Principles of security info review questions chap 10 6th edition by Emmanuel
2. What is the value of a statement of vision and objectives? Why is it needed before a project plan is developed?
The value of a statement of vision and objectives is that it tells you what the project is supposed to achieve. It is needed before a project plan is developed because if the project fails to fulfill its intended purpose, then it is most likely a failure.
List and define the common attributes of tasks within a WBS.
1. Work to Be Accomplished: The work to be accomplished encompasses both activities and deliverables. 2. Assignees: The project planner should describe the skills or personnel (resources) needed to accomplish task; The naming of individual employees should avoid in early planning efforts. 3. Start and End Dates: Specify completion dates only for major milestones at first; don't assign too many dates too early; add them later as needed 4. Amount of Effort: In the early stages of planning, the project planner should attempt to specify completion dates only for major project milestone. 5. Estimate Capital Expenses: Planners need to estimate the capital expenses required for the completion of each task, subtask, or action item. 6. Estimated Noncapital Expenses: Planners need to estimate the non-capital expenses required for the completion of each task, subtask, or action item. 7. Task Dependencies: Whenever possible, planners should note the dependencies of other tasks or action steps on the one at hand, including task predecessors and successors. 8. How does a planner know when a task has been subdivided to an adequate degree and can be classified as an action step? Hard-n-fast rule: A task or subtask becomes an action step when it can be completed by one person or skill set and has a single deliverable. 9. What is a deliverable? Name two uses for deliverables. > Deliverable is a completed document or program module that can either serve as the beginning point for a later task or become an element in the finished project. Is has two uses for deliverables; Can either serve as the beginning point for a later task or become an element in the finished project.
9. What is a deliverable? Name two uses for deliverable.
> Deliverable is a completed document or program module that can either serve as the beginning point for a later task or become an element in the finished project. Is has two uses for deliverers; Can either serve as the beginning point for a later task or become an element in the finished project.
18. List and describe the four basic conversion strategies that are used when converting to a new system. Under which circumstances is each strategy the best approach?
> Direct Changeover: The conversion strategy that involves stopping the old system and starting the new one without any overlap - Best use: Small changes > Parallel Operations: the conversion strategy that involves running the new system concurrently with the old system > Phased Implementation: the conversion strategy that involves a measured roll out of the planned system; only part of the system is brought out and disseminated across an organization before the next piece is implemented. > Pilot Implementation: The conversion strategy that involves implementing the entire system into a single office, department or division and dealing with the issues that arise before expanding to the rest of the organization.
4. List and describe the three major steps in executing the project.
First, Planning the project Requires the creation of a detailed project plan (project manager or project champion). Created using simple planning tool like Work Breakdown Structure (WBS): Work to be accomplished, people or skill sets assigned to perform the task, start and end dates for the task when known, amount of effort required for completion in (hrs/days), estimated capital expenses for the task, Estimated noncapital expenses for the task, identification of dependencies between and among tasks. Second, supervising tasks and action steps within the plan. Although is not an optimal solution, some organizations designate a champion from the general management community of interest to supervise the implementation of information security project plan. In this case, groups of tasks are delegated to individuals or teams from the IT and information security communities of interest. An alternative is to designate a senior IT manager or the CIO of the organization to lead the implementation. Third, wrapping up the plan is usually handled as a procedural task assigned to a mid-level IT/Info security manager. These managers collect documentation, finalize status reports, deliver final report and a presentation at wrap-up meeting. The goal of the wrap-up is to resolve pending issues, critique overall effort, draw conclusions about how to improve the process for the future.
8. How does a planner know when a task has been subdivided to an adequate degree and can be classified as an action step?
Hard-n-fast rule: A task or sub-task becomes an action step when it can be completed by one person or skill set and has a single deliverable.
8. How does a planner know when a task has been subdivided to an adequate degree and can be classified as an action step?
Hard-n-fast rule: A task or subtask becomes an action step when it can be completed by one person or skill set and has a single deliverable
What is a milestone, and why is it a significant to project planning?
Milestone is a specific point in the project plan when a task that has a noticeable impact on the plans progress is complete. It's significant because it has noticeable impact on the plan's progress.
16. What is a negative feedback look? How is it used to keep a project in control?
Negative feedback loop is a gap analysis: The process of comparing measured results against expected results then using the resulting "Gap" as a measure of project success and as feedback for the project management. It's used to ensures that progress is measured periodically; it prompts corrective action or plan revision when significant deviation occurs.
1. What is a project plan? List what a project plan can accomplish.
Project plan are documented instructions for participants and stakeholders of a project that provide details on goals, objectives, tasks, scheduling, and resource management. The project plan as a whole must describe how to acquire and implement the needed security controls and create a setting in which those controls achieve the desired outcomes.
Within project management, what is dependency? What is a predecessor? What is a successor?
Within project management, dependency is when tasks cannot be accomplished until something else is, or something that must be done following the task's completion. Predecessor is tasks or action steps that come before the specific task at hand, and successor is tasks or action steps that come after the specific task at hand. 16. What is a negative feedback look? How is it used to keep a project in control? Negative feedback loop is a gap analysis: The process of comparing measured results against expected results then using the resulting "Gap" as a measure of project success and as feedback for the project management. It's used to ensures that progress is measured periodically; it prompts corrective action or plan revision when significant deviation occurs.
