What are the steps project managers must incorporate to uphold the security, privacy and disaster recovery policies to prevent Companies sensitive and vital corporate Data
Abstract- Security, disasters and privacy are risks to a project and to a project manager. But project managers are trained to deal with risks. These risks are best addressed when the project manager fully understands them. In a nutshell, we can say it's all about protection of vital data and its critical element CIA(confidentiality, integrity, and availability) including the machines and process that use, store, and transmit that data. Security is a risk to project managers for both implementing a project and perhaps the project itself if it is IT or telecom related. In this paper, I will include the data security risks facing a project manager, How to protect the CIA Triad using various security policies, standards, and procedures. And I will try to touch some more information security related aspects like Security Awareness and privacy protection, etc.
Keywords-Project management; Project Manager; Data Security; Privacy; Security Policies; Confidentiality; Security Awareness.
Almost every project generate or use, some form of information and information technology. Mostly, this information needs to be preserved or isolated by some form of security. Security planning and implementation is an integral part of the overall project life cycle which also include many different issues to be considered when planning a project. Whereas finally what is being safeguarded is the data produced by the machines, the information that data is used to create, and in some manner, the conclusions made based upon that vital data.
A security threat is something that jeopardizes any of the CIA Triad (availability, confidentiality, and integrity) of a machine's data. Security flaws and risks emerge from such threats. Solutions and planning to manage such items begins in the very initiation stages of a project's life with the identification of any of these security related flaws, risks, and threats. In parallel with each phase, efforts work towards constantly identifying new threats and reducing the identified security risks through the diligent planning and proper implementation of risk mitigation strategies specifically developed to resolve each unique threat specifically. Security of vital data and associated technology systems must be considered when planning projects, developing applications, implementing systems, or framework etc. So as to be effective and efficient, security must be organized for and embedded into the sys