Читать книгу Information Systems Security Engineering A Complete Guide - 2020 Edition - Gerardus Blokdyk - Страница 8

Оглавление

CRITERION #2: DEFINE:

INTENT: Formulate the stakeholder problem. Define the problem, needs and objectives.

In my belief, the answer to this question is clearly defined:

5 Strongly Agree

4 Agree

3 Neutral

2 Disagree

1 Strongly Disagree

1. Is Information systems security engineering currently on schedule according to the plan?

<--- Score

2. Does the scope remain the same?

<--- Score

3. What critical content must be communicated – who, what, when, where, and how?

<--- Score

4. How do you keep key subject matter experts in the loop?

<--- Score

5. When is the estimated completion date?

<--- Score

6. How often are the team meetings?

<--- Score

7. What is in scope?

<--- Score

8. Where can you gather more information?

<--- Score

9. What is the scope?

<--- Score

10. What defines best in class?

<--- Score

11. Has everyone on the team, including the team leaders, been properly trained?

<--- Score

12. Who is gathering Information systems security engineering information?

<--- Score

13. Has a team charter been developed and communicated?

<--- Score

14. What is in the scope and what is not in scope?

<--- Score

15. Has the Information systems security engineering work been fairly and/or equitably divided and delegated among team members who are qualified and capable to perform the work? Has everyone contributed?

<--- Score

16. How do you gather requirements?

<--- Score

17. Are the Information systems security engineering requirements complete?

<--- Score

18. Have all basic functions of Information systems security engineering been defined?

<--- Score

19. When is/was the Information systems security engineering start date?

<--- Score

20. Has a project plan, Gantt chart, or similar been developed/completed?

<--- Score

21. Are required metrics defined, what are they?

<--- Score

22. Are approval levels defined for contracts and supplements to contracts?

<--- Score

23. What are the requirements for audit information?

<--- Score

24. How does the Information systems security engineering manager ensure against scope creep?

<--- Score

25. Are all requirements met?

<--- Score

26. What are the compelling stakeholder reasons for embarking on Information systems security engineering?

<--- Score

27. Are there different segments of customers?

<--- Score

28. Have all of the relationships been defined properly?

<--- Score

29. What system do you use for gathering Information systems security engineering information?

<--- Score

30. Are different versions of process maps needed to account for the different types of inputs?

<--- Score

31. Do you have organizational privacy requirements?

<--- Score

32. How and when will the baselines be defined?

<--- Score

33. What was the context?

<--- Score

34. What Information systems security engineering services do you require?

<--- Score

35. Has the improvement team collected the ‘voice of the customer’ (obtained feedback – qualitative and quantitative)?

<--- Score

36. Is Information systems security engineering required?

<--- Score

37. How would you define Information systems security engineering leadership?

<--- Score

38. What scope do you want your strategy to cover?

<--- Score

39. How do you catch Information systems security engineering definition inconsistencies?

<--- Score

40. What gets examined?

<--- Score

41. Have specific policy objectives been defined?

<--- Score

42. Is there a critical path to deliver Information systems security engineering results?

<--- Score

43. How would you define the culture at your organization, how susceptible is it to Information systems security engineering changes?

<--- Score

44. Is the team adequately staffed with the desired cross-functionality? If not, what additional resources are available to the team?

<--- Score

45. Why are you doing Information systems security engineering and what is the scope?

<--- Score

46. Has the direction changed at all during the course of Information systems security engineering? If so, when did it change and why?

<--- Score

47. What happens if Information systems security engineering’s scope changes?

<--- Score

48. What intelligence can you gather?

<--- Score

49. Is the current ‘as is’ process being followed? If not, what are the discrepancies?

<--- Score

50. What customer feedback methods were used to solicit their input?

<--- Score

51. How do you manage unclear Information systems security engineering requirements?

<--- Score

52. Are resources adequate for the scope?

<--- Score

53. What are the boundaries of the scope? What is in bounds and what is not? What is the start point? What is the stop point?

<--- Score

54. What Information systems security engineering requirements should be gathered?

<--- Score

55. How do you hand over Information systems security engineering context?

<--- Score

56. Have the customer needs been translated into specific, measurable requirements? How?

<--- Score

57. What sources do you use to gather information for a Information systems security engineering study?

<--- Score

58. Has a high-level ‘as is’ process map been completed, verified and validated?

<--- Score

59. Has anyone else (internal or external to the group) attempted to solve this problem or a similar one before? If so, what knowledge can be leveraged from these previous efforts?

<--- Score

60. Do you have a Information systems security engineering success story or case study ready to tell and share?

<--- Score

61. What are the Information systems security engineering use cases?

<--- Score

62. What are the Roles and Responsibilities for each team member and its leadership? Where is this documented?

<--- Score

63. Scope of sensitive information?

<--- Score

64. What specifically is the problem? Where does it occur? When does it occur? What is its extent?

<--- Score

65. Is the Information systems security engineering scope manageable?

<--- Score

66. What is the definition of success?

<--- Score

67. What key stakeholder process output measure(s) does Information systems security engineering leverage and how?

<--- Score

68. Is there regularly 100% attendance at the team meetings? If not, have appointed substitutes attended to preserve cross-functionality and full representation?

<--- Score

69. What is the scope of Information systems security engineering?

<--- Score

70. Has a Information systems security engineering requirement not been met?

<--- Score

71. How do you manage scope?

<--- Score

72. Are audit criteria, scope, frequency and methods defined?

<--- Score

73. What are (control) requirements for Information systems security engineering Information?

<--- Score

74. Who approved the Information systems security engineering scope?

<--- Score

75. Is the work to date meeting requirements?

<--- Score

76. What information should you gather?

<--- Score

77. What is the scope of the Information systems security engineering effort?

<--- Score

78. Is there any additional Information systems security engineering definition of success?

<--- Score

79. How is the team tracking and documenting its work?

<--- Score

80. In what way can you redefine the criteria of choice clients have in your category in your favor?

<--- Score

81. Is scope creep really all bad news?

<--- Score

82. How are consistent Information systems security engineering definitions important?

<--- Score

83. Is special Information systems security engineering user knowledge required?

<--- Score

84. How do you build the right business case?

<--- Score

85. What is out-of-scope initially?

<--- Score

86. What baselines are required to be defined and managed?

<--- Score

87. What is the definition of Information systems security engineering excellence?

<--- Score

88. What scope to assess?

<--- Score

89. How can the value of Information systems security engineering be defined?

<--- Score

90. How will variation in the actual durations of each activity be dealt with to ensure that the expected Information systems security engineering results are met?

<--- Score

91. Are accountability and ownership for Information systems security engineering clearly defined?

<--- Score

92. Is the scope of Information systems security engineering defined?

<--- Score

93. What is the scope of the Information systems security engineering work?

<--- Score

94. How do you manage changes in Information systems security engineering requirements?

<--- Score

95. How have you defined all Information systems security engineering requirements first?

<--- Score

96. How did the Information systems security engineering manager receive input to the development of a Information systems security engineering improvement plan and the estimated completion dates/times of each activity?

<--- Score

97. Are there any constraints known that bear on the ability to perform Information systems security engineering work? How is the team addressing them?

<--- Score

98. How was the ‘as is’ process map developed, reviewed, verified and validated?

<--- Score

99. When are meeting minutes sent out? Who is on the distribution list?

<--- Score

100. What are the core elements of the Information systems security engineering business case?

<--- Score

101. What are the rough order estimates on cost savings/opportunities that Information systems security engineering brings?

<--- Score

102. How will the Information systems security engineering team and the group measure complete success of Information systems security engineering?

<--- Score

103. Are the Information systems security engineering requirements testable?

<--- Score

104. Is the Information systems security engineering scope complete and appropriately sized?

<--- Score

105. Is there a clear Information systems security engineering case definition?

<--- Score

106. What are the record-keeping requirements of Information systems security engineering activities?

<--- Score

107. Does the team have regular meetings?

<--- Score

108. How do you think the partners involved in Information systems security engineering would have defined success?

<--- Score

109. What are the dynamics of the communication plan?

<--- Score

110. What is the worst case scenario?

<--- Score

111. Is the improvement team aware of the different versions of a process: what they think it is vs. what it actually is vs. what it should be vs. what it could be?

<--- Score

112. Is Information systems security engineering linked to key stakeholder goals and objectives?

<--- Score

113. Who are the Information systems security engineering improvement team members, including Management Leads and Coaches?

<--- Score

114. Do the problem and goal statements meet the SMART criteria (specific, measurable, attainable, relevant, and time-bound)?

<--- Score

115. What are the tasks and definitions?

<--- Score

116. What constraints exist that might impact the team?

<--- Score

117. What sort of initial information to gather?

<--- Score

118. Are task requirements clearly defined?

<--- Score

119. What is the context?

<--- Score

120. What would be the goal or target for a Information systems security engineering’s improvement team?

<--- Score

121. If substitutes have been appointed, have they been briefed on the Information systems security engineering goals and received regular communications as to the progress to date?

<--- Score

122. What are the Information systems security engineering tasks and definitions?

<--- Score

123. How do you gather the stories?

<--- Score

124. The political context: who holds power?

<--- Score

125. Who defines (or who defined) the rules and roles?

<--- Score

126. Has your scope been defined?

<--- Score

127. How do you gather Information systems security engineering requirements?

<--- Score

128. Are roles and responsibilities formally defined?

<--- Score

129. Do you all define Information systems security engineering in the same way?

<--- Score

130. Has/have the customer(s) been identified?

<--- Score

131. What is a worst-case scenario for losses?

<--- Score

132. What is out of scope?

<--- Score

133. Will a Information systems security engineering production readiness review be required?

<--- Score

134. What information do you gather?

<--- Score

Add up total points for this section: _____ = Total points for this section

Divided by: ______ (number of statements answered) = ______ Average score for this section

Transfer your score to the Information systems security engineering Index at the beginning of the Self-Assessment.

Information Systems Security Engineering A Complete Guide - 2020 Edition

Подняться наверх