Program and Project Management Study

Our Forum will conduct public/private sector collaboration to help interested parties create supplemental guidance explaining the role of program and project management relative to the creation and delivery of cyber resilient services.

Program and project management have important roles of helping underpin cyber resilience/security to protect business value. Organizations who are not taking advantage of the two may be putting their organizations at risk.  The following are the initial topics of consideration.  We are open for other useful considerations.

Topics to be addressed could include but are not limited to:

Identify Interdependence of IT service management and program, portfolio, and project management:

  • Come to an understanding of why these practices are not mutually exclusive and how they complement each other.
  • Show what needs to be done to properly integrate and align so program and project management complement each other and increase the service provider’s ability to deliver value.
  • Identify the natural touch points to the Foundation for Public Private Collaboration[1] and where integration must be accomplished.
  • Identify measurable business value.

Elements of successful project management:

  • Clarify the relationship between project management standards such as ISO 21500, bodies of knowledge such as the PMBOK®[2], including methods such as PRINCE2®[3], and the Baldrige Cybersecurity Initiative.

Project management in a ‘bi-modal’ environment:

  • Discuss importance of evaluation mechanisms for choosing between traditional vs. agile project methods, and how these methods can peacefully co-exist.

The Forum will use the broadly accepted Foundation for Public and Private Collaboration as the framework for discussion. The guidance will be a parallel document referencing this body of work to help participants operationalize outcomes.  Best practices and lessons learned will be made available to all interested parties.

A broad audience of subject matter experts have committed to participate including organizations from several critical infrastructure sectors, civilian and defense agencies, state governments and supporting not for profit associations.

The study kickoff meeting planned for the last week of February will clarify the scope and topics covered for this activity.  The Forum is accepting comments for these purposes.

[1] The Foundation for Public Private Collaboration document serves two purposes. The first as a foundation for public and private collaboration, the second as operational guidance. The Global Forum for Advanced Cyber Resilience is the custodian. A copy of the FPPC can be found here.

[2] PMBOK® is a registered trademark of Project Management Institute.

[3] Prince2® is a registered trademark of AXELOS llc.