The Case for Integrating Information Security Management into the PMBOK® Guide

In a world that is increasingly facing cybersecurity issues and planning to be a step ahead, it makes sense to incorporate information security as a gate for every change to be undertaken in an organization. This paper presents the case for introducing information security (along with a proposed Security Review Board to stimulate the thought process) as part of project management processes. It will also discuss how PMI’s widely adopted A Guide to the Project Management Body of Knowledge (PMBOK® Guide) framework can take a lead by incorporating information security into its Knowledge Areas and processes, along with a suggested case study on one approach to adopting information security in project management processes. While this especially addresses the area of information security, this can be easily expanded to incorporate security as a general topic in the PMBOK® Guide.

While organization security is one of the vital elements of information management and maintenance, there is no formal approach to add information security as a key area of project management. Many organizations have security gates built into the design, risk management, or other phases or have security loosely tied up with the PMO; but no formal process or project management methodology has incorporated information security as a key area to target to provide guidance …

Please log in or sign up below to read the rest of the article.


Continue reading...

Log In
Sign Up

Don't ever take a fence down until you know why it was put up.

- Robert Frost