Presentation is loading. Please wait.

Presentation is loading. Please wait.

Robert Fullagar CISSP CISM CRISC Clas CEH “Security is everyone’s responsibility”

Published bySybil Griffith Modified over 9 years ago

Similar presentations

Presentation on theme: "Robert Fullagar CISSP CISM CRISC Clas CEH “Security is everyone’s responsibility”"— Presentation transcript:

1 Robert Fullagar CISSP CISM CRISC Clas CEH “Security is everyone’s responsibility”

2 Security Programme Structure and Methodology Contents People Structure –Key positions –Roles of individuals Methodology/Approach –Deliverables

3 People Senior Manager/Board Member Senior Security SME Business Representatives Programme Manager Project Managers Delivery Teams External Resource Security SME

4 Delivery Team Structure Security SME Programme Manager Project Manager Infrastructure Lead External Resource Do’ers

5 Other People Security Architects Legal SpecialistPMO Support Technical Architects ProcurementHR Etc

6 Roles Influencer Has a vested interest in improving security Can keep the momentum going Able to procure budget Senior Manager/Board Member

7 Roles Set/agree scope for the business area Set priority based on risk for the business area Monitor progress They are decision makers Business Representatives

8 Roles Senior Security SME Programme Manager Project Managers Action the decisions of the business representatives Translate the business and technical requirements Bring resource and structure to deliver the scope Provide budgetary figures to the programme board Select and evaluate solutions

9 Roles These are the do’ers, the engine room The detail people, they bring to bear that detailed specific knowledge They do the actual work, hands on work They help make the projects boards scope a reality Delivery Teams External Resource Security SME

10 Initiator Legislative Contractual External standards Business driver or direction Infrastructure replacement project Consolidate security in finished project Because its “Best Practice”

11 What happens when Phase 0 Discovery 6-18 Months Risk Assessment provides Input to phase 1 Phase 1 Foundation 18 months – 2 years Phase 2 Leverage 2-5 Years + Delivery phase 1 scope Delivery phase 2 scope Phase 0 – Eye on Phase 1 scope and long term strategy Phase 1 – Define long term strategy BAU Security Cycle

12 Board Deliverables Senior Manager/Board Member Business Representatives Phase 0 - Scope –Business area –Drivers – why –Financial commitment –Time and resource commitment –Draft strategy

13 Phase 0 –Plan – Resource and tasks –Budget +/- 100% –Approach –Quick wins Minimal cost –Risk Assessment Programme Deliverables Senior Security SME Programme Manager Project Managers Delivery Teams External Resource Security SME

14 Board Deliverables Senior Manager/Board Member Business Representatives Phase 1 –Priorities the items from the risk assessment –Financial support –Allocate and commit resource –Long term strategy

15 Phase 1 –Risk assessment –Proposals to remediate –Accurate costs –Plan, time and resource –Deliver agreed scope Programme Deliverables Senior Security SME Programme Manager Project Managers Delivery Teams External Resource Security SME

16 Board Summary Programme Phase 0 –Business Driver Vision –Initial Budget –Commitment

17 Phase 0 –Plan –Budget –Approach –Quick wins Board Summary Programme Phase 0

18 Board Summary Phase 1 GO

19 Phase 1 –Risk Assessment –Remediation actions –Budget to remediate –Outline plan Board Summary Programme Phase 1

20 Board Summary Programme Phase 1 –Priorities Risks –Financial support –Commitment –Agree plans

21 Board Summary Phase 1 Long term strategy

22 BAU Security Plan Do Check Act

23 Thank You Questions

Download ppt "Robert Fullagar CISSP CISM CRISC Clas CEH “Security is everyone’s responsibility”"

Similar presentations

Facilitated by Joanne Fraser RiverSystems

Facilitated by Joanne Fraser RiverSystems
State of Indiana Business One Stop (BOS) Program Roadmap Updated June 6, 2013 RFI ATTACHMENT D.

State of Indiana Business One Stop (BOS) Program Roadmap Updated June 6, 2013 RFI ATTACHMENT D.
PROGRAM AND PROJECT MANAGEMENT

PROGRAM AND PROJECT MANAGEMENT
RAMIRI2 Prague 2012 Project management and the RI Life Cycle.

RAMIRI2 Prague 2012 Project management and the RI Life Cycle.
INITIATING THE PLANNING PROCESS. CONTENT Outputs from this stage Stage general description Obtaining government commitment Raising awareness Establishing.

INITIATING THE PLANNING PROCESS. CONTENT Outputs from this stage Stage general description Obtaining government commitment Raising awareness Establishing.
Leadership & Management. Leadership Having vision, strategies and setting direction Communicating those strategies and getting people to understand them.

Leadership & Management. Leadership Having vision, strategies and setting direction Communicating those strategies and getting people to understand them.
Project Plans CSCI102 - Systems ITCS905 - Systems MCS9102 - Systems.

Project Plans CSCI102 - Systems ITCS905 - Systems MCS Systems.
Web Project Management

Web Project Management
The Proposal. Project Proposals Genesis of Proposals: They can result for formal requests (e.g. Request For Proposal, RFP) They can be unsolicited (e.g.

The Proposal. Project Proposals Genesis of Proposals: They can result for formal requests (e.g. Request For Proposal, RFP) They can be unsolicited (e.g.
Chapter 3: The Project Management Process Groups

Chapter 3: The Project Management Process Groups
By Saurabh Sardesai www.starvaluemodel.com October 2014.

By Saurabh Sardesai October 2014.
Chapter 4 After Green Light. After the Green Light Contractual Agreement Marketing Requirements Document (MRD) Project DefinitionBudget Project Approval.

Chapter 4 After Green Light. After the Green Light Contractual Agreement Marketing Requirements Document (MRD) Project DefinitionBudget Project Approval.
Digital Campus Initiative Professor Tony Stevenson PVC Planning and Resources 15 February 2012.

Digital Campus Initiative Professor Tony Stevenson PVC Planning and Resources 15 February 2012.
Project planning. Software project management Informal definition of management – The art of getting work done through other people Software project management.

Project planning. Software project management Informal definition of management – The art of getting work done through other people Software project management.
A District Perspective Thomas Purwin, Jersey City Public Schools

A District Perspective Thomas Purwin, Jersey City Public Schools
Miguel Nunes Information Systems Project Management IS Project Resources.

Miguel Nunes Information Systems Project Management IS Project Resources.
What is Business Analysis Planning & Monitoring?

What is Business Analysis Planning & Monitoring?
IWRM PLAN PREPARED AND APPROVED. CONTENT Writing an IWRM plan The content of a plan Ensuring political and public participation Timeframe Who writes the.

IWRM PLAN PREPARED AND APPROVED. CONTENT Writing an IWRM plan The content of a plan Ensuring political and public participation Timeframe Who writes the.
QAD's Customer Engagement Dan Blake Consultancy Development Director, QAD QAD Explore 2012.

QAD's Customer Engagement Dan Blake Consultancy Development Director, QAD QAD Explore 2012.
IAEA International Atomic Energy Agency How do you know how far you have got? How much you still have to do? Are we nearly there yet? What – Who – When.

IAEA International Atomic Energy Agency How do you know how far you have got? How much you still have to do? Are we nearly there yet? What – Who – When.

Similar presentations

Ads by Google