Question 1
What is a project plan?
a policy tool
a process used to complete work
a rule
a visio drawing with lines between boxes
Question 2
Select the item that correctly completes this statement: A project manager ____________.
is the person responsible for completing the project
determines how information about a project is shared with the organization
implements policies that govern the organization
approves the resources required to complete a project
Question 3
What is a gap analysis?
a process that eliminates risk that a project will fail
a key factor in determining the lenght of time needed for policy implementation
a process that can be completed without knowing the project objectives
a report created by the project management when the project will cost more than $500,000
Question 4
A communication plan defines _______________________________
the communication requirements of a project and how project information is distributed
who in the organization is allowed to talk to the press about projects
who is responsible for controlling all the information pertaining to a project
who must receive emails about a project
Question 5
A well-designed and executed policy implementation plan __________________
defines the project requirements (time, resources, money)
guarantees successful implementation and execution of a project
establishes the governance polices of the organization
establishes what level of participation is expected from each member of the organization
Question 6
Project planning is required for successful creation and implmentation of policies.
True
False
Question 7
What organization serve practitioners and organizations with standards that describe good practices, globally recognized credentials that certify project management expertise, and resources for professional development, networking and community.
Assocation for Project Managers
Project Management Institute
Project Management Association
Project Management Program
Question 8
What is an industry best practice?
a policy required by the organization to chose technical standards
a standard required for implementation by all federal agencies
a generally accepted standard widely accepted to complete a task
a new solution used a few times to solve a problem
Question 9
The primary objective of industry best practices is to
limit configuration standards
reduce organizational complexity by complying with standards
ensure uniform implmementation of a standard
reduce implementation costs by complying with standards
Question 10
Which of the following are standards organizations?
NIST, ISO, SANS
PMI, SANS, CISCO
ISO, SANS, PMI
COSO, PMI, NIST
Question 11
What are the three main barriers to adoption of a best practice?
limited awareness, insufficent training, lack of security
limited awareness, reluctance to change, insufficient training
reluctance to change, limited awareness, conflicts with policies
insufficient training, unsuccessful resolution to the problem, limited awareness
Question 12
What are steps for policy implementation?
Define Requirements, Obtain Budget, Purchase Technology, Deploy Policies
Define the Security Requirements, Define the Organization, Deploy Policies, and Enforce Policies
Deploy Policies, Train Employees, Establish Performance Metrics, Obtain Budget
Establish Performance Metrics, Deploy Technology, Deploy Policies, Enforce Policies
Question 13
How can a policy implementation plan enable an organization to achieve compliance with requisite information security standards?
The policy implementation plan details how the organization will insert new technology to support the standards
The policy implementation plan offers guidance but does not have to be followed
The policy implementation plan establishes clear objectives for complying with standards
The policy implementation plan, once created, remains static until new standards are released
Question 14
How can industry best practices influence organizational security policies?
Best practices enable organizations to evaluate and manage risk prior to implementation
Best practices offer organizations proven methods of implementing security practices, saving the organization time and money
Best practices are a one-size fit all solution to any security problem
Best practices place a single individual, like the Chief Information Security Officer, in charge of overseeing and enforcing all security practices for the organization.