A$.$ Summarize the gaps that currently exist in the company$$s security framework as described in the attached $$Security Assessment Report for Fielder Medical Center$($SAR$).$

$$

B$.$ For each of the five identified controls in Section $3\mathrm{.}3$ of the SAR, do the following:

$$

$1.$ Identify the associated risk rating as low, moderate, or high and explain the risk.

$$

$2.$ Justify FMC$$s decision to remediate the risk associated with the identified control instead of accepting the risk based on compliance and industry guidelines and support the justification with industry$-$respected sources.

$$

$$

Note: Be sure to include all five controls in part B$1,$ and all five controls in part B$2.$ Your submission will be returned if one or more controls are missing from part B$1$ or part B$2.$

$$

$$

C$.$ Discuss how FMC should remediate the risks with each of the five controls identified in Section $3\mathrm{.}3$ of the SAR. For each risk, include any assets, actions, or changes that will be needed for remediation.

$$

$$

Note: Be sure to include all five controls from part B$.$ Your submission will be returned if one or more controls are missing from part C$.$

$$

$$

D$.$ Develop a PCI DSS$$compliant policy to address the three concerns identified in Section $3\mathrm{.}2\mathrm{.}4$ of the SAR, including the roles and responsibilities associated for each requirement identified within the SAR to meet PCI DSS compliance.

$$

$$

E$.$ Acknowledge sources, using in$-$text citations and references, for content that is quoted, paraphrased, or summarized.

$$

$$

F$.$ Demonstrate professional communication in the content and presentation of your submission.