Implementing a Project Security Review Process within the Project Management Methodology

This paper will not discuss the pros and cons of having security policies. The presumption is that your organization is mature enough to have written and deployed security policies already. Instead, the focus will be on how to get greater penetration of these policies within the enterprise, by adding a security review process within the existing project management methodology. By working with the project office, a process can be created that includes the project approval process, assigning a security resource to projects, providing input to the project team, requesting standard deliverables to be met and being involved in project audit reviews. With these measures in place, risk for the organization can be lowered.