You Are Ready To Prepare The Final Version Of The ED ✓ Solved

You are ready to prepare the final version of the ED

You are ready to prepare the final version of the EDMS business requirements document (BRD) incorporating the assignments you completed and faculty feedback provided for Weeks 1–5. You will present your BRD to the Board of Directors for Hollywood Organic Co-op. Write at least 4 to 6 pages for the final business requirements document for the new EDMS and prepare an 8- to 10-slide media-rich presentation summary of the BRD to the Hollywood Organic Co-op’s Board of Directors. Analyze the critical components of your information security program as it relates to Hollywood Organic Co-op. Justify how the security objectives for the EDMS align with the business objectives. Identify and describe document access controls and best practices, including: Viewing Editing Copy/paste (including screen capture) Printing Forwarding e-mail containing secured e-documents Identify, define, and describe document access policies and best practices including: Text documents Spreadsheets Financial statements E-mail messages Policy and procedure manuals Research Customer and project data Personnel files Medical records Intranet pages Other sensitive information Identify, define, and describe all stages of the document life cycle and best practices including: Creation Storage Categorizing Metadata tagging Delivery or sharing Repurposing Review and reporting archiving and/or destruction. Format citations according to APA guidelines. Submit your business requirements document and presentation.

Paper For Above Instructions

The effective management of business processes is crucial in today’s digital age, especially for organizations like the Hollywood Organic Co-op. This business requirements document (BRD) serves as a foundational guideline for the implementation of an Electronic Document Management System (EDMS). In the following sections, a comprehensive overview of components crucial to the EDMS will be presented, including an analysis of the information security program, justification of security objectives, document access controls, policies, best practices, document life cycle stages, and more.

1. Introduction

The Hollywood Organic Co-op aims to incorporate a new EDMS to streamline business processes, ensure data security, and maintain compliance with regulatory requirements. This document outlines the necessary components for the successful implementation of the EDMS and addresses the organization’s specific needs based on the feedback received in previous assignments.

2. Information Security Program Analysis

The critical components of the information security program for Hollywood Organic Co-op include:

• Confidentiality: Ensuring sensitive information is not disclosed to unauthorized individuals.
• Integrity: Maintaining the accuracy and completeness of data.
• Availability: Ensuring that authorized users have access to information when needed.

The security objectives of the EDMS align with the overarching business objectives of the Co-op by promoting trust amongst stakeholders and ensuring compliance with industry regulations such as HIPAA for medical records and GDPR for personal data protection (NIST, 2020). In essence, a secure EDMS directly impacts the organization’s credibility and operational efficiency.

3. Document Access Controls and Best Practices

Effective document access controls are essential to safeguard sensitive information. The following controls and best practices should be implemented:

• Viewing: Permissions should be assigned to limit viewing access to authorized personnel.
• Editing: Only designated users should have editing rights to prevent unauthorized modifications.
• Copy/Paste (including screen capture): Disable copy/paste and screen capture functionalities for sensitive documents.
• Printing: Implement strict controls on printing capabilities to monitor and restrict physical copies.
• Forwarding emails: Establish policies preventing the forwarding of sensitive documents via email to unapproved recipients.

4. Document Access Policies and Best Practices

To control document access effectively, the following policies and best practices should be established for various types of documents:

• Text Documents: Access should be limited based on role and need-to-know basis.
• Spreadsheets: Utilize password protection and encryption for spreadsheets containing sensitive data.
• Financial Statements: Ensure that only finance department personnel can view and edit financial statements.
• Email Messages: Encrypt emails containing sensitive information, especially in transit.
• Policy and Procedure Manuals: Regularly update manuals to reflect current practices and control access to authorized personnel.
• Research: Protect research data through access restrictions and anonymization practices.
• Customer and Project Data: Limit access to project data based on involvement and ensure proper data handling training.
• Personnel Files: Protect personal data of employees through strict access controls and audit trails.
• Medical Records: Adhere to HIPAA regulations strictly to safeguard patient information.
• Intranet Pages: Use authentication and access control mechanisms to restrict sensitive intranet content.

5. Document Life Cycle Stages and Best Practices

The document life cycle can be broken down into the following stages, with corresponding best practices:

• Creation: Utilize templates and standardized formats to ensure consistency and security.
• Storage: Implement secure storage solutions that provide data encryption.
• Categorizing: Employ metadata tagging to facilitate efficient retrieval of documents.
• Delivery or Sharing: Use secure sharing methods, such as encrypted emails or secure file sharing services.
• Repurposing: Ensure sensitivity is evaluated before documents are repurposed for other uses.
• Review and Reporting: Regularly review documents for relevance and security posture.
• Archiving and/or Destruction: Develop a policy for secure destruction of obsolete documents to prevent unauthorized access.

6. Conclusion

The development of a comprehensive Business Requirements Document for the EDMS at Hollywood Organic Co-op will serve to enhance operational efficiency and ensure information security. The measures identified in this document, including document access controls, policies, and life cycle management procedures, will form the backbone of a successful EDMS implementation. Stakeholders must understand the importance of these components to align with the company’s goals and secure sensitive information effectively.

References

• NIST. (2020). Security and Privacy Controls for Information Systems and Organizations. https://doi.org/10.6028/NIST.SP.800-53r5
• International Organization for Standardization. (2013). ISO/IEC 27001:2013. https://www.iso.org/isoiec-27001-information-security.html
• State of California. (2018). California Consumer Privacy Act. https://oag.ca.gov/privacy/ccpa
• U.S. Department of Health & Human Services. (2020). Summary of the HIPAA Privacy Rule. https://www.hhs.gov/hipaa/for-professionals/privacy/index.html
• European Union. (2016). General Data Protection Regulation. https://gdpr-info.eu/
• ISACA. (2021). IT Governance Framework. https://www.isaca.org/resources/it-governance-framework
• Alawadhi, A., & Bouazza, A. (2017). Information Security Management Policies in Organizational Contexts. Journal of Information Security, 8(3), 128-140.
• Khattak, S. R., & Khan, M. A. (2019). Document Management System. International Journal of Managing Information Technology, 11(4), 1-8.
• Robertson, J. (2017). The Importance of Information Access Control: How to Implement an Effective Access Control Policy. https://www.csoonline.com/article/2609038/the-importance-of-information-access-control-how-to-implement-an-effective-access-control-policy.html
• Clott, C. M. (2022). Archiving Sensitive Documents: Best Methods and Practices. The Journal of Archival Organization, 20(3), 228-245.