ICTN-4040 Chapter 10
milestone
The date for sending the final RFP to vendors is considered a(n) __________, because it signals that all RFP preparation work is complete. a. milestone b. deliverable c. resource d. intermediate step
True
The size of the organization and the normal conduct of business may preclude a large training program on new security procedures or technologies. True False
True
When an estimate is flawed, as when the number of effort-hours required is underestimated, the plan should be corrected and downstream tasks updated to reflect the change. True False
True
A proven method for prioritizing a program of complex change is the bull's-eye method. _________________________ True False
True
A task or subtask becomes a(n) action step when it can be completed by one individual or skill set and when it includes a single deliverable. _________________________ True False
CBA
A(n) __________ is used to justify that the project will be reviewed and verified prior to the development of the project plan. a. WBS b. SDLC c. CBA d. RFP
process of change
By managing the __________, the organization can reduce unintended consequences by having a process to resolve the potential conflict and disruption that uncoordinated change can introduce. a. conversion process b. wrap-up c. process of change d. governance
True
Corrective action decisions are usually expressed in terms of trade-offs. _________________________ True False
True
Planning for the implementation phase of a security project requires the creation of a detailed project plan. True False
direct changeover
Some cases of __________ are simple, such as requiring employees to begin using a new password on an announced date. a. wrap-up b. direct changeover c. pilot implementation d. phased implementation
False
The first step in the work breakdown structure (WBS) approach encompasses activities, but not deliverables. True False
True
The primary drawback to the direct changeover approach is that if the new system fails or needs modification, users may be without services while the system's bugs are worked out. _________________________ True False
False
All organizations should designate a champion from the general management community of interest to supervise the implementation of an information security project plan. True False
True
Each organization has to determine its own project management methodology for IT and information security projects. True False
pilot
In a __________ implementation, the entire security system is put in place in a single office, department, or division before expanding to the rest of the organization. a. pilot b. parallel c. direct d. loop