Role Of Professional Organizations In Advocating For The Nursing Describe how the nursing profession is viewed by the general public. Discuss factors that

Role Of Professional Organizations In Advocating For The Nursing Describe how the nursing profession is viewed by the general public. Discuss factors that influence the public’s perception of nursing? Describe ways to educate the general public on the professional nurse’s role and scope of nursing within a changing health care system. Red Clay Renovations
Company Profile
Valorie J. King, PhD
4/6/2018
Copyright © 2018 by University of Maryland University College. All Rights Reserved.
CSIA 413: Cybersecurity Policy, Plans, and Programs
Table of Contents
Company Overview ……………………………………………………………………………………………………………………… 1
Corporate Governance & Management ……………………………………………………………………………………… 1
Operations ……………………………………………………………………………………………………………………………… 4
Acquisitions …………………………………………………………………………………………………………………………….. 5
Legal and Regulatory Environment …………………………………………………………………………………………….. 5
Policy System ………………………………………………………………………………………………………………………….. 6
Risk Management & Reporting ………………………………………………………………………………………………….. 6
IT Security Management …………………………………………………………………………………………………………… 7
Information Technology Infrastructure ………………………………………………………………………………………….. 8
Enterprise Architecture…………………………………………………………………………………………………………….. 8
Operations Center IT Architecture……………………………………………………………………………………………… 9
Field Office IT Architecture ……………………………………………………………………………………………………… 10
System Interconnections ………………………………………………………………………………………………………… 11
Tables
Table 1. Key Personnel Roster ………………………………………………………………………………………………………. 3
Table 2. Red Clay Renovations Office Locations & Contact Information ……………………………………………… 4
Figures
Figure 1. Red Clay Renovations Organization Chart …………………………………………………………………………. 2
Figure 2. Overview for Enterprise IT Infrastructure ………………………………………………………………………….. 9
Figure 3. IT Architecture for Operations Center …………………………………………………………………………….. 10
i
Company Overview
Red Clay Renovations is an internationally recognized, awarding winning firm that specializes in the
renovation and rehabilitation of residential buildings and dwellings. The company specializes in updating
homes using “smart home” and “Internet of Things” technologies while maintaining period correct
architectural characteristics. The company’s primary line of business is Home Remodeling Services
(NAICS 236118).
Corporate Governance & Management
Red Clay Renovations was incorporated in the State of Delaware in 1991 and is privately held. (Its stock
is not publicly traded on a stock exchange.)The company maintains a legal presence (“Corporate
Headquarters”) in Delaware to satisfy laws relating to its status as a Delaware corporation. The company
has a five member Board of Directors (BoD). The Chief Executive Officer (CEO) and Chief Financial Officer
(CFO) each own 25% of the corporation’s stock; both serve on the BoD. The CEO is the chair person for
the BoD. The three additional members of the BoD are elected from the remaining stock holders and
each serve for a three year term. The BoD provides oversight for the company’s operations as required
by state and federal laws. Its primary purpose is to protect the interests of stockholders. Under state
and federal law, the BoD has a fiduciary duty to ensure that the corporation is managed for the benefit
of the stockholders (see http://www.nolo.com/legal-encyclopedia/fiduciary-responsibilitycorporations.html). The BoD has adopted a centrally managed “Governance, Risk, and Compliance”
(GRC) methodology to ensure that the corporation meets the expectations of stakeholders while
complying with legal and regulatory requirements.
The company’s senior management includes the Chief Executive Officer (CEO), Chief Financial Officer
(CFO), Chief Operating Officer (COO), Director of Architecture & Construction Services (A&C), Director of
Customer Relations (CR), Director of Human Resources (HR), the Director of Information Technology
Services (ITS), and the Director of Marketing and Media (M&M). The Director of ITS is dual-hatted as the
company’s Chief Information Security Officer (CISO). These individuals constitute the Executive Board for
the company and are responsible for implementing the business strategies, policies, and plans approved
by the BoD. A separately constituted IT Governance Board is chaired by the Chief Operating Officer. The
five directors (A&C, CR, HR, ITS, and M&M) serve as members of the IT Governance board. This board
considers all matters related to the acquisition, management, and operation of the company’s
information technology resources.
The CEO, CFO, and COO have been with the company since it started in 1991. The Directors for A&C, CR,
and HR have over 20 years each with the company. The Director for M&M has ten years of service. The
Director of ITS / CISO has been with the company less than two years and is still trying to bring a
semblance of order to the IT management program – especially in the area of IT security services. This is
a difficult task due to the company’s failure to promptly hire a replacement for the previous director
who retired two years ago.
1
CSIA 413: Cybersecurity Policy, Plans, and Programs
Figure 1. Red Clay Renovations Organization Chart
2
CSIA 413: Cybersecurity Policy, Plans, and Programs
Table 1. Key Personnel Roster
Name & Title
Josiah Randell
CEO
Isabelle Bromley
Office
Location
Wilmington
Office Phone
No.
910-555-2158
email
Wilmington
910-555-2150
Isabelle_Bromley@ redclayrennovations.com
Wilmington
910-555-2152
nr@redclayrenovations.com
Wilmington
910-555-2159
morgan@redclayrenovations.com
Owings Mills
667-555-5000
julia@redclayrenovations.com
Wilmington
910-555-1000
ed@redclayrenovations.com
Owings Mills
667-555-6260
Erwin_Carrington@hq.redclayrenovations.com
Owings Mills
667-555-6370
Eric_Carpenter@hq.redclayrenovations.com
Owings Mills
667-555-6400
an@redclayrenovations.com
Ownings Mills
667-555-6900
rn@redclayrenovations.com
Owings Mills
667-555-8000
en@redclayrenovations.com
Baltimore
443-555-2900
Charles@balt.redclayrenovations.com
Baltimore
443-555-2900
Erica@balt.redclayrenovations.com
Philadelphia
267-555-1200
William@philly.redclayrenovations.com
jr@redclayrenovations.com
Executive Assistant
to Mr. Randell
Natalie Randell
Chief of Staff
Morgan Randell
CFO
Julia Randell
COO
Edward Randell,
Esq
Corporate Counsel
Erwin Carrington
CIO & Director IT
Services
Eric Carpenter
CISO / Deputy CIO
Amanda Nordham
Director, Customer
Relations
Rebecca Nordham
Director, Marketing
& Media
Eugene Nordham
Director,
Architecture &
Services
Charles Knox
Manager & Architect
in Charge, Baltimore
Field Office
Erica Knox
Office Manager &
ISSO, Baltimore Field
Office
William Knox
Manager & Architect
in Charge,
Philadelphia Field
Office
3
CSIA 413: Cybersecurity Policy, Plans, and Programs
Alison Knox-Smith
Philadelphia
267-555-1200
Alison@philly.redclayrenovations.com
Office Manager &
ISSO, Philadelphia
Field Office
Operations
Red Clay Renovations has offices in Baltimore, MD, Philadelphia PA, and Wilmington, DE. The contact
information for each location is provided in Table 2.
Table 2. Red Clay Renovations Office Locations & Contact Information
Location
Baltimore Field Office
Philadelphia Field Office
Operations Center (Owings
Mills)
Wilmington Office
Mailing Address
200 Commardy Street, Suite 450
Baltimore, MD 21201
1515 Chester Street
Philadelphia, PA 19102
12209 Red Clay Place
Owings Mills, MD 21117
12 High Street
Wilmington, DE 19801
Phone Number
443-555-2900
267-555-1200
667-555-6000
910-555-2150
The Operations Center is the company’s main campus and is located in suburban Baltimore, MD (Owings
Mills). The Owings Mills facility houses the company’s data center as well as general offices for the
company’s operations. These operations include: accounting & finance, customer relations, human
resources, information technology services, marketing, and corporate management. There are
approximately 100 employees at the Operations Center. Day to day management of the Owings Mills
facility is provided by the company’s Chief Operating Officer (COO).
The company’s Chief Executive Officer, corporate counsel, and support staff maintain a presence in the
company’s Wilmington, DE offices but spend most of their time at the Owings Mills operations center.
Field Offices are located in downtown Baltimore and suburban Philadelphia. Each office has a managing
director, a team of 2-3 architects, a senior project manager, a business manager, and an office manager.
Support personnel (receptionist, clerks, etc.) are contractors provided by a local staffing services firm.
Each office operates and maintains its own IT infrastructure.
The company’s architects, project managers, and other support personnel frequently work from
renovation sites using cellular or WiFi connections to access the Internet. Many field office employees
are also authorized to work from home or an alternate work location (“telework site”) one or more days
per week.
4
CSIA 413: Cybersecurity Policy, Plans, and Programs
Acquisitions
Red Clay acquired “Reality Media Services,” a five person digital media & video production firm in 2015
(NAICS Codes 512110, 519130, and 541430). RMS creates a video history for each residential
construction project undertaken by Red Clay Renovations. RMS also provides Web design and social
media services for Red Clay Renovations to promote its services. RMS employees work primarily out of
their own home offices using company provided equipment (computers, video / audio production
equipment). Each employee also uses personally owned cell phones, laptops, digital cameras, and
camcorders. While RMS is now wholly owned by Red Clay, it continues to operate as an independent
entity. Red Clay senior management is working to change this, however, starting with bringing all IT and
IT related resources under the company’s central management. As part of this change, Red Clay has set
up a media production facility (“Media Studio”) in its headquarters location which includes office space
for RMS personnel. The production facility and RMS operations are under the management control of
the Director, Marketing & Media Services.
Legal and Regulatory Environment
The firm is licensed to do business as a general contractor for residential buildings in three states (DE,
MD, PA). The company’s architects maintain professional licensure in their state of residence. The
company’s general counsel is licensed to practice law in Delaware and Maryland. The Chief Financial
Officer is a Certified Public Accountant (CPA) and licensed to practice in all three states.
The company collects, maintains, and stores personal information from and about customers over the
normal course of doing business. This includes credit checks, building plans and drawings for homes, and
information about a customer’s family members which needs to be taken into consideration during the
design and construction phases of a project (e.g. medical issues / disabilities, hobbies, etc.).
When renovations are required due to a medical condition or disability, the company works with health
insurance companies, Medicare/Medicaid, and medical doctors to plan appropriate modifications to the
home and to obtain reimbursement from insurers. This sometimes requires that the company receive,
process, store, and transmit Protected Health Information (PHI) generated by medical practitioners or as
provided by the customer. The company’s legal counsel has advised it to be prepared to show
compliance with the HIPAA Security Rule for PHI for information stored on computer systems in its field
offices and in the operations center.
Red Clay began offering “Smart Home” renovation services in 2005 (NAICS Codes 541310 and 236118).
These services are primarily offered out of the Baltimore and Philadelphia field offices. A large
percentage of the company’s “smart home” remodeling work is financed by customers through the
Federal Housing Administration’s 203K Rehab Mortgage Insurance program. Red Clay provides
assistance in filling out the required paperwork with local FHA approved lenders but does not actually
5
CSIA 413: Cybersecurity Policy, Plans, and Programs
process mortgages itself. Red Clay does, however, conduct credit checks on prospective customers and
accepts credit card payments for services.
As a privately held stock corporation, Red Clay Renovations is exempt from many provisions of the
Sarbanes-Oxley Act of 2002. But, in certain circumstances, i.e. a government investigation or bankruptcy
filing, there are substantial criminal penalties for failure to protect business records from destruction or
spoliation.
Policy System
The company’s Chief of Staff is responsible for the overall organization and management of the
company’s collection of formal policies and procedures (“policy system”). The company’s policies
provide guidance to employees and officers of the company (CEO, CFO, and the members of the Board
of Directors) with respect to their responsibilities to the company. Policies may be both prescriptive
(what “must” be done) and proscriptive (what “must not” be done). Responsibility for writing and
maintaining individual policies is assigned to a designated manager or executive within the company.
Each policy identifies the responsible individual by title, e.g. Director of Human Resources.
The major policy groupings are:
?
?
?
?
?
Human Resources
Financial Management
Information Technology
Employee Handbook
Manager Deskbook
Selected policies are published as an Employee Handbook and a Manager’s Deskbook to communicate
them to individual employees and managers and to ensure that these individuals are aware of the
content of key policies which affect how they perform their duties.
Risk Management & Reporting
The company engages in a formal risk management process which includes identification of risks,
assessment of the potential impact of each risk, determination of appropriate risk treatments
(mitigation, acceptance, transfer), and implementation of the risk management strategy which is based
upon the selected risk treatments. For information technology related risks, the CISO working in
conjunction with the IT Governance Board is responsible for identifying and assessing risks.
Corporate-wide, high level risks which could impact the company’s financial performance are disclosed
to shareholders during the annual meeting and in the Annual Report to Investors. For the current year,
the following high level cybersecurity related risks will be disclosed.
6
CSIA 413: Cybersecurity Policy, Plans, and Programs
1. Cyber-attacks could affect our business.
2. Disruptions in our computer systems could adversely affect our business.
3. We could be liable if third party equipment, recommended and installed by us (e.g. smart home
controllers), fails to provide adequate security for our residential clients.
The company’s risk treatments for cybersecurity related risks include purchasing cyber liability
insurance, implementing an asset management and protection program, implementing configuration
baselines, implementing configuration management for IT systems and software and auditing
compliance with IT security related policies, plans, and procedures.
The corporate board was recently briefed by the Chief Information Officer concerning the company’s IT
Security Program and how this program contributes to the company’s risk management strategy. During
the briefing, the CIO presented assessment reports and audit findings from IT security audits. These
audits focused upon the technical infrastructure and the effectiveness and efficiency of the company’s
implementation of security controls. During the discussion period, members of the corporate board
asked about audits of policy compliance and assessments as to the degree that employees were (a)
aware of IT security policies and (b) complying with these policies. The CIO was tasked with providing
audit reports for these items before the next quarterly meeting of the corporate board.
The corporate board also asked the CIO about future plans for improvements to the IT Security program.
The CIO reported that, in the coming year, the CISO will begin implementation of an IT vulnerability
management program. The CIO also reported that the CISO is working with the IT Governance Board to
restart the company’s security education, training, and awareness (SETA) program. SETA activities had
fallen into disuse due to a perceived lack of quality and lack of timeliness (out of date materials). The
CISO has also determined that the System Security Plans for the field offices are out of date and lacking
in important security controls. These plans have been scheduled for update in the near future to ensure
that the company’s risk management strategy for cybersecurity risks is fully implemented.
IT Security Management
The company’s Chief Information Security Officer (CISO) is responsible for providing management
oversight and technology leadership for the company’s Information Technology security program. This
program is designed around the ISO 27001/27002 requirements but is not fully compliant. For cost
reasons, the Chief Information Officer (CIO) has decided not to pursue implementation of CobiT or ITIL
standards for managing IT systems and services. A less costly alternative, using NIST guidance
documents, was approved at the CISO’s suggestion. The CISO’s selected guidance documents include:
?
?
?
NIST SP 800-12 “An Introduction to Computer Security: The NIST Handbook:
NIST SP 800-18 “Guide for Developing Security Plans for Federal Information Systems”
NIST SP 800-53 “Security and Privacy Controls for Federal Information Systems and
Organizations”
7
CSIA 413: Cybersecurity Policy, Plans, and Programs
?
?
NIST SP 800-100 “Information Security Handbook: A Guide for Managers”
NISTIR 7621 “Small Business Information Security: The Fundamentals”
The CISO has determined that the closest fit for the level of security required by law for the company’s
IT systems is the “moderate level” as defined in the FIPS 199/200 standards and specified in NIST SP
800-53 Revision 4. The company has created its own minimum security controls baseline which is used
for developing system security plans.
Under the company’s existing IT Security Management Plan, the following individuals are responsible for
the security of its IT systems.
1. Chief Information Officer: designated approving official for all IT systems certification and
authorization.
2. Chief Information Security Officer: responsible for developing security plans and procedures.
3. Chief Financial Officer: responsible for negotiating and providing oversight for contracts and
service level agreements for IT services.
4. Chief Operating Officer: responsible for approval …
Purchase answer to see full
attachment

Don't use plagiarized sources. Get Your Custom Essay on
Role Of Professional Organizations In Advocating For The Nursing Describe how the nursing profession is viewed by the general public. Discuss factors that
Get an essay WRITTEN FOR YOU, Plagiarism free, and by an EXPERT!
Order Essay
Calculate your paper price
Pages (550 words)
Approximate price: -

Why Choose Us

Top quality papers

We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.

Professional academic writers

We have hired a team of professional writers experienced in academic and business writing. Most of them are native speakers and PhD holders able to take care of any assignment you need help with.

Free revisions

If you feel that we missed something, send the order for a free revision. You will have 10 days to send the order for revision after you receive the final paper. You can either do it on your own after signing in to your personal account or by contacting our support.

On-time delivery

All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.

Original & confidential

We use several checkers to make sure that all papers you receive are plagiarism-free. Our editors carefully go through all in-text citations. We also promise full confidentiality in all our services.

24/7 Customer Support

Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.

Try it now!

Calculate the price of your order

Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.

Essays

Essay Writing Service

You are welcome to choose your academic level and the type of your paper. Our academic experts will gladly help you with essays, case studies, research papers and other assignments.

Admissions

Admission help & business writing

You can be positive that we will be here 24/7 to help you get accepted to the Master’s program at the TOP-universities or help you get a well-paid position.

Reviews

Editing your paper

Our academic writers and editors will help you submit a well-structured and organized paper just on time. We will ensure that your final paper is of the highest quality and absolutely free of mistakes.

Reviews

Revising your paper

Our academic writers and editors will help you with unlimited number of revisions in case you need any customization of your academic papers