Successfully reported this slideshow.
Project & change
               Risk management
A web based tool for Compliance/Information security team to
      engage ...
Introduction
                                                            Project manager - can create a
             Start...
Process overview
                         Capturing project/change risk management lifecycle

                            ...
Information security project
                 engagement solution overview

      Project                                 ...
The key participants
                                           Information
Programme             Project                 ...
The business process
                         SPMB                                                                 RAF
   ...
The lifecycle
                Project                          Information




                                           ...
System Admin: Account setup




Each account is set up via email and the user will be expected to change their default
pas...
Project list overview




The list shows the number of projects and the activities throughout their lifecycle.
           ...
Project                       Information




                                                                            ...
Project                     Information




                                                                              ...
Project                     Information




                                                                              ...
Project                          Information




                                                                         ...
Project                     Information




                                                                              ...
Project                          Information




                                                                         ...
Project                          Information




                                                                         ...
Project                     Information




                                                                              ...
Project                         Information




                                                                          ...
Project                     Information




                                                                              ...
Project                     Information




                                                                              ...
Project                          Information




                                                                         ...
Project                          Information




                                                                         ...
Project                          Information




                                                                         ...
Project                          Information




                                                                         ...
Project                     Information




                                                                              ...
Project                     Information




                                                                              ...
Project                          Information




                                                                         ...
Project                            Information




                                                                       ...
Project                            Information




                                                                       ...
Contact details
•   Ben Oguntala
•   Ben.oguntala@riesgoriskmanagement.com
•   +44 7812 029 867
•   www.riesgoriskmanageme...
Upcoming SlideShare
Loading in …5
×

Project & Change Risk Management

1,641 views

Published on

This solution is a web based, effective and collaborative solution to project risk management, it allows for an effective business process that allows both the project management team and the risk management team to address project issues as it progresses through its lifecycle.
Project manager - can create a project and manage the progress of his/her project through its milestones and can oversee how all its risks are identified and managed.
Fraud, Risk or Security (compliance) - can interface with the project team and have new projects, changes or business unit ideas assessed for risks and provide resolution.

  • You can get PMBOK 5th edition based complete & 'brain-friendly' PMP exam notes for free on www.PMExamSmartNotes.com. Also, sign up for your free PMP Study Blueprint to fast track your PMP preparation efforts.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Project & Change Risk Management

  1. 1. Project & change Risk management A web based tool for Compliance/Information security team to engage projects and changes to the infrastructure www.riesgoriskmanagement.com By Ben Oguntala Ben.oguntala@riesgoriskmanagement.com www.riesgoriskmanagement.com
  2. 2. Introduction Project manager - can create a Start cycle project and manage the progress of his/her project through its milestones and can oversee how all its risks are identified and managed. Engage Approval project team Fraud, Risk or Security (compliance) - can interface with the project team and have new projects, changes or business unit ideas assessed for risks and provide resolution. Risk Complete This solution is a web based, effective management survey and collaborative solution to project risk management, it allows for an effective business process that allows both the project management team Initial risk and the risk management team to assessment address project issues as it progresses through its lifecycle. www.riesgoriskmanagement.com
  3. 3. Process overview Capturing project/change risk management lifecycle Risk assurance Information security/compliance Forum Fraud Security Risk Risk Project policies Acceptance review form Risk assessment mitigation Engagement Change PCI DSS Risk Suppliers Data security register Business Risk units ISO27001 FSA register Project www.riesgoriskmanagement.com
  4. 4. Information security project engagement solution overview Project Information Risk Project Business management security or assurance manager analyst office compliance forum Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey acceptance Risk review form Risk register Project A simple web based tool that capture changes to your organisation’s framework providing a consolidated platform to manage potential risks to your estate. www.riesgoriskmanagement.com
  5. 5. The key participants Information Programme Project Risk Risk Assurance security or management management Management forum compliance Light touch Project Project Senior FRS survey option (Fast approval management management track) Business Change FRS project Project team impact Risk Register approval allocation assessment Supplier or Project Risk Project BIA business unit Milestone acceptance milestone stakeholders approval Gate approval form Project Risk funding Risk review identification control The web based tool ensures that the key participants are engaged and the business processes ensures a consistent approach to all projects/changes. www.riesgoriskmanagement.com
  6. 6. The business process SPMB RAF Sys admin Programme Project office FRS manager FRS consultant Risk Assurance office forum Assess Project project risk Accept Review System allocation to survey assigned project risk administration Project PM projects register initiation results SPMB Assess Risk (Programme Project cost Upload FRS resource project and acceptance office) users code project allocation carry out form allocation details risk approval FRS assessment Fraud/Risk/Security Update Project risk Handover to Users project management Find risk project resources mitigations RAF management Periodic (Risk Assurance Assign review of the Forum) projects to Raise project risk register Complete Users risk risk in the FRS survey consultant risk register The tool ensures that the business process engages the right units at the right time and ensures that there are no redundant or neglected elements within the operation. www.riesgoriskmanagement.com
  7. 7. The lifecycle Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey The next sets of slides will take you through the lifecycle of the tool demonstrating how each stage is designed to address the objective of risk management and enforcement of compliance. www.riesgoriskmanagement.com
  8. 8. System Admin: Account setup Each account is set up via email and the user will be expected to change their default password upon first login www.riesgoriskmanagement.com
  9. 9. Project list overview The list shows the number of projects and the activities throughout their lifecycle. www.riesgoriskmanagement.com
  10. 10. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Project registration (1) For each project, the Programme team can provide as much details as possible about the www.riesgoriskmanagement.com project.
  11. 11. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Project registration (2) The programme team will be able to see the list of project and the approval dates, this www.riesgoriskmanagement.com provide them with the ability to have corporate governance for the projects.
  12. 12. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Project registration (3): project status The aim of the project status is to allow the users to capture what stage the project is throughout its lifecycle, green indicated passed and red indicates current position. www.riesgoriskmanagement.com
  13. 13. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Project registration (4): project status General project information Project sponsors and dates Project milestones www.riesgoriskmanagement.com
  14. 14. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Project manager allocation (1): Assigning a project manager A project manager is allocated to the www.riesgoriskmanagement.com an alert to the Project manager, project and this triggers creating his account, if new and moving the project to his queue to acknowledge.
  15. 15. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Project manager allocation (2): project acknowledgement www.riesgoriskmanagement.com
  16. 16. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Project manager allocation (3): project list & dashboard Project list displays the number of projects the project manager has been allocated, he can also henceforth add his own projects. For each project there is a dashboard that displays the details of the project as it progresses. www.riesgoriskmanagement.com
  17. 17. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Project manager allocation (4): Project team The project manager is able to add the project team on to the project, these can include the Business analyst, Architect, Test team, developers e.t.c. The aim is to ensure all participants are www.riesgoriskmanagement.com working from a central repository and all information can be communicated centrally.
  18. 18. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Project documentation All team members will be able to provide their relevant information about the project. If the project has a Teamroom where documentations are stored the URL can be added in order to other participants to view. If there are other sites that are related these can be added as central sites as well. If required, documentation may be attached locally. Types of documentations include: PID, BRS, HLD, LLD, test plan and others. www.riesgoriskmanagement.com
  19. 19. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Information security survey(1): overview Each project will complete an information security survey, this survey will provide an initial assessment of the project and automatically score the project. The PM can delegate this task to any member of the project team or can complete it himself or herself. If the Project is scored as low then there is no further engagement required, however if medium or high a business impact assessment will be carried out. www.riesgoriskmanagement.com
  20. 20. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Information security survey(2): Fraud, risk or security survey A series of questions designed to capture the business impact that the project may have. The questions can be customised to fit your particular environment. Once completed, the submit button triggers the automatic assessment. www.riesgoriskmanagement.com
  21. 21. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Information security survey(2): survey result The result shows how the project has been scored and the result against each section. Projects can score: -High -Medium -Low The projects scored medium or high are more likely to have security risks and require an in- depth assessments. www.riesgoriskmanagement.com
  22. 22. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Information security survey(3): project survey result Each project, will have its survey resulted listed against and will be visible to all the participants in the project. Projects that score medium or high will automatically be placed onto the Fraud, Risk or security (compliance) radar for a business impact assessment. www.riesgoriskmanagement.com
  23. 23. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Risk assessment (1): Project allocation to Consultant Fraud, Risk or Security(compliance) team will receive all Medium and High risks. The team manager can assign the project to a Consultant and the project will be listed on the Consultant’s queue. www.riesgoriskmanagement.com
  24. 24. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Risk assessment (2): Invitation of state stakeholders If the Consultant requires to invite other stakeholders or specialists (i.e. Penetration Testers, Legal, PCI DSS QSA, Firewall operations, e.t.c.) or can carry out the operation. www.riesgoriskmanagement.com
  25. 25. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Risk assessment (2): Business Impact Assessment Consultant can create the Business impact assessment for the project by uploading the completed the risk assessment document and also get add the assessment of other www.riesgoriskmanagement.com stakeholders.
  26. 26. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Risk assessment (3): Business Impact Assessment Consultant can upload BIA risk assessment document or add the URL where the BIA is held and set the BIA status. Once completed the project now reflects that the business impact assessment has been carried out orwww.riesgoriskmanagement.com is in progress.
  27. 27. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Risk mitigations(1): project risk registrations New risks for the project can be registered against the project. The risk will include the business impact, likelihood of occurrence, residual risks and risk owner. The risks are stored in the risk register for the Risk assurance forum (Senior managers) to accept, reject, transfer or mitigate. register Risk www.riesgoriskmanagement.com
  28. 28. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Risk mitigations(2): Risk Register The risk register contains the risk register for all the projects and the Risk Assurance Forum can assess each risk and decide on a resolution of the risks. www.riesgoriskmanagement.com
  29. 29. Project Information register Project Project Risk Risk Manager security Risk registration documentation assessment mitigation allocation survey Risk mitigations(3): Risk Register Once the Risks are resolved the project can be moved forward for approval and progressed through the project milestones. www.riesgoriskmanagement.com
  30. 30. Contact details • Ben Oguntala • Ben.oguntala@riesgoriskmanagement.com • +44 7812 029 867 • www.riesgoriskmanagement.com www.riesgoriskmanagement.com

×