TUFIN Firewall Implementation Project Plan Cybersecurity Paper

Description

Write a Cybersecurity Project Plan for the product you selected in Discussion 1.  Throughout the semester we have been working on the following assignments.  Your Final Project should take those to completion. The deliverable should appear professional in nature with any Excel or MS Project files as separate attachments.
It should include the following sections:
There is no set length but must include the following sections (see attachments for more details and examples):
Executive summary. An executive summary provides an overview of the project’s value proposition, the problem it addresses and its resolution, budget breakdown, milestones and deliverables.
Timeline or Gantt chart. Many project management plans include a Gantt chart that shows both the dates the project begins and ends and all start and end dates for the milestones that lead to the completion of the project. It should also point out any dependent and independent activities.

Risk assessment. A risk assessment should list all of the potential obstacles that could impact the completion of the project or the quality of its deliverables negatively. It also outlines the triggers that could cause these risks and how the risks can be mitigated or avoided altogether.

Team chart. The team chart shows all the people who will be involved in completing the project, their roles and their communication preferences.

Communication subplan. This subplan offers an overview of what tools will be used for communication, the communication assets and schedules that will be used to keep the project progressing and on track, communication protocols stakeholders should follow and team members’ communication preferences. 

Approval. This should include contain documentation of confirmation from the project sponsors, project owners and project manager.Firewall
My area of focus this semester will be on firewall tools, and after extensive research on different
firewall security management suites, I have selected Tufin as my primary focus. Tufin is an allencompassing solution that provides the following:



Efficient security policy management.
Automation.
Streamlining security operations and facilitating visibility and control over security
policies across hybrid cloud and physical network environments (TrustRadius, n.d.).
By centralizing the view of firewall policies, Tufin can aid organizations in reducing the risk of
misconfigurations and non-compliance with industry regulations. Furthermore, Tufin has multiple
features, such as automated policy change workflows, risk analysis, and compliance reporting, that
will enable me to enhance my knowledge of firewall management and security policy management
(Security Policy Automation for the Agile Enterprise, n.d.). Tufin’s user-friendly interface is another
factor that led me to choose it as my primary study area. Its reputable position in the industry and
global trust also played a role in my decision. By studying Tufin, I hope to gain a deeper
understanding of firewall security management and develop valuable skills in high demand in the
cybersecurity industry.
[PROJECT NAME]
Project Manager :
Project start date:
Input column
[Company Name]
[Project Manager]
30-Jan-23
1
Calculated column
5
01-Mar-23
2
11
T
1.8 Task
05-Mar-23
2
05-Mar-23
06-Mar-23
Team Member
12
T
1.9 Task
07-Mar-23
4
07-Mar-23
10-Mar-23
Team Member
13
P
2 Analysis
24-Feb-23
21
24-Feb-23
24-Mar-23
14
T
2.1 Task
24-Feb-23
5
24-Feb-23
02-Mar-23
Team Member
15
S
2.1.1 Subtask
28-Feb-23
6
28-Feb-23
07-Mar-23
Team Member
16
S
2.1.2 Subtask
06-Mar-23
4
06-Mar-23
09-Mar-23
Team Member
17
T
2.2 Task
12-Mar-23
6
12-Mar-23
17-Mar-23
Team Member
18
T
2.3 Task
20-Mar-23
2
20-Mar-23
21-Mar-23
Team Member
19
T
2.4 Task
22-Mar-23
3
22-Mar-23
24-Mar-23
Team Member
20
P
11-Mar-23
13
11-Mar-23
28-Mar-23
3 Design
21
T
11-Mar-23
2
11-Mar-23
13-Mar-23
Team Member
22
S
3.1.1 Subtask
13-Mar-23
3
13-Mar-23
15-Mar-23
Team Member
23
S
3.1.2 Subtask
18-Mar-23
8
18-Mar-23
28-Mar-23
Team Member
24
T
3.2 Task
20-Mar-23
3
20-Mar-23
22-Mar-23
Team Member
25
T
3.3 Task
25-Mar-23
1
25-Mar-23
25-Mar-23
Team Member
26
T
3.4 Task
26-Mar-23
3
26-Mar-23
28-Mar-23
Team Member
27
T
3.5 Task
28-Mar-23
2
28-Mar-23
29-Mar-23
Team Member
28
3.1 Task
9
40%
50%
24-Mar-23
27-Mar-23
28-Mar-23
29-Mar-23
30-Mar-23
31-Mar-23
Team Member
26-Feb-23
1.7 Task
23-Mar-23
Team Member
06-Mar-23
1.6 Task
T
22-Mar-23
02-Mar-23
03-Mar-23
T
21-Mar-23
26-Feb-23
9
10
60%
20-Mar-23
Team Member
17-Mar-23
28-Feb-23
16-Mar-23
24-Feb-23
15-Mar-23
3
14-Mar-23
24-Feb-23
13-Mar-23
1.5 Task
10-Mar-23
T
09-Mar-23
Team Member
8
08-Mar-23
Team Member
27-Feb-23
07-Mar-23
20-Feb-23
21-Feb-23
6
06-Mar-23
16-Feb-23
5
03-Mar-23
3
17-Feb-23
02-Mar-23
16-Feb-23
1.4 Task
01-Mar-23
1.3 Task
T
7
28-Feb-23
T
6
27-Feb-23
Team Member
24-Feb-23
15-Feb-23
23-Feb-23
13-Feb-23
22-Feb-23
3
21-Feb-23
13-Feb-23
20-Feb-23
50%
1.2 Task
T
17-Feb-23
Team Member
16-Feb-23
15-Feb-23
15-Feb-23
09-Feb-23
3
14-Feb-23
80%
5
5
1.1.2 Subtask
13-Feb-23
Team Member
06-Feb-23
S
10-Feb-23
08-Feb-23
WEEK 14
09-Feb-23
30-Jan-23
4
1.1.1 Subtask
M
WEEK 13
08-Feb-23
Team Member
8
S
30-Jan-23
1.1 Task
%
WEEK 12
07-Feb-23
15-Feb-23
30-Jan-23
3
30-Jan-23
1 Scope
TEAM MEMBER
WEEK 11
06-Feb-23
10-Mar-23
30-Jan-23
T
DEPENDENCY
WEEK 10
03-Feb-23
30-Jan-23
13
P
2
WORK
DAYS
WEEK 9
02-Feb-23
30
1
IND. START
DATE
TASK NAME
WEEK 8
31-Jan-23
END
DATE
TYPE
WEEK 7
01-Feb-23
START
DATE
ID
30-Jan-23
WEEK 6
T
W
T
F
M
T
W
T
F
M
T
W
T
F
M
T
W
T
F
M
T
W
T
F
M
T
W
T
F
M
T
W
T
F
M
T
W
T
F
M
T
W
T
F
Getting started guide
• Enter the [Project Name], [Project Manager], and [Company Name].
• Enter the Project Start Date (P3). This will automatically update the dates shown in the time
• Add details of your tasks, such as TYPE, TASK NAME, IND. START DATE, the number of WO
Note:
Type can be Phase (P), Task (T), or Subtask (S).
The IND. START DATE (independent start date) is the start date without dependenc
ID is unique and calculated automatically.
START DATE and END DATE are calculated columns. Please do not enter values man
The bars are based on START DATE and END DATE.
• To change the range of dates displayed in the timeline area, just slide the scroll bar.
Note :
Do not change the dates in the timeline manually.
• To add more tasks:
Step 1: Copy a single row or several rows at once.
Step 2: Select the row after the last task (Row 36), then right-click and select Paste or Ins
Note : If you want to insert the copied cells between tasks, just select any task’s ro
• To add more dates in the timeline:
Step 1: Copy one-week columns (e.g. AZ-BD)
Step 2: Select the column after the last date (BE), then right click and select Insert Copie
The calculation for START DATE and END DATE
• If you enter an IND. START DATE, by default, the START DATE and END DATE are filled in with
• Do not enter START DATE and END DATE values manually since both are calculated columns.
• Once you add the number of workdays, the end date is automatically updated. Weekends are n
How to add Dependency
• Use dependency if you have an item (task/subtask/phase) that starts only after another item e
• Each item (phase/tasks/subtask) has a unique ID.
• To add the dependency, use a cell reference instead of entering the predecessor’s ID manually
As shown in the Gantt worksheet, suppose you have Task 04 with ID=7,and it’s dependent on
To add the dependency: Enter “=B14″ in the DEPENDENCY column of Task 04.
The start date of Task 04 will be automatically updated based on Task 03’s end date.
The calculation for Phases
• You can enter the start date and number of workdays of a Phase manually.
• However, if you want to do calculation automatically based on its tasks, use the following form
IND. START DATE
=MIN(range_of_its_tasks_start_dates )
WORK DAYS
=IF(ISBLANK(phase_start_date ),””,NETWORKDAYS(phase_start_d
The calculation for Tasks
• You can enter the start date, the number of workdays, and % completion of a Task manually.
• However, if you want to do calculation automatically based on its subtasks, use the following fo
IND. START DATE
=MIN(range_of_its_subtasks_start_dates )
WORKDAYS
=IF(ISBLANK(task_start_date ),””,NETWORKDAYS(task_start_date
%
=SUMPRODUCT(range_of_its_subtasks_workdays ,range_of_its_subt
tasks_workdays ,range_of_its_subtasks_%completed /SUM(range_of_its_subtasks_workdays )
1
Student Name and Number
Course Code
Professor
Project Definition: Tufin
Project Definition: Tufin
The project manager, working in cybersecurity, will oversee the implementation of a
Tufin firewall solution for XYZ Travel Management Company, a business with 100 employees.
Following extensive research, Tufin was selected as the primary focus due to its efficient
security policy management, automation, and streamlined visibility and control over security
policies across hybrid cloud and physical network environments (Larson & Gray, 2017). The
project will be conducted on-site at XYZ Travel Management Company and executed during the
current semester, with a particular emphasis on studying firewall tools and improving knowledge
of firewall and security policy management. The project aims to minimize the risk of
misconfigurations and non-compliance with industry regulations by consolidating the view of
firewall policies. Moreover, the project will improve valuable skills in high demand within the
cybersecurity industry while offering a user-friendly interface to help organizations with firewall
security management.
2
Reference
Larson, E. W., & Gray, C. F. (2017). Project Management: The Managerial Process. McGrawHill Education.
Information Security Communication Plan Template
Use this template to document the communication message and methods your organization will use to communicate the se
roadmap to key stakeholders.
1. Determine the message that needs to be sent out and complete the following columns: Stakeholder, Stakeholder Needs
Message, Impact of Change on Stakeholders, Expected Stakeholder Reaction.
2. Decide on the methods used to deliver the message and complete the following columns: Media, Deliverer/Presenter, P
Mechanism, Responsibility.
mplate
n will use to communicate the security strategy and
Stakeholder, Stakeholder Needs and Concerns,
ns: Media, Deliverer/Presenter, Prepared by, Feedback
5Ws
The goal of this project is to implement a Tufin firewall solution for XYZ Travel Management Company, with a focus on effic
policies across hybrid cloud and physical network environments. The project aims to minimize the risk of misconfigurations
Project audience: CEO, CTO, CIO, IT Director, Cybersecurity Manager, Project Manager, Network Engineers, System Adm
Team members: Project Manager, Network Engineers, System Administrators.
Key stakeholders: CEO, CTO, CIO, IT Director, Cybersecurity Manager
The following channels will be used to facilitate two-way communication:
• Regular team meetings with the IT staff at XYZ Travel Management Company
• Weekly progress reports shared with the IT Director and Network Administrator
• Bi-weekly check-ins with Tufin Sales Representatives and Technical Support
• Dedicated email address for inquiries and feedback from all stakeholders
The success of our communication will be evaluated based on the following criteria:
• Stakeholder engagement and participation in project activities
• Timely and effective response to inquiries and feedback
• Completion of project milestones within the agreed-upon timeline
• Stakeholder satisfaction with project outcomes
Communication Message and Method
Message
Stakeholder
Stakeholder Needs
and Concerns
Message
Successful
implementation of
Tufin firewall will
minimize security
risks and ensure
compliance with
industry regulations.
Impact of Change on
Stakeholders
Improved security and
compliance will
enhance business
continuity and
minimize business
risks.
CEO
Cost, Business
Continuity
IT Director
Tufin firewall will
provide efficient
security policy
management,
automation, and
streamlined visibility
and control over
Improved security and
security policies
compliance will
Security, Technical across hybrid cloud enhance technical
Support, Regulatory and physical network support and minimize
compliance
environments.
security risks.
Cybersecurity
Manager
Project Manager
Network
Administrator
Technical Support
Security, Technical
Support
Tufin firewall will
provide efficient
security policy
management,
automation, and
streamlined visibility
and control over
Improved security and
security policies
compliance will
across hybrid cloud enhance technical
and physical network support and minimize
environments.
security risks.
Project Progress,
Timeline
Regular project
updates and status
reports will be
provided to
stakeholders.
Concerns about
changes to current
firewall policies and
procedures
We will consolidate
the view of firewall
policies to reduce the
risk of
misconfigurations
and non-compliance
with industry
regulations. The
Tufin firewall solution
offers a user-friendly
interface for firewall
security
Improved security and
management.
policy management
Concerns about
resolving technical
issues and meeting
customer
expectations
We appreciate your
ongoing support and
technical expertise.
We will work closely
with your team to
ensure the
successful
implementation of
Successful
the Tufin firewall
implementation and
solution.
customer satisfaction
Successful
implementation of
Tufin firewall within the
specified timeline.
Customers
Implementation of
Tufin firewall solution
to improve security
policy management,
automation, and
control over security
policies. Project aims
to minimize risk of
non-compliance and Improved security and
Ensure data security improve valuable
minimized risk of nonand privacy
skills.
compliance.
Business Partners
Implementation of
Tufin firewall solution
to improve security
policy management,
automation, and
control over security
policies. Project aims
to minimize risk of
non-compliance and Improved security and
Ensure data security improve valuable
minimized risk of nonand privacy
skills.
compliance.
Project Team
Ensure clear
communication and
understanding of
project goals, roles,
and responsibilities
Tufin firewall solution
implementation to
improve security
policy management,
automation, and
control over security
policies. Project aims
to minimize risk of
non-compliance and Improved security and
improve valuable
minimized risk of nonskills.
compliance.
XYZ Travel
Management
Company’s
Employees
Ensure minimal
business disruption
and improved
security posture.
The Tufin firewall
solution
implementation
project aims to
improve security
policy management,
automation, and
visibility across
hybrid cloud and
physical network
environments. We
will work closely with
the IT staff to ensure Improved security
minimal business
posture and better
disruption during the visibility of firewall
implementation.
policies.
l Management Company, with a focus on efficient security policy management, automation, and streamlined visibility and control over securi
aims to minimize the risk of misconfigurations and non-compliance with industry regulations by consolidating the view of firewall policies.
ct Manager, Network Engineers, System Administrators, Employees.
s.
n:
ny
ator
t
wing criteria:
Method
Expected
Stakeholder
Reaction
Positive
Positive
Media
Deliverer/Presenter
Prepared by
Feedback
Mechanism
Email, Meeting
Project Manager,
Cybersecurity
Manager
Project Manager
Email, Weekly
Progress Reports
Email, Meeting
Project Manager,
Cybersecurity
Manager
Project Manager
Email, Weekly
Progress Reports
Positive
Email, Meeting
Network Engineers,
System Administrators Project Manager
CEO, IT Director,
Cybersecurity
Manager, Network
Administrator,
Customer, Technical
Support, Project
Team, Employees
Project Manager
Supportive
Team Meetings, Biweekly Check-ins
Implementation
Specialists
Project Manager
Email, Weekly
Progress Reports
Supportive
Team Meetings, Biweekly Check-ins
Implementation
Specialists
Project Manager
Email, Weekly
Progress Reports
Positive
Email, Meeting
Email, Weekly
Progress Reports
Email, Weekly
Progress Reports
Positive
Website
announcement
Positive
Email
Positive
Weekly team
meetings
Executive
Management
Project Manager
Project Manager
Project Manager
Feedback form,
Email, Weekly
Progress Reports
Project Manager
Feedback form,
Email, Weekly
Progress Reports
Project Manager
Feedback form,
Email, Weekly
Progress Reports
Positive
Email and Progress
Report
IT Staff
Project Manager
Email, Weekly
Progress Reports
bility and control over security
view of firewall policies.
Responsibility
Project Manager
Project Manager
Project Manager
Project Manager
Project Manager
Project Manager
Executive
Management
Project Manager
Project Manager
Project Manager
Risk Log
XYZ Travel Management Company
Risk Register
Project name: Tufin Firewall Implementation
Project manager:
Risk ID
Risk Description
Impact
Likelihood Severity
Owner
Mitigating Action
R1
Insufficient training of staff on the new Tufin
firewall solution
High
Medium
Medium
Project Manager
R2
Integration issues with existing network
infrastructure
High
High
High
IT Infrastructure Manager
R3
Data loss or corruption due to improper
configuration or user error
Unauthorized access to sensitive data due to
insufficient security controls
Inadequate monitoring and alerting capabilities
High
Medium
Medium
Security Analyst
High
Low
Medium
Security Analyst
High
Low
Medium
Security Analyst
R6
Lack of visibility and control over cloud-based
resources
High
High
High
Cloud Architect
R7
Medium
Medium
IT Infrastructure Manager
Medium
Medium
Security Analyst
R9
Incompatibility with future network infrastructure
High
changes
Compliance violations due to misconfigured firewall High
policies
Limited technical support or expertise
High
Low
Medium
Project Manager
R10
Lack of stakeholder buy-in or support
Medium
Medium
Project Manager
Provide adequate training to all staff members who will be using the tool, including
technical and non-technical staff, and ensure that they have a thorough understanding of
the tool’s functionality.
Perform a comprehensive network assessment before implementation to identify any
potential integration issues and ensure that the Tufin solution is compatible with existing
network infrastructure.
Implement strict change management procedures to minimize the risk of misconfiguration
or human error, including regular backups and testing of firewall policies.
Implement access controls and user permissions to ensure that only authorized personnel
have access to sensitive data and information.
Configure the Tufin solution to provide real-time monitoring and alerting capabilities, and
establish clear procedures for responding to security incidents.
Implement the Tufin solution’s cloud management features to gain visibility and control
over cloud-based resources, and ensure that security policies are consistent across all
network environments.
Plan for future network infrastructure changes and ensure that the Tufin solution is
designed to be scalable and adaptable to changes in the network environment.
Regularly review and test firewall policies to ensure compliance with industry regulations
and best practices, and establish procedures for remediation in case of non-compliance.
Establish a support contract with the Tufin vendor to ensure timely technical support and
access to expert resources.
Involve stakeholders in the implementation process and communicate the benefits of the
Tufin solution to gain their support and buy-in, and address any concerns or objections they
may have.
R4
R5
R8
www.stakeholdermap.com
Medium
1 of 3
© T Morphy. stakeholdermap.com. 2009 – 2017
1
Impact
1
2
3
Likelihood
2
3
Low
Low
Medium
Low
Medium
High
Medium
High
High
High
Medium
Low
Item
Hardware
Item 1
Item 2
Item 3
Software
Item 1
Item 2
Item 3
Maintenance
Item 1
Item 2
Item 3
IT Project Expense
Item 1
Item 2
Item 3
IT Dept Staffing
Item 1
Item 2
Item 3
IT Overhead Costs
Item 1
Item 2
Item 3
Emergency Expense
Item 1
Item 2
Item 3
Cost $
This includes expenses for things like servers, employee devices (laptops, phones, tablets, etc.), and
Many businesses require specialized software for their key business processes. This means paying for
software licenses and service subscriptions if using pre-built solutions from third parties.
Hardware and network infrastructure will need to be maintained to keep operating at peak efficiency.
Setting aside funds for preventive maintenance and necessary upgrades can help prevent downtime
Project expenses such as administrative costs, project-specific hardware and software costs, labor, and
consulting will need to be accounted for.
The salaries, bonuses, and benefits paid to IT staff needs to be accounted for in the IT budget. There
also needs to be money set aside to handle things like recruiting new IT staff or providing IT training.
If using privately-owned servers, the company will need a data center to host them. This means
acquiring real estate, setting up a server room (complete with power, network access, and cooling),
A company might set aside funds for data breach recovery expenses, meeting new regulatory
standards, or replacing a high-skilled IT position.
What Is A Project Management Plan And
How To Create One
Authors: Alana Rudder, Cassie Bottorff
Table of Contents





What Is a Project Management Plan?
6 Parts of a Project Management Plan
Before You Create a Plan
How To Create a Project Management Plan in 7 Steps
Bottom Line
A project management plan offers a blueprint to stakeholders and end-users
surrounding the execution of an upcoming project. While it takes time to put it
together, the process is worth it. It helps to reduce risks, create buy-in, gather
your team’s expertise, align communication and ensure resource availability.
This guide outlines what a project management plan is and its benefits, and
then offers an easy step-by-step guide on how to create one.
What Is a Project Management Plan?
A project management plan is a set of documents that outline the how, when
and what-ifs of a project’s execution. It overviews the project’s value
proposition, execution steps, resources, communication tools and protocols,
risks, stakeholders (and their roles) and the deliverables involved in a project’s
completion. Its documents include an executive summary, Gantt and team
charts, risk assessment and communication- and resource-management
subplans.
What Is a Project Management Plan Used For?
A project management plan serves as a blueprint or roadmap to the ultimate
success of your project. It does so by aligning talent, buy-in, manpower,
resources, risk management and high-quality communication around your
plan. It also ensures everyone knows their responsibilities, which tasks are
involved and when deadlines are so the project stays on track for quality ontime completion.
Here is a closer look at project management plan use cases:






Buy-in. Your plan ensures all stakeholders are on board, so that they’re
prepared to be productive.
Expertise. A plan helps to ensure you have enough people to expertly
own the activities needed to complete the project.
Risk management. Putting together your plan helps you to assess the
risks that may come up through the trajectory of project execution and
how to prevent or mitigate them.
Communication and collaboration. Your planning process ensures
poor communication does not negatively impact the project’s outcome.
It does so by getting everyone on the same page regarding
communication tools, schedules, preferences and protocols.
Milestones. As you plan your project, you ensure your team agrees on
the necessary milestones to complete it successfully. Doing so ensures
your team is ready to be productive instantly come project initiation and
that scope creep does not impact the project negatively.
Resource management. Through your planning process, you assess
the resources needed to complete the project and their availability.
Resources may include funds and raw materials, for example. Doing so
ensures resource availability and that insufficient resources do not
derail or stop the project altogether.
6 Parts of a Project Management Plan
A project management plan should include an executive summary, timeline or
Gantt chart, resource management subplan, risk assessment, communication
subplan and team chart. Here is an overview of each of these parts:






Executive summary. An executive summary provides an overview of
the project’s value proposition, the problem it addresses and its
resolution, budget breakdown, milestones and deliverables.
Timeline or Gantt chart. Many project management plans include
a Gantt chart that shows both the dates the project begins and ends and
all start and end dates for the milestones that lead to the completion of
the project. It should also point out any dependent and independent
activities.
Risk assessment. A risk assessment should list all of the potential
obstacles that could impact the completion of the project or the quality
of its deliverables negatively. It also outlines the triggers that could
cause these risks and how the risks can be mitigated or avoided
altogether.
Team chart. The team chart shows all the people who will be involved
in completing the project, their roles and their communication
preferences.
Communication subplan. This subplan offers an overview of what
tools will be used for communication, the communication assets and
schedules that will be used to keep the project progressing and on track,
communication protocols stakeholders should follow and team
members’ communication preferences.
Resource management subplan. This subplan should list what
resources may be needed to complete the project. Essential resources
may include raw materials, digital tools and funding. It should then offer
a breakdown of what materials will be needed for each milestone, a way
to ensure their availability and ways to track resources throughout
project execution.
Before You Create a Plan
Before you begin writing your plan, take a few minutes to prepare. Doing so
may involve defining what is at stake should the project not go well,
identifying the milestones needed for successful completion, selecting key
talent to complete your project, selecting and signing up for the tools that will
make the plan creation process easy and efficient and defining the end
beneficiary of your project. Below is a closer look at each of these preparation
steps.
Failure Risk Assessment
Defining what would happen if the project were not completed successfully
can guide you later as you motivate your execution team and formulate your
plan’s and your project’s value proposition. This perspective tells all
stakeholders how important their roles are.
Milestone Identification
One way to ensure you select the proper team members for plan creation and
execution is to define the milestones for which they will be responsible. Once
you have identified the milestones, you can identify the needed expertise and
then the talent that holds that expertise.
Talent Selection
As you write your plan, it is essential to gather expertise from the team
members who will execute it. Doing so could mean the success or failure of
your project. Identifying these stakeholders now means you can get them
involved sooner for higher collective knowledge during the planning process.
Tool selection
When planning your project, you will need to use charts, graphics and reports
to record the necessary information. Graphic design tools like Canva
and project management software like monday.com or Wrike can help.
Beneficiary or End-user Identification
Nothing can set you up for success in project completion like understanding
what the end-user or project beneficiary needs in the final deliverable.
Understanding this requires an understanding of that end-user or beneficiary.
Take some time to listen to their needs, wants and hopes surrounding your
project before beginning to plan a project that will impact and, hopefully,
delight them ultimately.
How To Create a Project Management Plan in 7 Steps
To create a project management plan, first put together a high overview of the
basics of your project, including the project’s scope, schedule and budget.
Next, build on those basics to write an executive summary. Then, add a project
timeline, risk assessment, stakeholder chart, communication plan and
resource management plan to your executive summary. Lastly, gather and
incorporate stakeholders’ insights to perfect and create buy-in for your plan.
1. Identify Baselines for Your Project
Your project’s baselines should first focus on the project’s scope, then the
project’s schedule and, finally, its budget. The result should be a high overview
that will inform the rest of your planning process. To complete this step,
answer the following questions:

What is a summary of the project’s deliverables, including the expected
features in order of priority?

What important milestones will help us complete this project?

What should the project not focus on? (set some scope boundaries)

When is the project scheduled to begin?

When should the project be complete?

How much do we have to spend on this project? If it is a project that
needs to be completed for a client, what budget do we have to spend on
it while still making a set profit margin?
2. Write an Executive Summary
An executive summary should include a definition of your project, your
project’s value proposition, including the problem your project addresses and
its solution, milestones and their deliverables, scope limits―and the
consequences for changing these limits―goals and financial breakdown. Use
the answers to the questions posed in step one to put together your executive
summary.
As the face of your project before stakeholders, your executive summary
should be visually appealing and succinct. Columns and visuals should break it
up to make it easy to read quickly. One great tool for creating an attractive and
succinct summary is a Canva executive summary template. You can customize
a template to match your brand and add your content, then either download
your executive summary or share it in link form.
To begin, sign up for Canva for free, then use the search box titled “What will
you design?” for “executive summary” and press “enter.” Click the appropriate
template for your purposes and brand, then use the tools on the left-hand side
of the enlarged template to customize its colors, text and images. Add pages by
clicking the plus sign at the top right-hand corner of the template and proceed
to add text and customizations to complete your summary.
3. Plot Your Project’s Timeline
The best way to plot your project’s timeline is with a Gantt chart. A Gantt chart
is a visual representation of what activities you plan to begin and complete and
when. These activities are usually small chunks or milestones of your
completed project. They also formulate the scope of your project, helping to
reduce scope creep later on. Gantt charts are often the easiest to use to plot
your timeline.
It is important to note expected dependencies on your Gantt chart. A
dependency happens when one activity on a timeline must be completed
before team members can go on to the next one. For example, a prototype
needs to be completed before a focus group analysis of the prototype can take
place. Thus, these two activities are dependent. Also note independent
activities that can be completed even as other activities are underway, thereby
saving time.
Pro tip: An easy way to note dependencies and independent activities is via
color-coding. Arrows drawn on your Gantt chart can also help to pinpoint
dependencies.
While Canva does offer Gantt charts to plot your project’s timeline, there are
also platforms that specialize in producing Gantt chart software. Not only can
this software help you put together your Gantt chart, but it can then help you
stay on track with its timeline and avoid scope creep once your project begins
via task descriptions and automations. If paying for such a service isn’t in your
project’s budget, you can also create a Gantt chart in Excel or Google Sheets.
Gantt chart from monday.com
4. Define Stakeholder Roles
With your project activities recorded on your timeline, define who will be
responsible for each activity. Your plan serves as a guiding star to all
stakeholders involved in your project, so it’s best to record responsible parties
in an intuitive chart. Create a project team chart to show who will be involved
in completing the project and for which activities each is responsible. For
collaboration ease, also note who each person is accountable to and their
contact information.
Canva offers organizational or team chart templates you can use to customize
for the needs of your project. Search “organizational chart” using the search
bar in your Canva account. Click the chart that best suits your project and
brand needs. Then, use the design menu to upload pictures of your team
members, customize colors and replace template text to offer the data your
stakeholders need for easy collaboration during the life of your project.
An example of a Canva organizational chart template to be adapted to create a project team chart.
5. Perform a Risk Assessment
Your risk assessment should begin with a list of obstacles that could impact
your team’s ability to complete the project on time negatively at all and with
the desired quality. It should then create a plan for each risk by addressing
what might trigger the risk, steps that lend to risk prevention and how to
mitigate a risk should it happen. Finally, it should assign stakeholders to
manage risk triggers, prevention and mitigation. Some teams use a SWOT
analysis to help identify strengths, weaknesses, opportunities and threats in
this stage.
To dive into each risk, answer the following questions:

What could happen that would negatively impact the project?

At what point in the project timeline is this risk most likely to happen?

How likely is the risk to happen?

What events or factors would trigger this risk?

What steps can be taken to reduce the chances of this risk taking place?
How can we avoid this trigger or these triggers?

What would be the expected outcome should the risk happen anyway?

How could we mitigate a negative outcome should the risk take place?

Who would be the best person to manage each risk’s triggers, prevention
or mitigation?
As you assigned responsible parties for each project activity, you likely
selected people who had expertise in the areas in which their assigned
activities fall. For example, if you assigned the graphic design of a marketing
project to a team member, that person is likely a graphic designer. Their
expertise is invaluable in assessing graphic design risks and their prevention
and mitigation steps. Lean on your team for this expertise, and then
implement their suggestions.
6. Create Key Subplans
Two key subplans you should include in your project management plan are a
resource and communications management plan. Your resource sub plan
should list what resources are needed to complete your project and their
availability. Your communications plan should include how your team will
communicate one-on-one and team-wide.
Resource Management Plan
A resource subplan can be completed in project management software. You
can create columns for estimated expenses and other needed resources broken
down by milestones, such as raw products and talent. Other customizable
resource reports are available within the software and automatically kept up to
date. Wrike, for example, offers customizable reports where you can track
resource availability and export reports to include in your plan.
An example of Wrike’s customizable resource reports
Communications Management Plan
While it may seem inconsequential compared to your risk assessment and
resource plan, poor communication is the primary reason most projects
experience scope gaps and project failure, according to a PMI study. Poor
communication can, therefore, derail all your other planning efforts.
As such, your communications management plan should be detailed and
address what, when and how information will be shared during your project.
Details should focus on what needs to be communicated and at what intervals
during the project execution, stakeholders’ communication preferences, a
communication schedule for virtual meetings or phone calls that occur at
planned intervals, who will review tasks, to whom task completions should be
reported and what platforms or tools should be used for communication
purposes.
Pro tip: For best results, look at the communication tools available in your
project management software. Alternatively, consider what communicationtool integrations it offers. For example, most project management software
offer integrations with Slack. Using available tools within your software will
allow ease of collaboration and the communication visibility your team needs
to stay on the same page and on track.
7. Gather and Incorporate Feedback From Stakeholders
The team you have chosen to own the activities on your project timeline are
uniquely capable of doing so. As such, they are likely to have
recommendations you might not think about to make your project more
successful. Moreover, if their insights are incorporated into the plan, they are
more likely to enthusiastically follow it. So, get your team together and go over
the details of your plan. Learn from them and incorporate their insights.
In addition, present your plan to the end-user or client for whom you are
executing the project. Make sure they agree to the project scope and its
deliverables. Make their preferred changes now so you don’t have to make
them later. Discuss what will happen if they change their minds later―extra
fees, for example―so that scope creep does not impact your project’s
successful execution, on-time completion or quality final deliverable
negatively.
Bottom Line
Creating a project management plan is the first critical step to ensuring a
quality project execution and completion. Without it, you risk project
derailment, a blown budget, an unrealized value proposition and a potentially
frustrated end-user. With it, you enjoy buy-in, resource availability, budget
adherence, a quality and expertly-driven final deliverable and a delighted enduser. We hope this guide sets you on a trajectory to enjoy all of these benefits.
1
FIFA World Cup 2022 Cybersecurity Project Plan
Student Name
ITCS 3350 Project Management for Cyber Security
Professor Greg Lindstrom
October 30, 2022
Final Project
2
FIFA World Cup 2022 Cybersecurity Project Plan
Utilizing the FIFA Cybersecurity Framework or your own research, write a
Cybersecurity Project Plan for at a high level for the World Cup or a sub-component of your
choosing. It could be a component you would like to see implemented in the event.
It should include the following sections:






Executive summary. An executive summary provides an overview of the project’s value
proposition, the problem it addresses and its resolution, budget breakdown, milestones and
deliverables.
Timeline or Gantt chart. Many project management plans include a Gantt chart that shows
both the dates the project begins and ends and all start and end dates for the milestones that
lead to the completion of the project. It should also point out any dependent and independent
activities.
Risk assessment. A risk assessment should list all of the potential obstacles that could impact
the completion of the project or the quality of its deliverables negatively. It also outlines the
triggers that could cause these risks and how the risks can be mitigated or avoided altogether.
Team chart. The team chart shows all the people who will be involved in completing the
project, their roles and their communication preferences.
Communication subplan. This subplan offers an overview of what tools will be used for
communication, the communication assets and schedules that will be used to keep the project
progressing and on track, communication protocols stakeholders should follow and team
members’ communication preferences.
Approval. This should include contain documentation of confirmation from the project
sponsors, project owners and project manager.
Examples:
Timeline or Gantt Chart
3
Phases Example
4
Team Chart
Budget
5
Communication Plan
Risk Management Plan
6
Approval Example
7
References
Larson, E.W. & Gray C.F. . (2021). Project Management – The Managerial Process (8th ed.)
Rudder, A & Bottorff, C (2022) What is a Project Management Plan and how to create one
https://www.forbes.com/advisor/business/project-management-plan/
Etc
CYBER SECURITY PROJECT PLAN
1. Background
High-Integrity, real-time computer systems, such as the safety-related digital instrumentation
and control systems found at nuclear power plants, must be secure against physical and
electronic threats. Computer systems are secure from such threats if the consequences of
unauthorized and inappropriate access to and use of those systems are limited to assure that
safety is not significantly impaired. Cyber assessments of hardware should include physical
access control, modems, connectivity to external networks, data links, open ports, maintenance
access, etc. Security of computer system software relates to the ability to protect against
unauthorized, undesirable, and unsafe intrusions throughout the life cycle of the safety system.
The security of computer systems is established by (1) designing into the systems the security
features that will meet the licensee’s security requirements, (2) developing the systems without
undocumented codes (e.g., back doors), which includes adequate protection against the
injection of malicious code at any time during the system life cycle (e.g., viruses, worms, Trojan
horses, and bomb codes), and (3) installing and maintaining those systems in accordance with
the station administrative procedures and the licensee’s security program. Additionally, the
design of the plant data communication systems that interface to the safety-related systems at
nuclear power plants should ensure that the communications pathways do not present an
electronic path by which a person can make unauthorized changes to plant safety systems or
display erroneous plant status information to the operators.
In January 2006, the NRC revised Regulatory Guide 1.152 to endorse the updated IEEE Std.
7-4.3.2-2003. Because IEEE Std. 7-4.3.2-2003 does not provide adequate guidance regarding
security of computer-based safety system equipment and software systems, the NRC included
Regulatory Positions 2.1 – 2.9 to provide specific guidance concerning computer safety system
(cyber) security. These regulatory positions address cyber security of safety-related computer
systems at the various stages of the system life cycle. More recently the NRC issued a
proposed rule change to 10 CFR 73.55 that includes provisions for cyber security of critical
digital systems at power reactors, such as safety systems, security systems, and emergency
preparedness systems. This rule is anticipated to be final in late 2007.
Currently NUREG-0800, the Standard Review Plan (SRP) is being revised by the staff.
Proposed revisions include adding guidance in Appendix7.1D on the application of the criteria
of IEEE Std. 7-4.3.2-2003 as endorsed by Regulatory Guide 1.152, Revision 2. Section 10 of
Appendix 7.1-D provides additional guidance on applying Cyber Security requirements of IEEE
Std. 603-1991 on access control and the security guidance of Regulatory Position 2 of RG
1.152, Revision 2.
2. Scope
The following cyber security requirements will be addressed by the TWG:
1. Cyber security assessment of computer hardware, including physical access control,
modems, connectivity to external networks, data links, open ports, maintenance
access, etc.
ENCLOSURE 2
-2-
2. Security of computer system software relates to the ability to protect against
unauthorized, undesirable, and unsafe intrusions throughout the life cycle of the
safety system.
3. Protection of critical systems and digital assets to thwart cyber security attacks.
4. Installation and maintenance of those systems in accordance with each nuclear
station’s administrative procedures and the licensee’s security program.
5. Prevention of communication pathways within the plant data communication systems
that will permit unauthorized changes to plant safety systems or display erroneous
plant status information to the operators.
The following are explicitly excluded from the scope of this task:
1. Evaluation of specific cyber security technologies, such as firewalls and IDS.
This task working group will be focusing its efforts in addressing inconsistencies within existing
NRC and industry cyber security requirements. Specifically, the working group will be
evaluating the differences between Regulatory Guide 1.152, “Criteria for Use of Computers in
Safety Systems of Nuclear Power Plants, revision 2, and NEI 04-04 “Cyber Security Programs
for Power Reactors.” The resulting deliverable will be used to modify these guidance
documents to build a coherent set of requirements. In addition, this task working group will
evaluate existing regulations, proposed rule 10CFR73.55, and standard review plan to address
any conflicts, and to determine if the NRC needs to develop additional rules and guidance
documents.
3.
PROBLEM STATEMENT
In December 2005 the NRC Office of Nuclear Security and Incident Response (NSIR) endorsed
Nuclear Energy Institute (NEI) guidance document NEI 04-04, “Cyber Security Programs for
Power Reactors,” Revision 1, dated November 18, 2005, as an acceptable method for
establishing and maintaining a cyber security program at nuclear power plants. In January
2006, the NRC published Revision 2 to Regulatory Guide 1.152 (RG1.152R2) as “acceptable
for complying with the Commission’s regulations for promoting high functional reliability, design
quality, and cyber security for the use of digital computers in safety systems of nuclear power
plants.”
In October 2006, NRC, NEI, and industry representatives met and discussed, among other
things, how to resolve differences between the various regulatory guidance documents
pertaining to cyber security of power reactors. The following problem statements were
developed based on the October meeting and subsequent input from NEI for consideration by
the Cyber Security Task Working Group (TWG):
a) The cyber security requirements in Regulatory Guide 1.152 and NEI 04-04 are not
consistent and can provide conflicting guidance for implementing cyber security plans.
Deliverables:
1. Complete gap analysis of Regulatory Guide 1.152 and NEI 04-04
2. Facilitate revision of either Regulatory Guide 1.152 or NEI 04-04 to reconcile any
differences between the two documents.
C:FileNETML071000419.doc
2
-3-
b) Existing cyber security requirements and guidance documents may lack coherence.
Various regulatory guidance documents, such as Revision 2 to Regulatory Guide 1.152,
Chapter 7 of the Standard Review Plan (e.g., SRP Appendix 7.1-D, and NEI 04-04) may
need revision to provide consistent cyber security guidance.
Deliverables:
1. Establish/develop clear guidance for assuring effective implementation of current cyber
security requirements at power reactors as well as acceptable cyber security practices in
the design of digital safety systems.
2. Analysis of existing and proposed cyber security regulations and requirements to
develop recommendations to ensure a consistent and coherent regulatory framework for
cyber security of power reactors.
3. Publish document(s) describing the regulatory guidance needed to implement the
criteria developed in previous two deliverables
4. Prepare one or more Regulatory Information Summaries (RIS) (or other vehicle as
designated by the Digital I&C Steering Committee) to disseminate and facilitate the
implementation of the TWG recommendations.
Milestones and Deliverables
Initial TWG meeting
Develop draft Cyber Security Project Plan
TWG meeting/teleconference to review/finalize
draft Cyber Security Project Plan
DI&C-SC endorsement of Cyber Security
Project Plan
Describe existing regulatory requirements and
regulatory guidance, perform gap analysis of
RG1.152R2 and NEI 04-04
Provide recommendations on addressing gaps
Identify consensus standards and other
relevant cyber security recommended best
practices
Develop one or more RIS to document the
regulatory and design guidance developed by
the Cyber Security TWG.
Due Date
Fcast/A/ctual
Milestones, Assignments, and Deliverables
deliverable
8.
Feb 21
A
Mar
F
Mar
F
Mar
F
Apr
F
May
F
May
F
June
F
July
F
Revise guidance appropriately
RG1.152R2
C:FileNETML071000419.doc
3
-4-
NEI 04-04
Update SRP(s) with guidance
July
F
Sep
F
Complete rulemaking on 10 CFR 73.55
F
Develop nuclear industry consensus standard
that addresses acceptable cyber security
practices for power reactors.
F
Update SRP(s) with guidance
F
Issue regulatory guidance related to final rule
10 CFR 73.55(m), including possible
endorsement of industry standard(s)
F
C:FileNETML071000419.doc
4
Minnesota Geospatial Commons – Test Implementation
Project Plan
Project Name: Minnesota Geospatial Commons – Test Implementation
Date: 06/07/2010
Version: 1.3
Prepared By: Mark Kotz
A
Executive Summary
Business Need/Opportunity
The Minnesota geospatial community has access to a large number of shared geospatial datasets, mainly
through multiple data download sites. However, no one web location exists through which people and
organizations can find and share such data. Shared web services and applications are even less accessible, and
only modestly promoted as a potential shared resource. There exists in Minnesota a significant opportunity to
collaboratively develop a single location through which published Minnesota geospatial resources can be found
and shared.
Many in the community are very interested in this opportunity and have a compelling business need to see it
succeed, not the least of which are the agencies that manage the biggest GIS data distribution sites in the state
(DNR, Met Council, MnGeo & Mn/DOT). Further, the existence of a collaboratively developed Commons
may eliminate the need for existing, disparate GIS data download sites, saving several organizations from the
responsibility of maintaining their own sites and upgrading them periodically.
The coordinated geospatial commons that is envisioned would greatly advance our ability to share web services
in particular, by both providing a place to publish information about them and also by facilitating assessments
of the reliability and trustworthiness of such web services. The increased usage of web services will produce
efficiency gains for many organizations, in particular those that develop geospatial applications.
Perhaps most importantly, the Commons will provide a one stop location for a broad array of business and GIS
users in Minnesota and beyond, whether professional or casual, to find and share useful resources, and will
promote greater sharing of geospatial data, services and applications.
Statement of Work
This effort includes the following:
Define the needed functions of the Commons
o Begin with those functions needed by the major data producers
o Get additional input from the broader MN geospatial community
Assess existing sites and products and choose a product for a test bed implementation
Further define the critical functions and requirements (i.e. role of the broker, services documentation)
Form a multi agency implementation team advised by the Commons workgroup
Create and approve a project charter
Create and approve a project plan for the test bed implementation
Implement a test bed Commons focusing on high priority functions
Test functionality and assess strengths and deficiencies of software product and implementation
methods
Make recommendations and project plan for a full production Commons, including
o Roles and responsibilities
o Functions to include
o Implementation methods
o Timeline
1
Minnesota Geospatial Commons – Test Implementation
o Governance
Report findings
Seek commitment and/or funding
This effort does not include the following:
Implementing a final production Commons
Project Objectives
Business Objectives for the project are:
Define the needed functions of the Commons
Implement a test bed version of the Commons
Make recommendations and develop a project plan for a full production Commons
Report to MnGeo and the geospatial community
Constraints
The following limitations and constraints have been identified for this project:
The effort relies on voluntary participation by multiple government agencies
This project has no defined budget
This project will proceed within the bounds of the prioritized Commons functional requirements
previously defined by the Geospatial Architecture Workgroup
Upon approval of this Project Charter, the next milestone will be the completion of a Project Plan.
Assumptions
The following assumptions were made when developing this Project Charter:
This project has the approval of MnGeo to host the test bed Commons.
Participating agencies will continue to support staff involvement with this project.
More specific staff commitment levels will be defined in the project plan.
The Project Charter was approved on 3/19/ 2010.
B
Scope Overview
Business Scope
Phase 1 – Requirements
Define and prioritize preliminary list of functions
Assess user needs and modify functions and priorities if appropriate
o Create online survey
o Advertize on existing data discovery sites and GIS/LIS newsletter
o Compile results and compare to functions list and modify as appropriate.
Assess web service requirements
o Clarify what comprises comprehensive documentation of a web service.
o Agree on a list of key characteristics that must be addressed to achieve “trust” in a web service.
o Further define the roles of the Broker (both machine and human) and the Enterprise Service
Provider with respect to quality of service and trust.
o More clearly define the options for, and recommended functions of the broker and how it interfaces
with the service provider and the application client.
2
Minnesota Geospatial Commons – Test Implementation
Phase 2 – Implementation – ESRI Geoportal Extension
Identify a host server
Identify training needs of implementation group
Research functionality and configuration options
Develop a plan for which Commons functions will be implemented
Develop a configuration plan
Define how selected geoportal software will fit into existing architecture
Install and/or configure hardware and firewall connections
Install and configure software
Implement client functions and complete UI/design work
Individual agencies contribute resources (e.g. data, services, applications) to test Commons
Develop a test plan and test cases
Test implemented functions
Assess how implemented functions meet workgroup defined needs
Describe what other functionality is needed
Recommend how that functionality might be acquired or created
Recommend whether the ESRI product should be used for a production site
Modify implementation if appropriate
Phase 3 – Make Recommendations and Plan for Production Commons
Make recommendations for a production Commons
o Functions to include
o Implementation strategy
o Roles and responsibilities
o Estimated up front and ongoing costs
o Benefits and risks
o Potential sources of funding
Articulate the benefits of sharing services and of achieving a system that effectively supports sharing of
services.
Model service level agreements
o Develop or find a template or model for a service level agreements (SLA).
o Work toward an SLA for the MnGeo image service.
Report to stakeholder organizations, including participating agencies, MetroGIS Policy Board and the
MN Geospatial Advisory Councils
Report to the MN geospatial community, federal partners, NSGIC and others. They may have valuable
input or assistance.
Propose a project plan for a production Commons
Scope Management Plan
Proposed scope changes will be assessed in terms of impact to project schedule, cost and resource usage. Any
changes to this scope must be documented in a revised version of the project plan. Approval of Project Manager is
required. Any scope changes involving staffing or funding changes also require the approval of the project owners.
C
Budget Overview
Estimated budget for the project by state fiscal year:
Budget Amount: $0
Fiscal Year: 2010
Budget Amount: $0
Fiscal Year: 2011
3
Funded?
Yes
No
Funded?
Yes
No
Minnesota Geospatial Commons – Test Implementation
All staff time, hardware, software and other resources will be contributed in-kind from participating organizations.
A request will be made to MetroGIS to fund staffing for some key project tasks.
Budget Management
Any changes to the budget must be documented in a revised project plan. Approval of Project Manager and Project
Owners is required.
D
Project Team
The following people and organizations are stakeholders in this project and included in the project planning.
Additional project team members are added as needed.
Executive Sponsors: Commit resources & advocate for project
David Arbeit, Minnesota CGIO, MnGeo
Dave Hinrichs, CIO Metropolitan Council
Kathy Hofstedt, CIO Mn/DOT
Robert Maki, CIO Minnesota DNR
Project Owners: Ensure adequate resources are available and track project status
Chris Cialek; MnGeo
Rick Gelbmann, Metropolitan Council
Tim Loesch, Minnesota DNR
Dan Ross, Mn/DOT
Project Manager: Lead the planning and execution of the project, chair workgroup
Mark Kotz, Metropolitan Council
Project Workgroup: Plan and design the Commons, advise Implementation Workgroup
Mark Kotz, Met. Council (Chair)
Bob Basques, St. Paul
Chris Cialek, MnGeo
Jessica Deegan, Met. Council
Jessica Fendos, DEED
Josh Gumm, Scott County
Leslie Kadish, MN Historical Society
Steve Lime, DNR
Charlie McCarty, Mn/DOT
Chris Pouliot, DNR
Nancy Rader, MnGeo
Nancy Read, Metro Mosquito Control District
Dan Ross, Mn/DOT
Hal Watson, DNR
Paul Weinberger, Mn/DOT
Implementation Team: Implement test bed version of ESRI Geoportal Extension
Jessica Deegan, Met. Council (Co-Team Lead)
Jim Dickerson, MnGeo
Josh Gumm, Scott County
John Harrison, Mn/DOT
4
Minnesota Geospatial Commons – Test Implementation
Susanne Maeder, MnGeo
Chris Pouliot, DNR (Co-Team Lead)
Survey Team: Plan and implement a user survey
Jessica Deegan, Met. Council
Chris Pouliot, DNR
Alison Slaats, 1000 Friends of Minnesota
Service Requirements Team: Identify issues related to web services requirements and how they might be
implemented using a broker in the Commons environment
Hal Watson, DNR (Team Lead)
Jessica Fendos, DEED
Susanne Maeder, MnGeo
Matt McGuire, Met. Council
Project Team Management
The project manager coordinates the project tasks assigned to team members. Changes to the project team require
approval of the Project Manager and Project Owner for the affected agency if relevant. Changes will be tracked in
revisions to the project plan.
E
Project Schedule
Key project tasks, responsible groups and estimate hours:
Detailed project schedule is provided below.
Schedule Management
The project Schedule will be posted online and updated as tasks are completed. Any changes to the schedule must
be documented in a revised project schedule. Sign-off from Project Manager is required
5
Minnesota Geospatial Commons – Test Implementation
Project Tasks with Estimated Completion Dates and Total Person Hours Required
Task (time estimates to the right are in total person hours for task)
Preliminary functions defined and prioritized
Workgroup agrees to implement ESRI Geoportal Toolkit as test bed
Approve project charter
Online survey is launched
Create draft project plan
Draft project plan reviewed by workgroup
Research functionality and configuration options
Identify training needs (if any) of implementation group.
Project plan approved by workgroup
Identify a host server
Clarify what comprises comprehensive documentation of a web service
Develop plan for which Commons functions will be implemented in test
Designate how selected geoportal software & components will fit into
existing architecture
Report on survey results to date and comparison with list of functions
Project plan approved by executive sponsors, owners and project manager
Develop a configuration plan
Install and/or configure hardware and firewall connections
Agree on a key characteristics to achieve “trust” in a web service
Install and configure software (including toolkit and underlying software)
Online survey is ended
Compile survey results and compare to functions list
Define roles of Broker (machine & human) and Provider relate to quality
of service & trust
Develop a test plan, test cases, and tracability matrix
Define options for, and recommended functions of broker and how it
interfaces with service provider and the application client
Submit MetroGIS funding proposal if appropriate. Due Sept. 2 nd.
Implement client functions and complete UI/design work. (tasks broken
down by functionality pieces eventually)
Individual agencies contribute resources (e.g. data, services, applications)
to test Commons
Estimated Done
Complete
Date
11/13/09 
02/04/10 
03/15/10 
03/16/10 
03/26/10 
04/08/10 
04/29/10 
05/01/10
05/06/10 
05/07/10 
05/14/10
05/15/10 
05/15/10
05/21/10
05/21/10
06/04/10
06/11/10
06/18/10
06/25/10
06/30/10
07/09/10
07/15/10
07/16/10
08/06/10
09/17/10
09/24/10
Resources
if not full team
Implement Work Service Survey Proj MnGeo Sponsors
group Reqs
Mngr
10
5
8
30
2
1 person
5
1
9
20
4
1 person

2
3
1 person
20
3
1 person
20
9
0
4
12
10
2 people
20
?
15
6
Minnesota Geospatial Commons – Test Implementation
Test implemented functions
Revise any needed implementation pieces
Revise data or service contributions
Test Bed running with real data & services – open for comments
09/24/10
10/01/10
10/07/10
10/11/10
Give presentation about Commons at MN GIS/LIS Consortium Conference
Assess how implemented functions meet workgroup defined needs
Describe what other functionality is needed
Modify implementation if appropriate, based on feedback
Recommend how that functionality might be acquired or created
Recommend whether the ESRI product should be used for a production site
Create draft recommendations for a production Commons
Modify and approve recommendations for a production Commons
Create draft project plan for a productions commons
Modify and approve project plan for a production commons
Report to stakeholder organizations and geospatial community
Model service level agreements
Articulate the benefits of sharing services and a system that supports such
sharing
10/15/10
11/04/10
11/04/10
12/02/10
12/02/10
12/02/10
12/16/10
01/06/11
01/20/11
02/03/11
02/11/11
02/11/11
02/11/11
15
?
6
?
5
10
10
?
?
?
8
?
10
?
?
2 people
8
?
109+
69+
58
16
28
1
3
7
Minnesota Geospatial Commons – Test Implementation
F
Communication Plan
The Geospatial Commons Workgroup will maintain a schedule of monthly meetings. All workgroup members,
subgroup members, project owners and other who have expressed interest are included in the CC list for meeting
agendas and meeting notes. If a particular meeting is not needed, it will be cancelled. The workgroup maintains a
Basecamp web site for collaborative work. This site is accessible only to authorized users. Additional or alternate
workgroup collaborative work sites will be considered if the need arises.
The workgroup chair/project manager will report progress to the following groups at their request:
MetroGIS Coordinating Committee
MetroGIS Policy Board
State Government Geospatial Advisory Council
State Agency Geospatial Advisory Council
Key stakeholder organizations will be kept abreast of the progress of the workgroup through their representatives
on the workgroup.
The workgroup will also maintain a web page under the MnGeo advisory committee site at
http://www.mngeo.state.mn.us/workgroup/commons/index.html. The project schedule will be updated periodically
and posted on this site.
It is expected that workgroup members will provide presentations about the project at various venues. Specifically,
the project will be presented at the Minnesota GIS/LIS Conference in October.
Individual task teams will work closely on a weekly or daily basis while completing specific tasks.
G
Issues Management
As issues arise within the project, each team will determine if the issue is significant enough to report it to the
Project Manager. The Project Manager, in consultation with the Team Lead, will decide if the issue should be
reported to the full Workgroup. If so, the collaborative work site will be used as a place to describe and track
issues. For project work to continue efficiently, it is desirable that most issues be resolved within each team or with
consultation with the Project Manager. Issues may include testing results, unexpected problems, and other items
that impact project completion.
H
Project Plan Documents Summary
All significant electronic project documentation will be posted on the collaborative work site. Teams will
determine when a document is sufficiently complete to post on the site.
8
Minnesota Geospatial Commons – Test Implementation
I
Approval
Below is documentation of confirmation that project sponsors, project owners and project manager have
reviewed the information contained in this document and approve of this as the formal project plan for the
Minnesota Geospatial Commons – Test Implementation project.
To indicate approval, send an email to mark.kotz@metc.state.mn.us stating that that you approve the project plan
for the Commons Test Implementation project.
Executive Sponsors: Commit resources & advocate for project
David Arbeit, Minnesota CGIO, MnGeo
Dave Hinrichs, CIO Metropolitan Council
Kathy Hofstedt, CIO Mn/DOT – Approved by email 5/21/10
Robert Maki, CIO Minnesota DNR – Approved by email 5/25/2010
Project Owners: Ensure adequate resources are available and track project status
Chris Cialek; MnGeo
Rick Gelbmann, Metropolitan Council – Approved by email 5/12/10
Tim Loesch, Minnesota DNR – Approved by email 5/19/10
Dan Ross, Mn/DOT – Approved by email 5/20/10
Project Manager: Lead the planning and execution of the project, chair workgroup
Mark Kotz, Metropolitan Council – Approved 5/10/10
The Project Plan will be approved by the Project Executive Sponsors, Project Owners and Project Manager
Project Changes will be approved by the Project Owners and Project Manager
9
Information Security Communication Plan Template
Use this template to document the communication message and methods your organization will use to communicate the se
roadmap to key stakeholders.
1. Determine the message that needs to be sent out and complete the following columns: Stakeholder, Stakeholder Needs
Message, Impact of Change on Stakeholders, Expected Stakeholder Reaction.
2. Decide on the methods used to deliver the message and complete the following columns: Media, Deliverer/Presenter, P
Mechanism, Responsibility.
mplate
n will use to communicate the security strategy and
Stakeholder, Stakeholder Needs and Concerns,
ns: Media, Deliverer/Presenter, Prepared by, Feedback
5Ws
The goal of this project is to implement a Tufin firewall solution for XYZ Travel Management Company, with a focus on effic
policies across hybrid cloud and physical network environments. The project aims to minimize the risk of misconfigurations
Project audience: CEO, CTO, CIO, IT Director, Cybersecurity Manager, Project Manager, Network Engineers, System Adm
Team members: Project Manager, Network Engineers, System Administrators.
Key stakeholders: CEO, CTO, CIO, IT Director, Cybersecurity Manager
The following channels will be used to facilitate two-way communication:
• Regular team meetings with the IT staff at XYZ Travel Management Company
• Weekly progress reports shared with the IT Director and Network Administrator
• Bi-weekly check-ins with Tufin Sales Representatives and Technical Support
• Dedicated email address for inquiries and feedback from all stakeholders
The success of our communication will be evaluated based on the following criteria:
• Stakeholder engagement and participation in project activities
• Timely and effective response to inquiries and feedback
• Completion of project milestones within the agreed-upon timeline
• Stakeholder satisfaction with project outcomes
Communication Message and Method
Message
Stakeholder
Stakeholder Needs
and Concerns
Message
Successful
implementation of
Tufin firewall will
minimize security
risks and ensure
compliance with
industry regulations.
Impact of Change on
Stakeholders
Improved security and
compliance will
enhance business
continuity and
minimize business
risks.
CEO
Cost, Business
Continuity
IT Director
Tufin firewall will
provide efficient
security policy
management,
automation, and
streamlined visibility
and control over
Improved security and
security policies
compliance will
Security, Technical across hybrid cloud enhance technical
Support, Regulatory and physical network support and minimize
compliance
environments.
security risks.
Cybersecurity
Manager
Project Manager
Network
Administrator
Technical Support
Security, Technical
Support
Tufin firewall will
provide efficient
security policy
management,
automation, and
streamlined visibility
and control over
Improved security and
security policies
compliance will
across hybrid cloud enhance technical
and physical network support and minimize
environments.
security risks.
Project Progress,
Timeline
Regular project
updates and status
reports will be
provided to
stakeholders.
Concerns about
changes to current
firewall policies and
procedures
We will consolidate
the view of firewall
policies to reduce the
risk of
misconfigurations
and non-compliance
with industry
regulations. The
Tufin firewall solution
offers a user-friendly
interface for firewall
security
Improved security and
management.
policy management
Concerns about
resolving technical
issues and meeting
customer
expectations
We appreciate your
ongoing support and
technical expertise.
We will work closely
with your team to
ensure the
successful
implementation of
Successful
the Tufin firewall
implementation and
solution.
customer satisfaction
Successful
implementation of
Tufin firewall within the
specified timeline.
Customers
Implementation of
Tufin firewall solution
to improve security
policy management,
automation, and
control over security
policies. Project aims
to minimize risk of
non-compliance and Improved security and
Ensure data security improve valuable
minimized risk of nonand privacy
skills.
compliance.
Business Partners
Implementation of
Tufin firewall solution
to improve security
policy management,
automation, and
control over security
policies. Project aims
to minimize risk of
non-compliance and Improved security and
Ensure data security improve valuable
minimized risk of nonand privacy
skills.
compliance.
Project Team
Ensure clear
communication and
understanding of
project goals, roles,
and responsibilities
Tufin firewall solution
implementation to
improve security
policy management,
automation, and
control over security
policies. Project aims
to minimize risk of
non-compliance and Improved security and
improve valuable
minimized risk of nonskills.
compliance.
XYZ Travel
Management
Company’s
Employees
Ensure minimal
business disruption
and improved
security posture.
The Tufin firewall
solution
implementation
project aims to
improve security
policy management,
automation, and
visibility across
hybrid cloud and
physical network
environments. We
will work closely with
the IT staff to ensure Improved security
minimal business
posture and better
disruption during the visibility of firewall
implementation.
policies.
l Management Company, with a focus on efficient security policy management, automation, and streamlined visibility and control over securi
aims to minimize the risk of misconfigurations and non-compliance with industry regulations by consolidating the view of firewall policies.
ct Manager, Network Engineers, System Administrators, Employees.
s.
n:
ny
ator
t
wing criteria:
Method
Expected
Stakeholder
Reaction
Positive
Positive
Media
Deliverer/Presenter
Prepared by
Feedback
Mechanism
Email, Meeting
Project Manager,
Cybersecurity
Manager
Project Manager
Email, Weekly
Progress Reports
Email, Meeting
Project Manager,
Cybersecurity
Manager
Project Manager
Email, Weekly
Progress Reports
Positive
Email, Meeting
Network Engineers,
System Administrators Project Manager
CEO, IT Director,
Cybersecurity
Manager, Network
Administrator,
Customer, Technical
Support, Project
Team, Employees
Project Manager
Supportive
Team Meetings, Biweekly Check-ins
Implementation
Specialists
Project Manager
Email, Weekly
Progress Reports
Supportive
Team Meetings, Biweekly Check-ins
Implementation
Specialists
Project Manager
Email, Weekly
Progress Reports
Positive
Email, Meeting
Email, Weekly
Progress Reports
Email, Weekly
Progress Reports
Positive
Website
announcement
Positive
Email
Positive
Weekly team
meetings
Executive
Management
Project Manager
Project Manager
Project Manager
Feedback form,
Email, Weekly
Progress Reports
Project Manager
Feedback form,
Email, Weekly
Progress Reports
Project Manager
Feedback form,
Email, Weekly
Progress Reports
Positive
Email and Progress
Report
IT Staff
Project Manager
Email, Weekly
Progress Reports
bility and control over security
view of firewall policies.
Responsibility
Project Manager
Project Manager
Project Manager
Project Manager
Project Manager
Project Manager
Executive
Management
Project Manager
Project Manager
Project Manager
Information Security Communication Plan Template
Use this template to document the communication message and methods your organization will use to communicate the se
roadmap to key stakeholders.
1. Determine the message that needs to be sent out and complete the following columns: Stakeholder, Stakeholder Needs
Message, Impact of Change on Stakeholders, Expected Stakeholder Reaction.
2. Decide on the methods used to deliver the message and complete the following columns: Media, Deliverer/Presenter, P
Mechanism, Responsibility.
mplate
n will use to communicate the security strategy and
Stakeholder, Stakeholder Needs and Concerns,
ns: Media, Deliverer/Presenter, Prepared by, Feedback
5Ws
The goal of this project is to implement a Tufin firewall solution for XYZ Travel Management Company, with a focus on effic
policies across hybrid cloud and physical network environments. The project aims to minimize the risk of misconfigurations
Project audience: CEO, CTO, CIO, IT Director, Cybersecurity Manager, Project Manager, Network Engineers, System Adm
Team members: Project Manager, Network Engineers, System Administrators.
Key stakeholders: CEO, CTO, CIO, IT Director, Cybersecurity Manager
The following channels will be used to facilitate two-way communication:
• Regular team meetings with the IT staff at XYZ Travel Management Company
• Weekly progress reports shared with the IT Director and Network Administrator
• Bi-weekly check-ins with Tufin Sales Representatives and Technical Support
• Dedicated email address for inquiries and feedback from all stakeholders
The success of our communication will be evaluated based on the following criteria:
• Stakeholder engagement and participation in project activities
• Timely and effective response to inquiries and feedback
• Completion of project milestones within the agreed-upon timeline
• Stakeholder satisfaction with project outcomes
Communication Message and Method
Message
Stakeholder
Stakeholder Needs
and Concerns
Message
Successful
implementation of
Tufin firewall will
minimize security
risks and ensure
compliance with
industry regulations.
Impact of Change on
Stakeholders
Improved security and
compliance will
enhance business
continuity and
minimize business
risks.
CEO
Cost, Business
Continuity
IT Director
Tufin firewall will
provide efficient
security policy
management,
automation, and
streamlined visibility
and control over
Improved security and
security policies
compliance will
Security, Technical across hybrid cloud enhance technical
Support, Regulatory and physical network support and minimize
compliance
environments.
security risks.
Cybersecurity
Manager
Project Manager
Network
Administrator
Technical Support
Security, Technical
Support
Tufin firewall will
provide efficient
security policy
management,
automation, and
streamlined visibility
and control over
Improved security and
security policies
compliance will
across hybrid cloud enhance technical
and physical network support and minimize
environments.
security risks.
Project Progress,
Timeline
Regular project
updates and status
reports will be
provided to
stakeholders.
Concerns about
changes to current
firewall policies and
procedures
We will consolidate
the view of firewall
policies to reduce the
risk of
misconfigurations
and non-compliance
with industry
regulations. The
Tufin firewall solution
offers a user-friendly
interface for firewall
security
Improved security and
management.
policy management
Concerns about
resolving technical
issues and meeting
customer
expectations
We appreciate your
ongoing support and
technical expertise.
We will work closely
with your team to
ensure the
successful
implementation of
Successful
the Tufin firewall
implementation and
solution.
customer satisfaction
Successful
implementation of
Tufin firewall within the
specified timeline.
Customers
Implementation of
Tufin firewall solution
to improve security
policy management,
automation, and
control over security
policies. Project aims
to minimize risk of
non-compliance and Improved security and
Ensure data security improve valuable
minimized risk of nonand privacy
skills.
compliance.
Business Partners
Implementation of
Tufin firewall solution
to improve security
policy management,
automation, and
control over security
policies. Project aims
to minimize risk of
non-compliance and Improved security and
Ensure data security improve valuable
minimized risk of nonand privacy
skills.
compliance.
Project Team
Ensure clear
communication and
understanding of
project goals, roles,
and responsibilities
Tufin firewall solution
implementation to
improve security
policy management,
automation, and
control over security
policies. Project aims
to minimize risk of
non-compliance and Improved security and
improve valuable
minimized risk of nonskills.
compliance.
XYZ Travel
Management
Company’s
Employees
Ensure minimal
business disruption
and improved
security posture.
The Tufin firewall
solution
implementation
project aims to
improve security
policy management,
automation, and
visibility across
hybrid cloud and
physical network
environments. We
will work closely with
the IT staff to ensure Improved security
minimal business
posture and better
disruption during the visibility of firewall
implementation.
policies.
l Management Company, with a focus on efficient security policy management, automation, and streamlined visibility and control over securi
aims to minimize the risk of misconfigurations and non-compliance with industry regulations by consolidating the view of firewall policies.
ct Manager, Network Engineers, System Administrators, Employees.
s.
n:
ny
ator
t
wing criteria:
Method
Expected
Stakeholder
Reaction
Positive
Positive
Media
Deliverer/Presenter
Prepared by
Feedback
Mechanism
Email, Meeting
Project Manager,
Cybersecurity
Manager
Project Manager
Email, Weekly
Progress Reports
Email, Meeting
Project Manager,
Cybersecurity
Manager
Project Manager
Email, Weekly
Progress Reports
Positive
Email, Meeting
Network Engineers,
System Administrators Project Manager
CEO, IT Director,
Cybersecurity
Manager, Network
Administrator,
Customer, Technical
Support, Project
Team, Employees
Project Manager
Supportive
Team Meetings, Biweekly Check-ins
Implementation
Specialists
Project Manager
Email, Weekly
Progress Reports
Supportive
Team Meetings, Biweekly Check-ins
Implementation
Specialists
Project Manager
Email, Weekly
Progress Reports
Positive
Email, Meeting
Email, Weekly
Progress Reports
Email, Weekly
Progress Reports
Positive
Website
announcement
Positive
Email
Positive
Weekly team
meetings
Executive
Management
Project Manager
Project Manager
Project Manager
Feedback form,
Email, Weekly
Progress Reports
Project Manager
Feedback form,
Email, Weekly
Progress Reports
Project Manager
Feedback form,
Email, Weekly
Progress Reports
Positive
Email and Progress
Report
IT Staff
Project Manager
Email, Weekly
Progress Reports
bility and control over security
view of firewall policies.
Responsibility
Project Manager
Project Manager
Project Manager
Project Manager
Project Manager
Project Manager
Executive
Management
Project Manager
Project Manager
Project Manager

Purchase answer to see full
attachment

We offer the bestcustom writing paper services. We have done this question before, we can also do it for you.

Why Choose Us

  • 100% non-plagiarized Papers
  • 24/7 /365 Service Available
  • Affordable Prices
  • Any Paper, Urgency, and Subject
  • Will complete your papers in 6 hours
  • On-time Delivery
  • Money-back and Privacy guarantees
  • Unlimited Amendments upon request
  • Satisfaction guarantee

How it Works

  • Click on the “Place Order” tab at the top menu or “Order Now” icon at the bottom and a new page will appear with an order form to be filled.
  • Fill in your paper’s requirements in the "PAPER DETAILS" section.
  • Fill in your paper’s academic level, deadline, and the required number of pages from the drop-down menus.
  • Click “CREATE ACCOUNT & SIGN IN” to enter your registration details and get an account with us for record-keeping and then, click on “PROCEED TO CHECKOUT” at the bottom of the page.
  • From there, the payment sections will show, follow the guided payment process and your order will be available for our writing team to work on it.