Security for the 21st Century and Beyond

A Call To Action

COMMENTARY

By Eddie R. Williams

Contributing Author: Marc Gravez   

New Jersey & Pennsylvania, USA

As organizations and companies address security (which includes cyber security) during and beyond the 21^st century, this article is a call to action for the Project Management Institute (PMI), other project and program management organizations, and companies in various industries.

This call to action, if implemented, would result in all appropriate projects and programs having a security plan.

Keep H. O. P. E. Alive: High Octane (Performing) Program/Project Execution

Gartner continues to emphasize the importance of security and risks:    https://www.gartner.com/smarterwithgartner/gartner-top-7-security-and-risk-trends-for-2019/

Many businesses understand the seriousness of planning and implementing strong security to counter threats, but some may not have met the challenges for the 21^st century and beyond.

Note: I have worked for companies in several industries. Each organization addressed security differently, which is understandable because their needs/requirements vary. One item missing from every project/program was a security plan (document). To some degree, all were addressing security but the planning phase for IT or business transformation projects/programs had no plan dedicated to security.

PMI calls out several plans/documents in the PMBOK such as

• Stakeholder Plan
• Risk (and Issue) Plan
• Communication Plan
• Change Management Plan
•  Other plans

My career started in an environment where lives, safety and security were priorities. For several projects and programs that I successfully managed through close out, the following additional plans were created:

• RACI/RASCI (important for responsibility/accountability)
• Security Plan (allows a project/program to address security at the organization, application/system, infrastructure/network level or all levels)

Security concerns exist because we know it is about securing data/information.

Security is a business and technical concern. It affects not only the technology but impacts business operations. The more computer systems and technology changes through upgrades and innovations the more risks/issues and problems can affect business operations and the bottom line.

Are you security ready? Companies in all industries must be “security ready” now and for the near future and beyond. There must be policies, plans and procedures that address and implement security in companies and industries.

More…

To read entire article, click here

How to cite this article: Williams, E. and Gravez, M. (2020). Security for the 21^st Century and Beyond: A Call for Action; Commentary, PM World Journal, Vol. X, Issue I, January. Available online at https://pmworldlibrary.net/wp-content/uploads/2021/01/pmwj101-Jan2021-Williams-Gravez-security-for-21st-century-call-for-action-3.pdf

About the Authors

Eddie R. Williams

New Jersey, USA

Eddie R. Williams, PMP has over 25 years of experience as a program and project manager for system/software engineering, Information Technology (IT) development and management in aerospace, DOD, commercial IT and other industries such as healthcare, pharmaceutical, insurance, and academia. He has been a Project Manager, Sr. PM, Program Manager, Sr. Program Manager, Integration Manager, and Sr. Program/Portfolio Manager for the creation, development and management of PMOs/EPMOs. He has managed successfully through close out projects and programs for business transformations and systems, applications (including web applications) and infrastructure/networks, communication systems implementations. Mr. Williams has been a certified Project Management Professional (PMP) through the Project Management Institute since 1999. Before becoming a certified project and program manager, he held positions such as Systems and Procedures Analyst (programming and creating system/software specifications), Configuration Management Specialist and Manager, Software Product/Quality Assurance Engineer and Manager, Division Administrator/Manager (development methodologies (Waterfall, Agile, hybrid, etc.), management and control).

He is also a coach/mentor and educator, and been a speaker at numerous conferences, and is the author of Software/Firmware Configuration Management (Within the System Development Process) and Management Control and Quality. In 2014, he provided program management content through the Program Management Academy: Content contribution to the 2014, Wiley publication, “Program Management for Improved Business Results” for University master’s degree programs. Eddie can be contacted at http://www.itprofessionalfacilitator.com.

Marc Gravez

Pennsylvania, USA

Marc Gravez is a customer-focused technical communication professional and technical writer. His passion is creating content that empowers people to learn faster, remember more, and work better, bridging the gap between what users know and technologists think users know. Mr. Gravez has more than 20 years of industry experience, including healthcare IT, telecom, cable, networking, banking, and engineering. He is a Past President of the Society for Technical Communication (STC) Philadelphia Metro Chapter. He can be contacted at marcgravez@gmail.com.