Risk Analysis Paper

1) Describe the information technology structure of the organization in the given scenario.
2) Identify specific cyberlaws and ethics regulations that pertain to the organization and its computing operations in the scenario.
3) Organizational ethics violations
i. Classify unethical behaviors with respect to whether they are personal or professional in nature, being sure to support your position
with specific examples.
ii. Assess the impact of the unethical behaviors on IT and computing within the organization.

ABC Healthcare is a startup company with 50 employees. The company’s computer network is shown in Figure 1 below. The healthcare data server contains the
company’s records, including copies of patient health records with personally identifiable data, patient billing, company financials, and forms.
You have been hired as the IT network security officer, reporting directly to the chief information officer (CIO). Currently, there is a network administrator who
has very limited experience and worked as a desktop technician prior to joining ABC. This network administrator helped set up the existing network. In addition,
ABC plans to hire a desktop technician and a website developer/programmer who will report directly to the CIO.
There are no policies or guidelines for employees’ usage of the computers and network. Network setup was done by various vendors, and all of the programs
use default usernames and passwords. Wireless access has been set up for staff using wireless laptops. The same wireless access point also provides clients
access to the internet. Some staff members bring in their own computers and connect them to the network. Employees use the work systems for personal web
browsing and to check personal email accounts.
As part of network security, management set up a video monitoring system throughout the office. Employees are not notified of any monitoring.
There is a copier/printer in the front office that is used by employees. Currently, all unused copies are left next to the copier for recycling.
Figure 1
The administration office room uses an open cubicle structure for its staff. Figure 2 depicts the cubicles and seating of its staff. Staff members sometimes
complain that they can hear each other during the work day.
Figure 2
Create a comprehensive risk analysis narrative in which you assess ABC Healthcare’s information systems for ethics violations and cyberlaw compliance, and
research the framework for creating an acceptable use-of-technology policy and code of ethics.
Next, using PowerPoint, Google Presentation, or Prezi, create a presentation in which you recommend appropriate strategies for remediating the instances of
ethics violations and cyberlaw noncompliance you identified in your risk analysis. Propose an organizational code of ethics related to information technology that
prevents future violations and noncompliance, and propose an acceptable use-of-technology policy that addresses non-adherence.