Domain 3: Management - Project and Operations
- For each information systems project develop a clear project scope statement in alignment with organizational objectives.
- Define activities needed to successfully execute the information systems program, estimate activity duration, and develop a schedule and staffing plan.
- Develop, manage and monitor the information systems program budget, estimate and control costs of individual projects.
- Identify, negotiate, acquire and manage the resources needed for successful design and implementation of the information systems program (e.g., people, infrastructure, and architecture).
- Acquire, develop and manage information security project team.
- Assign clear information security personnel job functions and provide continuous training to ensure effective performance and accountability.
- Direct information security personnel and establish communications, and team activities, between the information systems team and other security-related personnel (e.g., technical support, incident management, security engineering).
- Resolve personnel and teamwork issues within time, cost, and quality constraints.
- Identify, negotiate and manage vendor agreement and communication.
- Participate with vendors and stakeholders to review/assess recommended solutions, identify incompatibilities, challenges, or issues with proposed solutions.
- Evaluate the project management practices and controls to determine whether business requirements are achieved in a cost-effective manner while managing risks to the organization.
- Develop a plan to continuously measure the effectiveness of the information systems projects to ensure optimal system performance.
- Identify stakeholders, manage stakeholders’ expectations and communicate effectively to report progress and performance.
- Ensure that necessary changes and improvements to the information systems processes are implemented as required.