ICTN-4040 Chapter 10

milestone

The date for sending the final RFP to vendors is considered a(n) __________, because it signals that all RFP preparation work is complete. a. milestone b. deliverable c. resource d. intermediate step

True

The size of the organization and the normal conduct of business may preclude a large training program on new security procedures or technologies. True False

True

When an estimate is flawed, as when the number of effort-hours required is underestimated, the plan should be corrected and downstream tasks updated to reflect the change. True False

True

A proven method for prioritizing a program of complex change is the bull's-eye method. _________________________ True False

True

A task or subtask becomes a(n) action step when it can be completed by one individual or skill set and when it includes a single deliverable. _________________________ True False

CBA

A(n) __________ is used to justify that the project will be reviewed and verified prior to the development of the project plan. a. WBS b. SDLC c. CBA d. RFP

process of change

By managing the __________, the organization can reduce unintended consequences by having a process to resolve the potential conflict and disruption that uncoordinated change can introduce. a. conversion process b. wrap-up c. process of change d. governance

True

Corrective action decisions are usually expressed in terms of trade-offs. _________________________ True False

True

Planning for the implementation phase of a security project requires the creation of a detailed project plan. True False

direct changeover

Some cases of __________ are simple, such as requiring employees to begin using a new password on an announced date. a. wrap-up b. direct changeover c. pilot implementation d. phased implementation

False

The first step in the work breakdown structure (WBS) approach encompasses activities, but not deliverables. True False

True

The primary drawback to the direct changeover approach is that if the new system fails or needs modification, users may be without services while the system's bugs are worked out. _________________________ True False

False

All organizations should designate a champion from the general management community of interest to supervise the implementation of an information security project plan. True False

True

Each organization has to determine its own project management methodology for IT and information security projects. True False

pilot

In a __________ implementation, the entire security system is put in place in a single office, department, or division before expanding to the rest of the organization. a. pilot b. parallel c. direct d. loop