Interested in having me discuss my Real PM book and concepts at your conference, webinar or podcast or a Q & A article - contact me.
|
0 Comments
Need Your Great Project Management, Business Strategy or Technology Article Published - Contact Me3/19/2019 Do you have a great article or even a good article that you want the world to see? If it is anywhere close to these topics: project management, business strategy, new or current technology, SEO, cybersecurity, agile, scrum, devops, digital transformation, machine learning, artificial intelligence, IoT, the cloud, mobile technology, PMP certification, etc. - I'll look at it and probably run it on my blog for you. And I will promote it to a MILLION+ potential readers DAILY. Your new article will get 300 to 500 views daily (and climbing). Contact me through the contact form on this site or just email me - either way works great.
 Presently, there is no greater priority than the prevention of a data breach. One must keep alert for the effectiveness of the security controls so that they don’t change in a split of a second. An ideal way to ensure this is by having a risk management plan so that you can avoid a data breach, which will ruin your IT supply chain up and down. Risk Management Planning What is the Risk Management Process? First, you must identify the risk before you can move to analyze and establish the proper risk mitigation steps. So, most times you can expect to make lots of lists to keep up with the entire process. To put this into perspective, you will need to follow a set of steps to draw up an adequate risk management plan. You will need to conduct a risk assessment so that you can identify where you will reserve, transmit, and distribute information. Then, examine to see if there could arise any potential risks of accessibility, confidentiality, and integrity to it. Once you have accomplished that, you will need to make a second list that will help you rate the significance of the data as well as to let you examine if there any chances of data endangerment. Finally, using the second list, you will have to create a third one which will illustrate whether you choose to transfer, mitigate, refuse, or accept the risk. Keep in mind that you also mustrecord your basis for supporting your decision and the steps you followed through on the decision. How to Analyze Potential Impact of a Risk Event Several categories of risk events occur within the information security background. But when well-informed about the probable events and statistics promoting data invasions costs, you can bet you will reflect over the risks and estimate the impact adequately. • Vendor Data Breach Such a breach can wreck you. According to a report issued by the Ponemon Institute in 2017, 56% of data invasions originated from third-party vendors. The report also revealed that the standard payout for data invasion was $ 7,350,000 including customer loss, fines, and remediation. • Malicious Attacks According to the Verizon Data Breach Insights 2018’s report, 73% of cyber-attacks emanated from nefarious organized groups, nation-state or nation-state related malicious actors. Out of 53,308 security incidents, 2,216 comprised of data breaches, of which 21, 409 of the events cropped up due to hacking attacks. • Insider Issues The same report by Verizon gave insights on the effects of internally evoked risk events. In it were a startling number of internal breach activities emanating from system administrators and end-users. Out of the 277 insider issues reported, 134 incidents arose from these two categories. Concurrently, social engineering accounted for 1,450 incidents, of which 381 affirmed to data disclosure. Why You Need A Risk Assessment Matrix The greatness of qualitative risk reviews is that they give you estimates. They let you determine responses adequately not just to identify the probability of an incident’s occurrence but also to help you understand the impact it might have. At times, the event may be unlikely to occur, though its impact could strain your financial stance. Thus, distorting your math plans. But when you have a risk assessment matrix, you will easily track data security risks across the field, permitting you to concentrate on the essential and impactful risks first before moving on to attend to other probable events suitably. How To Apply A Project Management Approach To A Cybersecurity Risk Management Plan Project management and taking a security-first approach to cybersecurity tasks go together. With that in mind, you ought to start by laying out the risks and formulating projects that permit you to test, develop, and operate your data guards. WBS- Work Breakdown Structure use offers an excellent example of how to design a cybersecurity risk management plan while employing a project management approach. As a project manager, it will be your duty to ensure that both internal and external stakeholders are in unity so that everyone can understand what they ought to do to meet goals. Likewise, the chief information officer (CIO) needs to mobilize the c-suite and department managers initiating various tasks integrated into cybersecurity monitoring and vendor management. The WBS is responsible for providing internal stakeholders with information on the tasks and subtasks they need to do. Furthermore, as part of information security compliance, you need to analyze standards and regulations for their unit and subparts. Using Project Management to Create Cyber Security Risk Mitigation Strategies The risk mitigations will always remain the same, whether you choose to bring a new Software-as-a-Service vendor or want to become compliant with a new regulation or standard to scale the business.  While active hardware and software development strives to ensure continuous monitoring of the product through its life cycle, cybersecurity risk management helps you to track hazards to the data environment to secure controls effectiveness.
Having risk management plans guarantees your data safety. Without it, it will be easy for a malicious actor to sight a vulnerable spot to exploit leading to a data breach. So, be vigilant and secure your business the right way. "Capital is not so fundamental in business; neither is an experience since you can easily acquire them. Ideas are what is important because when you have ideas, you possess the asset needed to pursue limitless achievements in your business and your life."
— Harvey Firestone A compliance project must have a concrete plan. You may put all fringe and vigor into your project, but without a solid base, you’ll end up with nothing but offscourings that will lead you back to the drawing board. Going beyond the Planning Phase to Delve into the Project itself When you decide to go beyond the planning phase of your compliance project to start the execution process, you are demonstrating your proficiency. You exemplify the fact that you’re psyched up for the task, have your resources gathered, and a sound plan in place for project consummation. Rushing the project without adequate planning risks failure. Delaying its execution could result in loss of resources, overage budgeting, and delayed milestones. For successful outcomes on your compliance project, ensure that you roll out your project at the right time. When carrying out the execution phase of your project, there’s no definitive cut-off point. This is the time when you put your strategies on course. The period of confirming resources and verifying the scope of the reviews and objectives is over, and it's time to deploy your resources. You’ll venture into the assessment of the competency and efficacy of your outlined plan and procedures. At this point, you must be assertive of your project plan and the laid procedures as you batten down for any contingencies that may emerge. Sharing Information with All Project Stakeholders Communication is essential, especially now that many people are involved in the execution phase. The project’s effectiveness should start with you holding a meeting with your team to review all the outcomes of the planning process and contrive a way of relaying the project details to your audience. This will also help to identify any flaws or risks that that may not have been mitigated. It’s a great way of streamlining your entire planning process. Communicating the project’s scope, timeline, and your team to stakeholders will highlight your expertise, conscientiousness and the ideas you infused into the project. Your announcement officially introduces your compliance project to your company, and it goes beyond the people involved in planning your project. It is an added victory, though small, indicating the milestone of your project. Whether you’re conveying your annunciation via email or open meeting, your message should incorporate the following:
Doing the Heavy Lifting – Working on the Project For the whole of the execution phase, you’ll be busy working on your project. This includes taking an analysis of all transactions for possible noncompliance occurrences, testing the red alerts if any, and interviewing stakeholders of the compliance process, among other tasks. The following standard components are a must have for any properly-managed compliance project:
The nature of compliance projects in our careers vary. This post is intended to guide all types of compliance projects regardless of their scope or style. The best practices for executing compliance projects may take numerous forms. But one theme remains mandatory for any project - the need to develop and retain successful project execution evidence. The form taken by such evidence will depend on the project and the required work input. Here are the execution components that every compliant project requires:
Whether the objective of your compliance project is to augment PCI compliance or strengthen the KYC procedures of your AML program, a concrete execution based on an impregnable plan is needed for successful fruition. As Harvey Firestone said, having an idea is the only asset you need to develop a plan that will be solidly executed. With a well-calculated idea, the subsequent activities of the project will fall in place without many risks and wastes on deliverables. Implementing the project will be a smooth process considering that you have all the tools at your disposal to keep you within the budget and schedule of completion. I want to feature 5 to 7 Project Management related software or service offerings as new, unheard of or best in class to try out for u2019. I will feature them in an article similar to these past popular features I’ve put together:
14 Project Management Tools You May Not Know About 5 Project Management Tools and Services to Check Out in June 2018 6 SEO Tools Social Media Marketers Must Try Four Top Project Management Tools and Services to Check Out in May 2018 12 Project Management Related Tools to Consider for 2016 Project Management Related Tools And Services To Consider For 2016 And Beyond 5 Cybersecurity Tools and Services to Consider for 2016 and Beyond If you have one or want to suggest one for inclusion please contact me ASAP. I will need to discuss it with you and gather a few things from you or the vendor: - product description - screen shots - desired links - testimonials that you’d like to include Target go-live date is 3/25 - please let me know if you’re interested. I’ve written more than 6,000 PM, Cybersecurity, business strategy, SEO and related articles, ebooks, white papers and videos for clients and independent sites world wide and have been named “#1 Provider of Project Management Content in the World” so I have a good following and traffic to my content. Let’s make this a great feature! Thanks! I want to feature 5 to 7 Project Management related software or service offerings as new, unheard of or best in class to try out for u2019. I will feature them in an article similar to these past popular features I’ve put together:
14 Project Management Tools You May Not Know About 5 Project Management Tools and Services to Check Out in June 2018 6 SEO Tools Social Media Marketers Must Try Four Top Project Management Tools and Services to Check Out in May 2018 12 Project Management Related Tools to Consider for 2016 Project Management Related Tools And Services To Consider For 2016 And Beyond 5 Cybersecurity Tools and Services to Consider for 2016 and Beyond If you have one or want to suggest one for inclusion please contact me ASAP. I will need to discuss it with you and gather a few things from you or the vendor: - product description - screen shots - desired links - testimonials that you’d like to include Target go-live date is 3/25 - please let me know if you’re interested. I’ve written more than 6,000 PM, Cybersecurity, business strategy, SEO and related articles, ebooks, white papers and videos for clients and independent sites world wide and have been named “#1 Provider of Project Management Content in the World” so I have a good following and traffic to my content. Let’s make this a great feature! Thanks! Let me be the first to say that Project Management Professional (PMP) certification is great.
It can help you get hired, move up in your profession, and show dedication to your chosen career path. It can be a catalyst for cohesion within a PM infrastructure or project management office (PMO). It can give everyone a common language to use. It can show your project clients that the organization is dedicated to real success because your project managers are certified and ready to succeed on the projects they are managing for them. While this is great – and I would never stand in the way of anyone's certification aspirations... in fact I've helped hundreds follow that path already – it isn't likely how you're going to manage projects in the real world. I've been managing projects since shortly after the first PMP certification testing took place in October 1984. But in every organization I've been in and worked with PMP processes and concepts weren't the norm or of any major importance – project success and customer satisfaction has been the emphasis and that isn't likely to change. PMP is great to have, but it's like algebra... you might not actually use the knowledge very much in real life. It may get you a $20k raise or a better job elsewhere earning more... no doubt about that. But usage will likely be minimal. It's more of a paper and resume thing. Buy My Latest Book Please - “A Real World Project Manager’s Guide to the Successful Project”3/1/2019  To purchase go here: https://squareup.com/store/brad-egeland/item/ebook-a-real-world-project-manager-s-guide-to-the-successful-project
A PDF copy will be delivered to your email ASAP. The eBook was 4.99... now just $2.99 for a limited time. PDF eBook "A Real World Project Manager's Guide to the Successful Project." A practical guide to manage a project from end to end along with personal experiences from the author and some extra best practices tips. Chapters: Introduction From the Beginning Document Processes and Requirements Execute the Project Review with the Client and Gain Final Approval Communication is Everything Are Lessons Learned Important? How to Run the Perfect Project Meeting Risks are Real... Plan for Them Testimonials... "Best direction I've received in 2018 - a must read for logical PM steps to successful delivery" "Great takeaways - highly recommend" "Must reading for all PMOs, Brad's info is spot-on" "5 stars! Thanks for sharing your straightforward project management knowledge and style... keep up the great work!" “just like your articles, always something great to take away. Thanks for the advice... well worth the money. Keep writing!!” Book review: http://www.bradegeland.com/blog/book-review-a-real-world-project-managers-guide-to-the-successful-project Requirements are the lifeblood of the project. Period.
And bad requirements or missing requirements can triple the length of the project. Worse, they can kill a project altogether due to time or budget (or both) issues. I just had a simple home project for my wife go south because I failed to get the requirements fully defined before starting. I thought I had everything right, but I made some assumptions without asking certain questions. Keep in mind she is my very organized wife who hates it when I ask too many questions before starting a project for her. But our project customers have a potential to be problematic, stubborn, demanding or even uncooperative, right?... |
Search this entire blog:
Authors:
Brad Egeland
Use code BRADCCPM for 10% off training
Archives
May 2019
|
RSS Feed
