In: Computer Science
Principles of Information Security
Using about 1000 words List and describe which members of an organisation are involved in the security systems development life cycle. Who leads the process?
Security professionals are involved in the SDLC. Senior management, security project team and data owners are leads in the project
Before lead IS project, a project manager should figure out what the methodology will be used in the project. This is important for a project manager to recognize it because an appropriate methodology can influence the project success.
A common methodology usually implemented in IS projects is systems development life cycle (SDLC). FFIEC defines systems development life cycle as "a project management technique that divides complex projects into smaller, more easily managed segments or phases". These segmentation will enable project managers to verify the successful completion of project phases before allocating resources to the next phases.
The SDLC is usually described by a circular process in which the end of the useful life of one system leads to the beginning of another project that will develop a new version or replace an existing system altogether.
The oldest model that was originally regarded as the SDLC is the waterfall model. Other models that exist in SDLC are Rapid Application Development (RAD), Joint Application Development (JAD), and Agile methodology.
General Skills of Project Manager
Generally, a project manager is responsible for managing the project to meet the users' needs. He has to have a set of skills such as management, leadership, technical, conflict management, and customer relationship to support his jobs. He also needs to recognize knowledge of what project management involves and why it is so important. Those will make him able to be a role model for his team members to follow. Otherwise, he will not be a real project manager, but he looks like a project coordinator. Goundar (2007) states that "the ideal project manager will value the contribution of employees in many dimensions".
The Project manager also should be able to minimize conflict during working in projects. This can be done through the following techniques (Mehta, 2004):
Another important skill requirement of a project manager is a project management capability. Luftman (2006) states that "a project management capability is a top ten management concern because of the increased emphasis on Project Management Institute (PMI) certification". The increasing request of certification presents that the project manager should have certificate of Project Management Professional (PMP) to ensure his level of quality of the project management capability.
There are two eligibility categories of candidates who qualify to be certified PMP. Those criteria are the following (IT toolbox Popular Q&A Team,2006):
The Role of IS Project Manager
Hoffer, George, and Valacich (2008) define an IS project manager as "a system analyst with a general set of skills who is responsible for initiating, planning, executing, and closing down a project".
During processes of the project, the project manager has to implement his roles to manage the project. Karlsen and Gottschalk (2006) divide the roles of IS project manager into six roles as the following:
Leader. As the leader, the project manager has to manage the project team toward the project goal.
Resource allocator. The project manager is responsible to determine allocation of important resources such as human, financial, and information, to the project.
Spokesman. The project manager is responsible to make widely communication with internal and external of project organization
Entrepreneur. The project manager should be able to recognize the users' needs and management expectations, as well as develop solutions that change business situations.
Liaison. The project manager is able to communicate with the external environment.
Monitor. The project manager must figure the information out from the external environment to keep up with relevant technical changes and competition.
project management processes, the project manager begins to implement his role in the project initiation. During project initiation, the project manager manages the team to develop a project charter and a preliminary project scope statement. The purpose of the project charter is (Wikipedia):
Meanwhile, the project manager should use a project scope statement to make future project decision, to develop and to confirm a common understanding of project scope among the stakeholders. The project scope statement should be well documented because it may need to be revised to reflect changes to the scope of project. The online community for IT project managers states that "a project scope statement can be represented by a form to spell out the business need/problem, project objectives, results, and content that will make up the project scope statement".
Furthermore, the project manager has to implement his roles by developing, planning and definiting the scope of project, estimating cost, developing schedules, creating work breakdown structure, and making risk analysis during project planning. The purpose of project planning is to create a project plan to track the progress of the project team. The project manager should focus on those works to make sure that those will lead the project toward users' requirements. Kutsch (2008) states that "many IT projects fail because scope, cost and time objectives are not met despite the existence of self-evident correct best practice project management standards".
According to Hoffer, George, and Valacich (2008), during developing and defining scope, the project manager should reach agreement on the following: