Preparing for Implementation Deployment and Operational Transfer

0 All project documentation should be defined in the project definition phase and consistently collected and reviewed during the project plan phase. 0 During project close out, documentation should be updated and finalized for review or archiving. 0 Project documentation can be construed as legal documents related to the security project plan, and should be treated as such. Consult with legal counsel regarding the appropriate storage or disposition of these documents. 0 Implementation,...

Prevention vs Remediation

One of the best ways to support an increase in IT spending for security, is to clearly delineate the cost of preventing a security breach versus the cost of fixing a security breach. Most corporate executives appreciate a rational approach to the business end of IT, and find a risk analysis and financial overview helpful tools in justifying additional expenditures. A recent study by Computer Economics shows that spending on security is approximately 3 percent of all IT expenditures, which has...

Success Factor Experienced Project Manager

In the case of IT security, it is critical that the project manager have experience successfully managing projects, since any errors or omissions in a security plan can have serious consequences. A project manager using a proven, consistent project management methodology is more likely to generate a solid IT security project plan than one who has no consistent method for approaching an IT project. If you are the project manager for your company's IT security project and you are not an...

Project Work Breakdown Structure

0 The work breakdown structure, or WBS, for an infrastructure project should begin with the high-level objectives for your project, which might include securing devices and media, securing the perimeter, securing infrastructure components, or whatever way you choose to segment the work in this project. 0 Task details should reflect the functional, technical, and regulatory requirements for your project. Check task details against requirements to be sure everything is included at the outset. 0...

Project Schedule and Budget

You've created your detailed Work Breakdown Structure and you've developed your task details. At this point, you should be very clear about your project's projected schedule and budget. The schedule should be defined by placing your tasks in optimal order, then by identifying dependencies. Constraints and conflicts should then be addressed to generate you first real project schedule. Since we're assuming you're familiar with basic project management principles, we won't go into project...

Project Team

We've touched on this throughout the chapter because we've talked about the far-reaching nature of an operational security project plan. Once you've defined the functional, technical, and regulatory requirements for the project, you've defined what you need to accomplish in the project. By looking at the specific skills needed to accomplish project work, you've essentially defined who you need. Gathering that team together and coordinating those activities will be your biggest challenge for two...

Work Breakdown Structure Example

Develop RFP to hire an outside security consultant for an enterprise-wide security audit 1.2 Develop a list of companies from whom to solicit RFP responses 2. Perform enterprise-wide security audit 3. Implement security recommendations based on audit results 3.1.1 Develop and implement Infrastructure Security Plan 3.1.2 Develop and implement Wireless Security Plan 3.1.3 Develop and implement Operational Security Plan 3.2 Implement, monitor, and manage defined ISAPs 4. Develop ongoing security...