GCU risk management program analysis part one, I am stuck on question 2. which is below: idk what is really being asked is all? please help me understand the question.

Comparison of Standard Risk Management Program Administrative Steps and Processes With the Administrative Steps and Processes in the Example

5. 5: Excellent22.5 points

A comparison of standard risk management program administrative steps and processes with the administrative steps and processes in the example is comprehensive. The submission incorporates analysis of supporting evidence and provides specific examples with relevance. Level of detail is appropriate.

This is my first part that I have done on information security management.

Summary Description of the Type of Risk Management Plan Selected with Rationale

A risk management program ensures proper compliance with best practices for employees, patients, and visitors. Risk management has mandatory standards with the course of action or rules, giving policy support and direction to employees. Minimum specifications for Providence Saint Mary's (PSHJ) in Apple Valley, California, Risk Management Program has policies accessible to ensure better regulations requirements are being met in terms of confidentiality, integrity, and availability of all PSJH information systems.

At Providence Saint Mary's in Apple Valley, California, the requirements for ensuring confidential information are the policy "PSJH-EIS-950.08 Acceptable Use Standard- Corresponds to Information Security Management Policy. This policy ensures proper use of computer equipment and resources; The acceptable standards are to protect the confidentiality, integrity, and availability of PSJH information and information system" (Providence St. Joseph Health, 2022). This policy ensures no litigation or risks of virus attacks, which leads to an unauthorized person or persons gaining PHI, employee information, or other information.

An employee can lose their job or disciplinary actions if found unauthorizing of a patient's information or using the PSJH system for personal use. Providence makes all employees sign a form stating their concerns and policy guidelines. Employees are responsible for accessing only necessary information on patients working with and following restrictions. Papers and documents should be held securely and destroyed adequately before the end of a shift. Another good way to ensure no personal social media is by not allowing personal phones, but sometimes this is how we text doctors. Turning off your workstation computer prior to leaving that station is another way to protect patient identifications. Any other concerns regarding the policy, contact "Cindy Johnston at (425)577-7685 or Darlene Harrold at (669)699-1970 or PolicyManagementOffice@ providence.org with any questions" (Providence St. Joseph Health, 2022).

An engineered computer program can calculate risk and management. A preferred security program is needed for a hospital to ensure patient information is stored properly and securely. Cyber risk management is essential for in-patient protection (BlueVoyant Selected to Join the American Hospital Association Preferred Cybersecurity Service Provider Program