Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security and the Project Management Body of Knowledge Kati Reiland COSC 481 Spring 2006.

Similar presentations


Presentation on theme: "Information Security and the Project Management Body of Knowledge Kati Reiland COSC 481 Spring 2006."— Presentation transcript:

1 Information Security and the Project Management Body of Knowledge Kati Reiland COSC 481 Spring 2006

2 Overview The Project Management Body of Knowledge (PMBoK) Sections of the PMBoK Strengths & Weaknesses PMBoK and Information Security

3 The Project Management Body of Knowledge (PMBoK) Published by the Project Management Institute (PMI) Considered the industry best practice Shared reference for all members involved in the project; identifies each member’s specific responsibilities; defines specific time frames, budgets, and requirements; provides a measurement of progress; and enables early adjustments for problems encountered

4 Sections of the PMBoK Project Integration Management Project Scope Management Project Time Management Project Cost Management Project Quality Management Project Human Resource Management Project Communications Management Project Risk Management Project Procurement Management

5 Integration Management the processes required to ensure that the various elements of the project are properly coordinated involves deciding which sections of the project are most important and how different sections will affect one another. If one section adversely affects another, the decision needs to be made as to how each will be handled and if allowances need to be made in one or the other 3 Steps Project Plan Development Project Plan Execution Overall Change Control

6 Scope Management ensures that the processes included in the project are only those required in order to complete the project limits the amount of scope creep 5 Steps Initiation Scope Planning Scope Definition Scope Verification Scope Change Control

7 Time Management a requirement for projects to be completed in their allocated amount of time If time is judged poorly in planning, the project may take many more man-hours to complete than originally estimated. This may mean missed deadlines or very long work days and overtime. 5 Steps Activity Definition Activity Sequencing Activity Duration Estimating Schedule Development Schedule Control

8 Cost Management attempts to ensure that the project completes within the original budget 4 Steps Resource Planning Cost Estimation Cost Budgeting Cost Control

9 Quality Management ensures that the quality of the project meets the project’s expectations includes meeting the specifications for the project, the budget, and the allotted time 3 Steps Quality Planning Quality Assurance Quality Control

10 Human Resource Management Identification of the proper employees required to complete the project 3 Steps Organizational Planning Staff Acquisition Team Development.

11 Communications Management Determining how details of the project are discussed and communicated to various parts of the project team. 4 Steps Communication Planning Information Distribution Performance Reporting Administrative Closure

12 Risk Management Identification, analysis, and response to project risks 4 Steps Risk Identification Risk Quantification Risk Response Development Risk Response Control

13 Procurement Management Acquiring needed goods or services from outside the organization. 6 Steps Procurement Planning Solicitation Planning Solicitation Source Selection Contract Administration Contract Closeout

14 Strengths & Weaknesses Strengths Considered the industry’s best practice for project management If followed completely, it ensures that no questions or problems are overlooked. Weaknesses It is only a series of guidelines. The decisions need to be made by experienced managers that have a wide knowledge of the type of project they are about to oversee.

15 PMBoK and Information Security Information security is usually considered a “process” and not a “project”. Many of the procedures and policies required in information security are projects in themselves. For example, information security policies need to be created and then periodically reviewed and revised. The initial creation of the Data Backup Policy would be one project, while the annual review and revision process would be another. Each year, the review and revision process start again as a new project.

16 PMBoK & InfoSec, continued Overall control of the project Rather than have a department manager oversee a project, most information security projects will require a collaboration of managers from the three communities: InfoSec, IT & Business. Negative Feedback Loop to evaluate the process Information security projects are more dynamic than most other types of project management.

17 Negative Feedback Loop 1. A plan is developed 2. Work is done according to plan 3. Progress is measured 4. Progress is evaluated If progress is acceptable, goto #5. If progress is unacceptable, adjust plan and goto #2. 5. Project completion is evaluated If project is complete, document project. If project is incomplete, goto #2.

18 PMI Certifications Project Management Professional (PMP) certified as a competent project manager a strong background of education & experience Follows the PMI Code of Conduct Certified Associate in Project Management (CAPM) same general background as a PMP lacks an adequate amount of experience. Both certifications signify extensive knowledge and use of the PMBoK

19 Questions?


Download ppt "Information Security and the Project Management Body of Knowledge Kati Reiland COSC 481 Spring 2006."

Similar presentations


Ads by Google