Exam 10: Implementing Information Security

In systems development, JAD (____________________ development) means getting key representatives of user groups to serve as members of the development process.

An ideal organization fosters resilience to change. _________________________

A(n) ____________________ implementation is the most common conversion strategy and involves a measured rollout of the planned system with a part of the system being brought out and disseminated across an organization before the next piece is implemented.

The ____________________ operations strategy involves running the new system concurrently with the old system.

The optimal time frame for training is usually one to three weeks before the new policies and technologies come online. _________________________

A __________ is usually the best approach to security project implementation.

Tasks or action steps that come after the task at hand are called ____________________.

When an estimate is flawed, as when the number of effort-hours required is underestimated, the plan should be corrected and downstream tasks updated to reflect the change.

During the implementation phase, the organization translates its blueprint for information security into a project ____________________.

The tasks or action steps that come before the specific task at hand are called ____________________.

Planning for the implementation phase of a security project requires the creation of a detailed project plan.

A task or subtask becomes a(n) action step when it can be completed by one individual or skill set and when it includes a single deliverable. _________________________

"Unfreezing" in the Lewin change model involves thawing hard-and-fast habits and established procedures.

A direct ____________________ involves stopping the old system and starting the new one without any overlap.

Technology __________ guides how frequently technical systems are updated, and how technical updates are approved and funded.

The parallel operations strategy works well when an isolated group can serve as a test area, which prevents any problems with the new system dramatically interfering with the performance of the organization as a whole. _________________________

The date for sending the final RFP to vendors is considered a(n) __________, because it signals that all RFP preparation work is complete.

The level of resistance to ____________________ impacts the ease with which an organization is able to implement procedural and managerial changes.

A(n) _____________________ is a completed document or program module that can either serve as the beginning point for a later task or become an element in the finished project.

The __________ layer of the bull's-eye model receives attention last.