IT Project Management (SIG ITProjMgmt)
Loading...
Paper Type
ERF
Paper Number
1654
Description
IT projects in today’s dynamic world involve complex business processes that span across multiple domains and utilize complex technologies. While managing these projects can be challenging to project managers, overlooking the security aspects of a project can lead to increased risks that can impact the triple constraints of the project – time, scope, and cost. Companies can also attract huge penalties if there are violations related to information security, privacy, and compliance. Security planning can be initiated along with the project and when managers evaluate the risks for a project. At the time of initiation and planning, some security-related activities like assessing data classification for the information collected by the project, regulations to be complied with, auditing needs, and assessing security objectives, can be considered. This will help the managers develop a realistic schedule that will reflect a reasonable budget and timeline within which a project can be completed.
Recommended Citation
Narasimhan, Prithi; Balasubramaniam, Rakesh; and Cherakoly, Suraj Sivaraman, "Incorporating Security Planning During Project Initiation" (2021). AMCIS 2021 Proceedings. 7.
https://aisel.aisnet.org/amcis2021/it_projmgmt/it_projmgmt/7
Incorporating Security Planning During Project Initiation
IT projects in today’s dynamic world involve complex business processes that span across multiple domains and utilize complex technologies. While managing these projects can be challenging to project managers, overlooking the security aspects of a project can lead to increased risks that can impact the triple constraints of the project – time, scope, and cost. Companies can also attract huge penalties if there are violations related to information security, privacy, and compliance. Security planning can be initiated along with the project and when managers evaluate the risks for a project. At the time of initiation and planning, some security-related activities like assessing data classification for the information collected by the project, regulations to be complied with, auditing needs, and assessing security objectives, can be considered. This will help the managers develop a realistic schedule that will reflect a reasonable budget and timeline within which a project can be completed.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.