IT Security Project Management Handbook

As the late management guru Peter Drucker once said, "Plans are only good intentions unless they immediately degenerate into hard work." The intent of this book is not to lead you through long, arduous planning processes while hackers are stealing your network out from under you. The intent is to provide you with effective network security planning tools so that you can "degenerate into hard work" as quickly as possible to keep your network secure with the least amount of effort.

Rather than losing sleep at night wondering who's wandering around your network in the dark, you can create a comprehensive security solution for your company that will meet your security needs today and will allow you to address new security requirements in the future. This book is designed to help you do exactly that.

• Analyze the Cost of Prevention Versus Remediation: How to determine if preventing a security breach is less costly than fixing it once it occurs.
• Identify the Right Project Management Team: Determine who will be affected and make certain they are on board from the start.
• Monitor IT Security Project Quality: Many companies must comply with specific monitoring requirements to meet industry or governmental regulations.
• Create a Work Breakdown Structure (WBS): Be sure that your WBS tasks are at the same level by keeping the level of detail consistent.
• Create Reliable Documentation: Your documentation should be well defined and completed in as near real time as possible.
• Implement Individual Security Analysis Programs (ISAPs): Testing requires an active "push" against security areas to ensure they don't collapse.
• Close the Issues Log, Change Requests, and Error Reports: Addressing known issues in a reasonable manner and documenting those resolutions are important elements of reducing risk.
• Review Legal Standards Relevant to Your Project: Failure to understand the legal implications may leave your company at substantial legal risk.
• Walk Through a Complete Plan: Includes a step-by-step security project plan for a security assessment and audit project

About the Author

Susan Snedaker (MBA, BA, MCSE, MCT, CPM) is Principal Consultant and founder of VirtualTeam Consulting, LLC, a consulting firm specializing in business and technology consulting. The company works with companies of all sizes to develop and implement strategic plans, operational improvements and technology platforms that drive profitability and growth. Prior to founding VirtualTeam in 2000, Susan held various executive and technical positions with companies including Microsoft, Honeywell, Keane, and Apta Software. As Director of Service Delivery for Keane, she managed 1200+ technical support staff delivering phone and email support for various Microsoft products including Windows Server operating systems. She is author of How to Cheat at IT Project Management (Syngress Publishing, ISBN: 1-597490-37-7) The Best Damn Windows Server 2003 Book Period (Syngress, ISBN: 1-931836-12-4) and How to Cheat at Managing Windows Small Business Server 2003 (Syngress, ISBN: 1-932266-80-1). She has also written numerous technical chapters for a variety of Syngress Publishing books on Microsoft Windows and security technologies and has written and edited technical content for various publications. Susan has developed and delivered technical content from security to telephony, TCP/IP to WiFi, CIW to IT project management and just about everything in between (she admits a particular fondness for anything related to TCP/IP).

Susan holds a master’s degree in business administration and a bachelor’s degree in management from the University of Phoenix. She also holds a certificate in advanced project management from Stanford University. She holds Microsoft Certified Systems Engineer (MSCE) and Microsoft Certified Trainer (MCT) certifications. Susan is a member of the Information Technology Association of Southern Arizona (ITASA) and the Project Management Institute (PMI).