Project Management in IT Security Course Outline

Project Management in IT Security Course Outline


Attend EC-Council’s program on Project Management in IT Security (PMITS)




EC-Council’s program on Project Management in IT Security is a highly interactive 2-day class designed to teach Information Technology Security Professionals real time implementation of project management practices in IT security planning. It comprehensively covers corporate security project plan components, costs involved in security, basis for a successful project, limitations of a Project, corporate strategy and IT security and the influence of corporate culture and policies on IT security.
Students will learn to identify different issues arising during an organization-wide security planning and how to avoid and eliminate them.


Management people involved with security planning, Network server administrators, System Administrators and Risk Assessment professionals.



2 days (9:00 - 5:00)



The Project Management in IT Security exam 212-38 will be conducted at the last day of the training. Students need to pass the online Prometric exam to receive the CEP certification.



 


Components of Project Management in IT Security

  • Defining a Project
  • Introduction
  • The Security Issue
  • Role of Network Security
  • Integrity, Confidentiality and Availability
  • The Outcome
  • Various Possible Security Project Solutions
  • The Optimal Solution
  • Limitations of Security Project
  • Scope of Project
  • Dead Lines
  • Quality
  • Economy
  • Develop the Proposal
  • Identify the Sponsor for the Security Project
  • Corporate Security Project Plan Components
  • The Costs involved in Security
  • Basis for Success of a Project
  • Well Defined Project Objectives
  • Minimized and Well Defined Scope
  • Smaller Schedules
  • Experienced Project Manager
  • Executive Support
  • User Involvement
  • Well Defined Project Management Process
  • Limitations of a Project
  • Corporate Strategy and IT Security
  • Importance of the influence of Corporate Culture and Policies on IT Security

Organizing the IT Security Project

  • Introduction
  • Making of the IT Security Project Team
  • The IT Security Project Stakeholders
  • Requirement Specifications of the IT Security Project
  • Objectives of the IT Security Project
  • Processes involved in the IT Security Project
  • The Acceptance Criteria
  • Risk Management
  • Change Management
  • Communication
  • Quality
  • Status Reports
  • Defect Tracking
  • Escalation Process
  • Documentation
  • Approval Procedures
  • Deployment
  • Operations
  • Training

Developing the IT Security Project Team

  • Introduction
  • List of the IT Security Project Team Requirements
  • Roles and Responsibilities
  • Skill Set
  • Technical Skill Set
  • Communication Ability
  • Training and Negotiation
  • Ability to Negotiate and Understanding of Technical Aspects
  • Reporting
  • Legality, Regulations and Cost Factors
  • Identifying the Staffing Requirements and Constraints
  • Hiring the Staff
  • Developing the IT Project Team
  • Training Objectives
  • Team-building

Planning the IT Security Project

  • Structuring the details of IT Security Project Work
  • Project Tasks and Sub-tasks in the Project
  • Verifying Scope of the Project
  • Tasks in Detail
  • Ownership
  • Resources
  • Priority
  • Schedule
  • Budget Allocated
  • Project Dependencies
  • Limitations
  • Experience
  • Tools
  • Budget Constraints
  • Change in the Organization
  • Government or Regulatory Requirements
  • The Critical Path
  • Testing the Results
  • Defining the Budget, Schedule, Risks, and Communications

Managing the IT PM

  • Start of the IT Security Project
  • Examine and Organize the IT Security Project Progress
  • Authentication
  • Issue Report and Rectification
  • Documentation
  • Manage the IT Security Project Risk
  • Change Management in the IT Security Project
  • Potential Customers
  • Staff
  • Environmental
  • Test the IT Security Project Results






Building Quality into IT Security Projects

  • Introduction
  • Quality in the IT Security Project
  • User Requirements
  • Functional Specifications
  • Technical Requirements
  • Acceptance Criteria
  • Quality Metrics
  • Operational Standards of the IT Project
  • Monitoring IT Security Project Quality
  • Test the IT Security Project Quality







Closing Out the IT PM

  • Introduction
  • Evaluate the Project on Completion
  • Close all Open Issues, Change Requests, and Error Reports
  • Prepare for Implementation, Deployment, and Operational Transfer
  • Review the Lessons Learned
  • Documentation and Compliance Reports











Define a Corporate IT Project Plan

  • Define a Security Strategy for the IT Project
  • Legal Standards
  • Gramm-Leach-Bliley Act
  • Health Insurance Portability and Accountability Act 195 Sarbanes-Oxley Act
  • Federal Information Security and Management Act
  • FERPA and the TEACH Act
  • Electronic Communications Privacy Act and Computer Fraud and Abuse Act
  • Law concerning Unauthorized Access
  • Myths and Facts
  • Private Entity
  • Penetration Test
  • Legal Liability and Related Tools
  • Legal Assessment and Implementation in Corporate Scenario
  • Define Rights and Protection and involvement of Certified third-party individuals
  • Standards and Insurance
  • Overview of the Corporate IT Security Project Plan
  • Security Auditing
  • Reasons for Security Breaches
  • Factors of the Corporate IT Security Project
  • Goals of the IT Security Project
  • Scope, Timing, Budget and Quality
  • Skills related to Operating System, Networking, Application Security, Security Tools, and Programming
  • Project Work Breakdown Structure and Examples
  • Risks associated with the Project
  • Project Constraints
  • Project Assumptions
  • Project Schedule and Budget
  • Closing Out the Project
  • IT Infrastructure Security Project Plan
  • Infrastructure Security Assessment
  • Information
  • People and Process
  • Policies
  • Compliance with Processes
  • Technology
  • Establishing Baselines
  • Recognizing External Threats
  • Network Security Checklist
  • Project Parameters
  • Project Team
  • Project Organization
  • Project Work Breakdown Structure
  • Risks Mitigation Strategies
  • Project Constraints and Assumptions
  • Project Schedule and Budget
  • Overview of Infrastructure Security Project

General IT Security Plan

  • IT Security Assessment and Audit
  • Perimeters
  • The Internal Network
  • Information
  • Risk Assessments
  • Vulnerability Scanning and Penetration Testing
  • Risk Assessment
  • Impact Analysis
  • Authentication
  • Access Control
  • Auditing
  • Review the Policy
  • Review the Procedures
  • Review the Operations
  • Requisites of Legal Reporting
  • Attacks
  • Assessment and Audit Report
  • Entries in the Finding Report
  • Planning of the Project
  • General IT Security Project Parameters
  • Requirements
  • Scope, Schedule, Budget, Skill Sets and Procedures
  • General IT Security Project Plan
  • Project WBS, Constraints, Schedule and Budget
  • Wireless Security Project Plan
  • Wireless Security Auditing
  • Types of Wireless Devices
  • Wireless Threats
  • Risk Assessment
  • Impact Analysis
  • Project Parameters
  • Requirements
  • Scope, Schedule, Budget, Skill Sets and Procedures
  • Project Team
  • Project Organization
  • Project Work Breakdown Structure
  • Project Risks and Mitigation Strategies
  • Project Constraints and Assumptions
  • Project Schedule and Budget
  • Wireless Security Project Outline

IT Operational Security Plan

  • Operational Security Assessment
  • Incident Response
  • The Response Team
  • Policies
  • Disaster Recovery
  • Regulatory Issues
  • Health Insurance Portability and Accountability Act
  • Gramm-Leach-Bliley Act
  • Sarbanes-Oxley Act
  • Project Parameters
  • Issue, Solution, Scope, Cost, Time, Quality, Functional Specifications and Skill Set
  • Project Team
  • Project Organization
  • Project Work Breakdown Structure
  • Project Risks and Mitigation Strategies
  • Incident Response
  • Policy Management
  • Disaster Planning
  • Regulatory/Compliance
  • Project Constraints and Assumptions
  • Project Schedule and Budget
  • Overview of the Operational Security Project