Information Security Program Survey Essay Example | Topics and Well Written Essays - 1250 words

Information Security Program Survey - Essay Example As described in its website, VA is one of the world’s largest consolidated IT organizations and the department’s Office of Information Technology has a $3.1 billion budget for the current fiscal period. The organization operates nearly 800 community based outpatient clinics and 152 medical centers. In addition, it possesses over, 300,000 desktop computers, 30,000 laptop computers, and roughly 450,000 email accounts (CRISP). Recently, the VA has implemented the Continuous Readiness in Information Security Program (CRISP) to enhance the privacy of information about Veterans and their families. This information security program greatly fits the VA’s FY 2010-2014 strategic plan because this program notably contributes to value optimization and stakeholder satisfaction. However, the organization has been performing poorly in major information security control areas for long years. This issue has limited the performance efficiency of the CRISP to a certain extent. The costs and benefits of the CRISP development and execution are yet to be known. VA’s Strategic Plan The VA strives to be people-centric, result-driven, and forward looking (VA strategic plan). All operations of the department are directed towards promoting the wellbeing of Veterans and their families. ... It also aims to meet Veteran client satisfaction by delivering improved ‘health, education, training, counseling, financial, and burial benefits and services’. Another key objective of FY 2010-2014 strategic plan is to improve the willingness to deliver services and to protect people and their properties on a continuous basis, and particularly in times of crises. Finally, this strategic plan also strives to â€Å"improve internal customer satisfaction with management systems and support services to achieve mission performance and make VA an employer of choice by investing in human capital† (VA strategic plan). Information security program The VA has established the Continuous Readiness in Information Security Program (CRISP) by coalescing different information security initiatives. The major purpose of this program is to strengthen the security of information about Veterans, particularly health care records. This information security program is characterized with â€Å"unannounced audits, surveys, and self-assessments† (CRISP). The department claims that this program is very effective to ensure the confidentiality of sensitive information about Veterans. Actually, CRISP began as an initiative to ensure the department’s 334,000 employees 100 percent comply with mandatory security and privacy awareness training. The CRISP is completely in line with the department’s â€Å"long-standing security policies, including the provision of consistent, centralized training on IT security, records security, and privacy awareness†. The most part of the training is based on internet. In addition to following the traditional policies, the