RISK ASSESSMENT PART-IRrisk assessment is the main component. It is used to process different elements such as identifying, prioritizing and estimating information security risks. It is used in the organizational risk management process. They can be used as single or multiple methodologies in risk assessment. There may be criticism or sensitivities of the information systems and functions or of the information systems stage in the development life cycle. Electronic medical record is a kind of database where patient details are stored which can be accessed at any time. It is the digital version that contains all the data in a single file. It was created for patients in the inpatient and outpatient setting. It has numerous advantages because it allows you to track data over time and to identify, monitor and improve as it allows patients to identify patient visits and screenings. The electronic medical record will serve as the source for the electronic medical record. There is a difference between emr and ehr where the electronic health record is used to share information from all providers. Data stored in the EHR can be edited, updated, and shared by trusted vendors. Risk assessment in these cases will have to be an undertaking for the medical practice called Medco. The main objectives of risk management are: to protect the information of the information technology sector which will store and do all the necessary process that needs to be carried out and can also transfer the data of the company. It is used to allow decisions made by management to write off expenses made that will be part of their budget. Management execution will be assisted by IT systems authorized to support the...... middle of paper...... supplies should regulate high and low voltage and contain line conditioners. These will provide input to the mitigation process in order to evaluate and implement controls. There is a data loss in the Medco Organization database which needs to be prepared in the final documentation part. They have different threat levels ranging from high to low and also efficient data needs to be reconciled and control system implementations. References:1. http://waterky.org/node/100762. http://www.americanehr.com/blog/2011/12/data-backup-information-protection/3. https://bb.uis.edu/bbcswebdav/pid-297124-dt-content-rid-1425606_1/courses/133CSC57012315/SP800-30-Rev1-ipd.pdf4. https://bb.uis.edu/bbcswebdav/pid-297124-dt-content-rid-1425666_1/courses/133CSC57012315/Course%20Documents/NIST%20Special%20Publications%20SP%20800-30%281%29/sp800- 30.pdf