What project management tasks should kelvin perform before his next meeting?

chapter10

Implementing Information Security

Change is good. You go first! DILBERT (BY SCOTT ADAMS)

Kelvin Urich arrived early for the change control meeting. In the large, empty conference room, he reviewed his notes and then flipped through the handouts one final time. During the meeting last week, the technical review committee had approved his ideas, and now he was confident that the project plan he’d developed was complete, tight, and well-ordered.

The series of change requests resulting from this project would keep the company’s technical analysts busy for months to come, but he hoped that the scope and scale of the project, and the vast improvements it was sure to bring to the SLS information security program, would inspire his colleagues. To help the project proceed smoothly, he had loaded his handouts with columns of tasks, subtasks, and action items, and had assigned dates to every action step and personnel to each required task. He checked that the handouts were organized prop- erly and that he had plenty of copies. Everything was under control.

Naomi Jackson, the change control supervisor, also arrived a few minutes early. She nodded to Kelvin as she placed a stack of revised agendas in the middle of the conference table. Every- one attending had received the detailed report of planned changes the previous day. Charlie Moody came in, also nodding to Kelvin, and took his usual seat.

Once the room filled, Naomi said, “Time to get started.” She picked up her copy of the planned change report and announced the first change control item for discussion, Item 742.

537 Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-300

One of the members of the UNIX support team responded, “As planned,” meaning that the item, a routine maintenance procedure for the corporate servers, would occur as scheduled.

Naomi continued down the list in numeric order. Most items received the response “As planned” from the sponsoring team member. Occasionally, someone answered “Cancelled” or “Will be rescheduled,” but for the most part, the review of the change items proceeded as usual until it came to Kelvin’s information security change requests.

Naomi said, “Items 761 through 767. Kelvin Urich from the security team is here to discuss these items with the change control group.”

Kelvin distributed his handouts around the table. He waited, a little nervously, until everyone had a copy, and then began speaking: “I’m sure most of you are already aware of the infor- mation security upgrades we’ve been working on for the past few months. We’ve created an overall strategy based on the revised policies that were published last month and a detailed analysis of the threats to our systems. As the project manager, I’ve created what I think is a very workable plan. The seven change requests on the list today are all network changes and are each a top priority. In the coming weeks, I’ll be sending each department head a complete list of all planned changes and the expected dates. Of course, detailed change requests will be filed in advance for change control meetings, but each department can find out when any item is planned by checking the master list. As I said, there are more changes coming, and I hope we can all work together to make this a success.”

“Comments or questions?” asked Naomi.

Instantly six hands shot into the air. All of them belonged to senior technical analysts. Kelvin realized belatedly that none of these analysts were on the technical review committee that had approved his plan. He also noticed that half the people in the room, like Amy Windahl from the user group and training committee, were busy pulling calendars and PDAs out of brief- cases and bags, and that Davey Martinez from Accounting was engaged in a private but heated discussion with Charlie Moody, Kelvin’s boss. Charlie did not look pleased.

Above the noise, Kelvin heard someone say, “I should have been warned if we are going to have all this work dumped on us all at once.” Someone else said, “We can’t make this happen on this schedule.”

Amid the sudden chaos that had broken out during an otherwise orderly meeting, it occurred to Kelvin that his plan might not be as simple as he’d thought. He braced himself—it was going to be a very long afternoon.

L E ARN I NG OB J EC T I V E S

Upon completion of this material, you should be able to: • Explain how an organization’s information security blueprint becomes a project plan • Discuss the many organizational considerations that a project plan must address • Explain the significance of the project manager’s role in the success of an information

security project • Describe the need for professional project management for complex projects • Discuss technical strategies and models for implementing a project plan • List and discuss the nontechnical problems that organizations face in times of rapid change

538 Chapter 10

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-300

Exercises 1. Create a first draft of a WBS from the following scenario. Make assumptions as needed

based on the section about project planning considerations and constraints in this chapter. In your WBS, describe the skill sets required for the tasks you have planned.

Sequential Label and Supply has a problem with employees surfing the Web to access material the company deems inappropriate for a professional environment. There- fore, SLS wants to insert a filtering device in the company Internet connection that blocks certain Web locations and content. According to the vendor, the filter is a hard- ware appliance that costs $18,000 and requires 150 hours to install and configure. Tech- nical support for the filter costs 18 percent of the purchase price and includes a training allowance for the year. A software component that runs on the administrator’s desktop computer is needed to administer the filter; this component costs $550. A monthly sub- scription provides the list of sites to be blocked and costs $250 per month. An estimated four hours per week are required for administrative functions.

2. If you have access to commercial project management software, such as Microsoft Project, use it to complete a project plan based on the data shown in Table 10-2. Prepare a simple WBS report or Gantt chart that shows your work.

3. Write a job description for Kelvin Urich, the project manager described in the opening vignette of this chapter. Be sure to identify key characteristics of the ideal candidate, as well as work experience and educational background. Also, justify why your job descrip- tion is suitable for potential candidates of this position.

4. Search the Web for job descriptions of project managers. You can use any number of Web sites, including www.monster.com or www.dice.com, to find at least 10 IT-related job descriptions. What common elements do you find among the job descriptions? What is the most unusual characteristic among them?

Case Exercises Charlie looked across his desk at Kelvin, who was absorbed in the sheaf of handwritten notes from the meeting. Charlie had asked Kelvin to come to his office and discuss the change con- trol meeting from earlier that day.

“So what do you think?” Charlie asked.

“I think I was blindsided by a bus!” Kelvin replied. “I thought I had considered all the possi- ble effects of the change in my project plan. I tried to explain this, but everyone acted as if I had threatened their lives.”

“In a way you did, or rather you threatened their jobs,” Charlie stated. “Some people believe that change is the enemy.”

“But these changes are important.”

“I agree,” Charlie said. “But successful change usually occurs in small steps. What’s your top priority?”

576 Chapter 10

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-300

“All the items on this list are top priorities,” Kelvin said. “I haven’t even gotten to the second tier.”

“So what should you do to accomplish these top priorities?” Charlie asked.

“I guess I should reprioritize within my top tier, but what then?”

“The next step is to build support before the meeting, not during it,” Charlie said, smiling. “Never go into a meeting where you haven’t done your homework, especially when other people in the meeting can reduce your chance of success.”

Discussion Questions 1. What project management tasks should Kelvin perform before his next meeting?

2. What change management tasks should Kelvin perform before his next meeting, and how do these tasks fit within the project management process?

3. Had you been in Kelvin’s place, what would you have done differently to prepare for this meeting?

Ethical Decision Making Suppose Kelvin has seven controls listed as the top tier of project initiatives. At his next meeting with Charlie, he provides a rank-ordered list of these controls with projected losses over the next 10 years for each if it is not completed. Also, he has estimated the 10-year cost for developing, implementing, and operating each control. Kelvin has identi- fied three controls as being the most advantageous for the organization in his opinion. As he prepared the slides for the meeting, he “adjusted” most projected losses upward to the top end of the range estimate given by the consultant who prepared the data. For the pro- jected costs of his preferred controls, he chose to use the lowest end of the range provided by the consultant.

Do you think Kelvin has had an ethical lapse by cherry-picking the data for his presentation?

Suppose that instead of choosing data from the range provided by the consultant, Kelvin sim- ply made up better numbers for his favorite initiatives. Is this an ethical lapse?

Suppose Kelvin has a close friend who works for a firm that makes and sells software for a specific control objective on the list. When Kelvin prioritized the list of his preferences, he made sure that specific control was at the top of the list. Kelvin planned to provide his friend with internal design specifications and the assessment criteria to be used for vendor selection for the initiative. Has Kelvin committed an ethical lapse?

Endnotes 1. The SANS Institute. “GIAC Certified Project Manager (GCPM).” Accessed 30 August

2016 from www.giac.org/certification/certified-project-manager-gcpm.

2. Ibid.

10

Endnotes 577

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-300

Applied Sciences

Architecture and Design

Biology

Business & Finance

Chemistry

Computer Science

Geography

Geology

Education

Engineering

English

Environmental science

Spanish

Government

History

Human Resource Management

Information Systems

Law

Literature

Mathematics

Nursing

Physics

Political Science

Psychology

Reading

Science

Social Science

Home

Blog

Archive

Contact

google+twitterfacebook

Copyright © 2019 HomeworkMarket.com