A j j 0 t A j j 0 t ee +e e 2 2A j A
Tel Aviv Uni. - ENGINEERIN - 50-22-43-2
- DHCP DHCP OpNet: : DHCP DHCPDynamic Host Configuration Protocol Dynamic .TCP/IP -: )(IETF )(DHCWG - - ' DHCP DHCP s - . s
Tel Aviv Uni. - ENGINEERIN - 50-22-43-2
OpNet OpNet . , OpNet , : , , . OpNet , , , .
Tel Aviv Uni. - ENGINEERIN - 50-22-43-2
Graphs ARE NOTIntro to Data Structures and Algorithms Graphs - Introduction, Slide 1GraphsG = (V,E)1 2 3456V[G] = cfw_1,2,3,4,5,6|V| = 6E[G] = cfw_1,2,cfw_1,5,cfw_2,5,cfw_3,6 Note: cfw_u,v = (u,v) = (v,u)(u,v): uvIntro to Data Structures and