Protection Poker Tutorial

 

 

Table 1:  Database Table Value Points

 

Table

Value

Use in Requirement #        

allergies

 

                                       

cptcodes

 

 

hospitals

 

 

icdcodes

 

 

labprocedure

 

 

loginfailures

 

 

ndcodes

 

 

officevisits

 

 

ovdiagnosis

 

 

ovmedication

 

 

ovprocedure

 

 

ovsurvey

 

 

patients

 

 

personalhealthinformation

 

 

personnel

 

 

transactionlog

 

 

users

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Table 2:  Database Tables Used by Requirement

(Security Risk = Ease Points x Value Points)

 

Requirement

Table Used

Value Points of Table

Max Value

1:  Add role:  emergency responder. 

 

 

 

 

 

 

 

2:  Find qualified licensed health care professional.

 

 

 

 

 

 

 

3:  Update diagnosis code table. 

 

 

 

 

 

 

 

4:  View access log. 

 

 

 

 

 

 

 

 

 

 

Table 3:  Security Risk

(Security Risk = Ease Points x Value Points)

 

Requirement

Ease of Attack Points

Value of Asset Points

Security Risk

Rank of Security Risk

1:  Add role:  emergency responder. 

 

 

 

 

2:  Find qualified licensed health care professional.

 

 

 

 

3:  Update diagnosis code table. 

 

 

 

 

4:  View access log.