Project and Risk Management Processes

Previous page
Table of content
Next page


Two basic processes that are an integral part of a CIAPP are project management and risk management concepts.

Project Management

As the CIAPP manager and leader for IWC you will also provide oversight on CIAPP-related projects which are being worked by members of your staff.

The criteria for a project are as follows: Formal projects, along with project management charts, will be initiated where improvements or other changes will be accomplished and where that effort has an objective, has beginning and ending dates, and will take longer than 30 days to complete.

If the project will be accomplished in less than 30 days, a formal project management process is not needed. The rationale for this is that projects of short duration are not worth the cost (in terms of time needed to complete the project plan, charts, etc.) of such a formal process.

Risk Management

To be cost-effective, the ISSO must apply risk management concepts and identify:

  • Threats to the information and information systems of IWC;

  • Vulnerabilities (information systems' weaknesses);

  • Risks; and

  • Countermeasures to mitigate those risks in a cost-effective way.


Previous page
Table of content
Next page
The Information Systems Security Officer's Guide. Establishing and Managing an Information Protection Program
The Information Systems Security Officers Guide: Establishing and Managing an Information Protection Program
ISBN: 0750698969
EAN: 2147483647
Year: 2002
Pages: 204
Authors: Gerald L. Kovacich CFE CPP CISSP
BUY ON AMAZON
Certified Ethical Hacker Exam Prep
Snort Cookbook
Competency-Based Human Resource Management
PMP Practice Questions Exam Cram 2
What is Lean Six Sigma
User Interfaces in C#: Windows Forms and Custom Controls
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy