It was a busy week for security and project management tools in the Knowledge Network. Here is a list of the documents uploaded to the Knowledge Network for the week of July 27 - 31, 2009.
This guide is designed to help business leaders implement an effective program to govern IT and information security. The GES Implementation Guide provides a roadmap that describes actions, roles and responsibilities, and documented outcomes that occur at each step in the roadmap.
This guidebook provides a practical approach to what many consider a complex process: the management of projects. The guidebook is designed to simplify the management processes required to manage a project successfully from end to end.
This fact sheet highlights policy considerations that should be kept in mind when forming cell phone take-back legislation.
A Risk Form is a document that is completed by a member of a project to raise with management a new project risk. This document provides a guide on the topics usually included in a Risk Form.
A Risk Management Process is a method by which risks to the project (e.g., to the scope, deliverables, timescales or resources) are formally identified, quantified and managed during the execution of the project. This document provides a guide on the topics usually included in a Risk Management Process.
This document contains numerous recommendations for choosing, configuring and maintaining firewalls.
To help companies make sounder investments and quality business cases, this checklist includes 12 questions to ask of any business case, an investment score to guide your decision, a business case grade to improve your investment process, and 73 best practices for implementation.
A Risk Plan outlines the foreseeable project risks and provides a set of actions to be taken to both prevent the risk from occurring and reduce the impact of the risk should it eventuate. This document provides a guide on the topics usually included in a Risk Plan.
This publication seeks to help both established and newly formed incident response teams. This document assists organizations in establishing computer security incident response capabilities and handling incidents efficiently and effectively.