- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Implementing a Project Security Review Process within the Project Management Methodology
- Abstract
- This paper will not discuss the pros and cons of having security policies. The presumption is that your organization is mature enough to have written and deployed security policies already. Instead, the focus will be on how to get greater penetration of these policies within the enterprise, by adding a security review process within the existing project management methodology. By working with the project office, a process can be created that includes the project approval process, assigning a security resource to projects, providing input to the project team, requesting standard deliverables to be met and being involved in project audit reviews. With these measures in place, risk for the organization can be lowered.