Task: Assign Information Security Resource

Assign generic or named information security resource(s) to project.

Disciplines: Information Security Discipline

Relationships

Roles

Primary Performer:

IS Manager

Additional Performers:

Project Manager

Inputs

Mandatory:

Security Assessment Request

Optional:

None

Outputs

Main Description

The Information Security Manager will assign an Identity and Access Management Specialist, Information Security Architect and IT Business Continuity/Disaster Recover Coordinator resource to the project team, as needed. Named resources will then be communicated to the Project Manager and/or assigned at the Resource Allocation Meeting.

Steps

PM requests Information Security Resource(s)

Attend the Resource Allocation Meeting

Assign Information Security Resource(s)

Assign either an Identity and Access Management Specialist, Information Security Architect and/or IT Business Continuity/Disaster Recovery Coordinator, depending on the project specifications.

Communicate assignment to Project Manager

PM adds resource(s) to Project Team

Prepare and Provide Effort Estimate to Project Manager

Analyze Concept Phase Artifacts to identify vulnerabilities with the proposed approach.
Determine the scope of involvement in the project. Scope includes some, if not all, of the following efforts:
1. Creating security requirements
2. Performing a security architecture review
3. Conducting a security test
Communicate the amount of effort required of information security resources to the Project Manager. Revise effort estimates, as needed, throughout the course of the project.

Develop Tasks for Project Schedule

Develop tasks for the Project Schedule and communicate to the Project Manager.

Version and Release

Unified Life Cycle (ULC): 5.1, November 3, 2014
Phase Gates: 1.1, May 27, 2014
Process Engineering Process (PEP): 1.1, May 27, 2014