TABLE OF CONTENTS In previous chapters, we focused on the elements of Information Technology (IT) project management that are particular to a security project plan. This chapter focuses on standard project management methods. (For the purposes of this chapter, we will assume that you have a solid IT project management background.)
Closing out a security project plan is different from closing out a standard IT project plan, because there are more serious ramifications for security projects. In a standard IT project, if you change the scope, decide to forego a few tasks, or are unable to resolve a problem, you can usually save those issues for a subsequent project or version. In the case of security, what you skip over or omit could be what hackers find and exploit; therefore, the project close-out process must be thorough and diligent. In this chapter, we look at determining when the project is complete, how to close out various issues, and how to prepare for implementation, deployment, and transfer. These elements are critical to maintaining security; thus, particular attention must be paid to this area. Finally, we look at capturing lessons learned and finalizing project documentation. This is another area that may require a different approach than that of a standard IT project, due to the potential for compliance with various laws, regulations, or standards related to network and data security.
When is your IT security project complete and how will you know? The obvious answer is, When all tasks are 100...
