Jan 17 2013

Project Planning outline for (ISO 27001) ISMS

Category: ISO 27kDISC @ 11:55 am

The project planning process includes steps to estimate the size of the project, estimate the scope of the effort and resources, assess project risks, and produce an acceptable schedule after negotiating with control owner.

Steps below provide a bullet list of project plan outline phases and action items of ISMS (ISO 27001). This is not the project plan, but rather a description of the project plan, so the detail is high level. However, this document defines the project and requires formal sign-off; therefore, be accurate as possible, any variations may require a formal project change, which adds to schedule and cost.

A generic ISO 27001 project outline includes the following:
Project Initiation, Scope of the Project,Risk Assessment Methodology, Asset Register, Risk Assessment, Risk Treatment Plan, Statement of Applicability relevant to risk, Management approval for the Project outline. These steps are outlined in the figure above.

When an individual is assigned as project manager for a project, their success is determined by the complexity of a given project. Due to lack of necessary skills, sometime project manager are changed during the middle of the project. So what are those necessary skills which will determine the success of the project manager? Below are some of the necessary skills to run a successful ISO 27001 project.

• To posse’s an outstanding communication skills for all the stakeholders involved
• Be highly organized and an effective team leader
• Know how to negotiate between cross functional teams
• Resource oriented, problem solver and understand the relevant infrastructure

Must Read Project Management Books
1. A guide to the Project Management body of Knowledge 5th edition

2. The Concise Prince2

3. 50 Top IT Project Management Challenges

4. Prince 2 2009 manual

Tags: Information Security Management System, ISO/IEC 27001, Project Management, Project manager, Project plan, Project planning, Risk Assessment, Scope (project management)

2 Responses to “Project Planning outline for (ISO 27001) ISMS”

  1. Impact of an Effective Risk Assessment to ISO 27001 says:

    […] Project Planning outline for (ISO 27001) ISMS […]

  2. New Draft ISO27001 and ISO27002 Standards says:

    […] Project Planning outline for (ISO 27001) ISMS […]

Leave a Reply

You must be logged in to post a comment. Login now.