Project Management Plan for Aramco Insurance Company - Case Study Example

Running head: PMP CRITIQUE OUTLINE PMP Critique Outline Name Institution PMP Critique Outline 1.0 Executive Summary This Project Management Plan (PMP) is a creation of a security system for Aramco Insurance Company to be used in securing its intelligence on the internet. It is expected upon completion to be a typical model of internet security system with the full capacity to monitor internet superhighway traffic. This will then be programmed to sense cases of anomalies that imply unauthorized access to the company’s website (Schwalbe, 2006). Aramco Insurance is an Insurance company that has a lot of highly confidential information about people and organizational, it is therefore imperative to have a system designed to ensure integrity of these intelligence most of which is stored on company’s computers, and some of these intelligence is accessible from the company’s website. For that reason, the system to be designed should put into consideration all the security requirements of the company and maintain the good image of the company. For instance, during the development of the plan, it was assumed that the company already has very well furnished computer laboratories with all the requirements (Schwalbe, 2006). However, in case of any deviation from our assumptions, necessary adjustments shall be made to cater for them and ensure the project runs successfully and meets the already stated objectives. The project is expected to be completed in the next six months from the day of commencement. It is estimated to have a budget of $ 25 000 with all the cost and expenses catered for appropriately. 2.0 Introduction Aramco Insurance, being an insurance company, finds it vital to have its intelligence protected from malicious software and unauthorized persons that may harm its clients as well as its operations. Due to the nature of information handled, it attracts many unscrupulous persons and businesses that may be interested in accessing the information with ill motives. This PMP therefore designs an Intelligence Security System (ISS) that protects data stored on the company’s computers and that which is accessible via the company’s website from hacking as well as destruction by malicious software (Rita, 2003). This will be done mainly to ensure data integrity as much as possible and also safeguard leakage of information that might expose the company to unwanted competition. Other security measures that will be taken will include the installation of CCTV cameras at strategic positions to monitor movement within the organization and curb unauthorised access by great levels. The information stored by the company will be assembled in a centralized system for easier control. Hyper-sensitive measures will be taken including the designing of passwords that would be only accessible to a few people to protect the company’s vital information. In this project, some areas have been developed out of assumptions. This is meant to ensure every stakeholder in this project plays his or her part well and everyone sticks to the objectives of this project (Schwalbe, 2006). It therefore has an advantage of ensuring achievement of the set targets and prevents goal blindness among the parties involved. Through these, video signals will be sent to a limited number of monitors within the organization through which the monitoring can be done. 2.1 Name The project will bear the name ‘Internet Security System for Aramco Insurance Project’ 2.2 Description Internet Security for Aramco Insurance Project requires the development of an interface that will give the company’s chief IT operator access to the whole company intranet and internet connection. This will then provide him with a monitoring device for the flow of data through the networks. It will also create a connection for all the company computers through one server housed in the chief IT head’s office (Christopher, 2003). This will in return increase the company’s efficiency and easier operation and management of information 2.3 Sponsor’s details Name: Gramson Maison Profession: IT Consultant University Drive, Company: Guru Nanak IT Consultants Address: Postal address 019 – 4849 93 Telephone: (03) 382 282 Email: maisongram@gurunanak.co.uk. 2.4 Project Manager and Team Details Title Contact Phone Number Email Sponsor Gramson Maison (03) 3812 2822 maisongram@gurunanak.co.uk Project Management Consultant Dirk Kyut Raymond (03) 5784 7282 kyutmajor20@gurunanak.co.uk Project Management Consultant Millicent Revers (03) 4647 1832 mrevers@gurunanak.co.uk Project Management Consultant David Brown (03) 4546 7786 dbrown10@gurunak.co.uk Project Management Consultant Beatrice Wayne (03) 3213 7644 beatwyne@gurunak.co.uk Project Management Consultant Alice Fernandez (03) 7898 5663 afernandez@gurunak.co.ke 2.5 Deliverables Hardware Six (6) new computers. Twenty (20) surveillance cameras Ten (10) CCTV Security Monitor Network/IP video recorder Documentation Scope document – It gives an overview of the entire project work covered. It will indicate the areas that the document will cover and areas clearly state the limits within which the project is to operate. It will also give a vivid description of the expected outcomes of the project. In addition, it will also elucidate on every matter that concerns and forms part of this project. Project Management Plan – will contain all the details of the project complete with budget and timelines. It will highlight all the activities to be undertaken during the implementation of the project. The project details will give an outline of how each security concern will be taken care of in the project and most probably state the reasons as to why such a measure is important to the security of the company. Solution requirements specification document- It is the document that determines how the documents to be prepared later on are to be like. It describes the requirements of the security operations as well as the specifications for its end products. Solution Design Document – This describes the design of the project, giving the developers the stepwise procedure of approaching the project. It will state and provide a workable outline of the methods to be applied in the installation and implementation of these security measures to ensure strict regulation and control of information. It will also cater for the discrepancies that may arise in the course of implementation and how they can be offset to bring about balance. Research Reports – They give the justification aspect of the report. The information provided will seek to account for the practicality of the designed tools. It will also cover details on the efficiency of the tools designed. It will relate the proposed security system and other already tried methods to justify their effectiveness (Schwalbe, 2006). Risk Management Plan – It discusses and provides an analysis of possible setbacks in the project. It outlines the magnitude to which the threat may rise The most likely chance of the threat to occur The impact of the threat to the project in general Possible prevention measures for the threat Change request documentation – these are documents in which all the change management information the developers come across is recorded. The initial change request is to be found here. In addition, the responses to the same are also recorded. Such may have to include the technical, economic feasibility among others. It goes further to outline the design implementation and evaluation effects which the change causes. As stated earlier, this project has been developed by applying assumptions in some areas which might not turn out to be true during the project implementation. Therefore this section has been designed to give measures to be adopted in the cases where such changes emanate. Test plan – it specifies the various tests that are to be done. Considerations in this case may include; The various tests that are to be done The expected results A full list of individual and the role to be played by each as far as the required tests are concerned A clear list of what each individual will do Team diary and meeting minutes documentation – It gives a full set of records ever since the establishing of the project. This will greatly help in keeping records and make it easier to trace back how the discussion has been progressing thus bringing about clarity of information. User documentation- It guides the user, being it a programmer, new programmer as well as the end user. It is a manual that ensures that whoever is given the obligation of maintaining the project does it as per the specifications and the guidance provided. 2.6 Reference details The reference for the implementation of this PMP will be obtained from a host of sources; primary sources as well as secondary sources. 2.7 Definitions Term Meaning LAN Local Area Network ISS Internet Security System AIC Aramco Insurance Company IP Internet Protocol CCTV Closed Circuit Television PC Personal Computer 3.0 Organization 3.1 Organizational charts This will comprise the charts indicating the structure of the organization both in the AIC as well as the organizational structure of Guru Nanak IT Consultants subcontracted for the project. In addition it will indicate the relationships and relative ranks of the parts and position of the AIC and Guru Nanak IT Consultants. Through it the managers and sub-workers involved in the project development will be clearly defined. 3.2 Project responsibilities Will indicate the responsibilities that will the project will have to achieve. It will clearly outline the project roles as well as a description of their responsibilities in the development of the project. Project Role Description / Responsibilities Project Manager The individual will ensure delivery of the project. He will supervise the coordination of activities to ensure the project implementation is as required. The individual will spearhead the management of the project implementation to ensure the daily operation of the project. The individual is also charged with the development, managerial and supervision work of the project plan and its implementation. Project Business Analyst The individual will have sufficient information and knowledge of the business processes and data in the departments as well as recognizing what may be useful if employed in the business of the organization. The individual will determine the requirements of the project as per the business needs of the organization. Many a times the individual will be required to be involved in testing of data before actual implementation. Through these conflicts relating to users can be resolved. This will eventually result to a user friendly environment. Project Sponsor The individual acts as the intermediary between delivery and ownership of the project. The individual represents the project owner and makes sure the objectives of the project are met. The individual will be in charge of following up the project and ensuring all the resources such as funds and manpower are present when required (Rory & Val, 2006). The individual will also be charged with the responsibility communicating the interest of the organization to the project team. He/she will also be enlisted with the responsibility of directing the project towards the set goals. The individual will also have a task of ensuring high levels of creativity are employed in the project He/she will be required to fully support the project especially as far as top-down approach is concerned The individual is also responsible for resolving issues that may directly affect the project’s progress Project Test Coordinator The individual will determine the users that will take part in the testing process. He/she will also ensure the development of test data, scripts and cases. The individual will also collect the outcomes and present the same to the project manager. Project Steering Committee It is gives the relevant guidance, approvals and decisions that influence the entire development of the project. It will also undertake the resolving of conflicts, challenges as well as providing important questions. It is usually representative of the project owner. Project Owner (Senior Responsible Owner) The individual will see to it that the project is fully operational and that all its stated objectives will have been met. Communication Specialist The individual will have a responsibility to ensure that a communication plan and timeline is developed. He/she will develop the standard templates for status, change and marketing communications (Schwalbe, 2006). The individual will also stand in as the intermediary between the project team and media representatives (Schwalbe, 2006). 4.0 Management and Technical Processes 4.1 Management objectives This will indicate the objectives of the management team in the process of working on the project. They will mainly be aimed at getting the maximum output without necessarily putting in a great deal of effort. They are also to be in line with efficient utilization and management of resources. A lot of reasoning therefore has to be employed to ensure a perfect combination of human, material and financial resources. This leads to overall reduction of costs. Another main objective is to increase the efficiency of factors of production by as large a margin as much as possible. This will be achieved by appropriate utilization of the various factors of production while minimizing any form of wastage hence proper use of time, effort and finances. As a result the project will lead to general growth in the organization. A smooth running of the project will be yet another objective to be achieved. It will be based on proper coordination of the project owner and the roles played by other workers and co-workers involved in the organization. Another major goal of the project will be to ensure the uplifting of and benefit of the society at large. This may be determined by its productivity and employment and management. 4.2 Project Controls This will include the controls in place to manage the project including the assessment and evaluation programs. They are the measures that will be taken to ensure systematic project management and monitoring even as the project advances. Everyone involved in the project will thus access information vital for the completion of the project as per the schedule, which is in good time and according to the laid down budget. Short term objectives for the implementation of the project shall be set and everyone assigned a target to meet within a specified time limit. Evaluation shall include self evaluation and group evaluation to determine whether the objectives and targets are being met or not. If not, the key obstacles to the project success will be assessed and possible remedies arrived at to iron out all the limitations to project implementation. The control will thus be made up of the data control plan; requirements control plan, schedule control plan and budget control plan. The data control plan will outline how the project will manage its data. It will address ideas such as the nature of the data that will be managed, the requirement lists as well as the privacy requirements. It will also address the methods used to collect, retrieve, distribute and store the data. In addition, it shall give a comprehensive structure on how the information shall be handled by the different individuals and the limits of accessibility to the information. The requirements control plan will determine the measures taken to measure control and report the requirements of the project. 4.3 Risk management This will indicate the risks that are foreseeable for the PMP and will give detailed direction of the probable responses in managing foreseen risks. It will involve identifying, assessing and prioritizing these risks. Thereafter, there will be proper application of resources to ensure as minimal risks in the future as possible. The mechanisms involved will include transferring the risks to other parties, minimizing its effects, ignoring the risk or doing away with the risk factors altogether. The mechanism involved will therefore depend on the risk priority, that is, risks that pose greater threats will be handled first while those with lower priorities will be handled later on. The risk priority will also be determined by how likely the risk is to occur. The ways through which this will be conducted will include: Identification, characterization and assessment of the threats Assessment of how particular risks may affect important assets Determination of the risks Identification of how the risks will have to be minimized Prioritization of the measures to curb the risks according to the employed objectives 4.4 Project staffing This section gives the staffing criteria and the technical staff required for the project. For this project to be implemented, we need experts who are competent enough to meet the objectives of this project. It also entails the personnel to be employed by the Company for the maintenance of these information security systems. 4.5 Technical processes 5.0 Work to be done 5.1 Initiation Initial scope meeting with the client- this will involve meeting with the company clients to get their specifications concerning the work to be done. The project team will also take this time to suggest the best alternatives that are efficient and suitable for the client to choose from if at all they suit their requirements (Montgomery, 2003). Devise project requirements- this is undertaken to launch into further investigations on the project requirements in addition to the detailed requirements document. Document and present scope to the client for review- this meant to harmonize the ideas of both the client and the project team together to avoid any deviations. After agreeing with the project team’s proposal, the client is to sign the document to show his or her consent. Scope change management- it involves changing the scope of the project to suit the client’s needs. The risks involved are then analysed and the client required to sign the change documents to before implementation. 5.2 Design Process It involves determining a series of the requirements both hardware and software as follows Determine system requirements- involves determining hardware requirements, peripheral requirements, network components, lab PC requirements, server software requirements and other lab PC and network software requirements (Thomas, 2009) 5.3 Sign off of Design (Milestone) The client has to finally consent to the solutions provided for the project by putting his or her signature to the solution design document and any other relevant document that might be available. 6.0 Development 6.1Purchase hardware and software It involves the purchasing of any software and hardware required for the project after thorough Analysis. 6.1 Develop Network topology Implement all the security policies for the information at this level including the setting of information access Controls and passwords. In addition, the application hosting and any other individual drive specifications need to be implemented at this level. 6.2 Develop functional test environment (MILESTONE) The project team should come up with the most appropriate test conditions necessary for the beginning of the Tests. This takes into account assembling all the required components of the final product in preparation for the onset of the tests. 6.3 Produce user documentation A guiding document should be produced in order to facilitate the conducting of the tests. 6.4 Test solution It involves formulating the testing requirements, testing procedure; conduct the tests, formulating the testing reports, and ensuring they are implemented. The client should then sign the test solution results conducted by the assigned parties. 6.5 Change Request The project team should analyze any change of request and accept or reject if at all the client changes their earlier specifications. The consequences of changing to the new specifications are the assessed to determine whether it will be possible to shift to the new specifications. The client needs to sign any change made before implementation (Andy, 2003). 6.6 Implement solution (MILESTONE) If there are changes in the environmental conditions, they should then be applied at this level followed with the installation of any software requirement. The network is then configured and the security systems put in place. The technical staff of the insurance company will then be trained to equip them with the skills of operating the system (Schwalbe, 2006). 6.7 Final Sign off and Project handover. The project team should provide a document to be signed that authorizes project completion and the subsequent handing over to the company management. This document also validates the conclusion of the project team’s duties. 6.8 Final Client sign off of solution (MILESTONE) The client should accept signing the document authorizing the termination of the project. Conclusion This project plan provides a skeleton representation of what is to be undertaken by this project. It has been developed theoretically hence it is not likely to suitably address the client’s requirement hence subject to alterations (Bryan, 2003 . The project has been theoretically designed basing on assumption in most of the areas involved. After meeting the client and getting exactly the prerequisites of the project is what will make the project workable. It is therefore very important to meet the client and understand his or her expectations for the project so as to come up with the necessary adjustments especially on the budgetary allocations and the work schedule. In addition, the client might not disclose all the required information concerning the entire organisation which may be vital to the successful implementation of the project. Therefore, if these hypotheses emerge out to be in line with the client requirements, the project will then continue as per the schedule. Conversely, if it turns out to be different from the client requirement and the actual situation on the ground, it will then force the project planner to go back to the drawing board and make the necessary adjustments. It is therefore upon the project team to make sure that the company policies and regulations concerning information access are understood together with the other specifications that may be provided by the company (Schwalbe, 2006). Concerning the budget, this project has been designed and estimated to cost approximately $25,000. However, this does give an indication of the actual cost but a rough estimate of the same. The project might turn out to be slightly lower or higher depending on the adjustments made on the initial plan. After the necessary adjustments are made, this project stands a higher chance of successfully reaching completion. 9.0 References Andy, C. (2003). The PMP Exam: How to Pass on Your First Try. LA: project management Institute. Bryan, H. (2003) One-Stop Shop for PMP Certification. Medford, MA USA: Project Management Institute. Christopher, S. (2003). A Guide to the Project Management Body of Knowledge. LA: Project Management Institute. Montgomery, M.P. (2003). PMP certification for Dummies. Lexington, KY USA: Project management institute. Rita, M. (2003). THE PMP Exam: Rita's Course in a Book for Passing the PMP Exam. LA: Project Management Institute. Rory, S., & Val, J. (2006). Project Management: Planning and Control Techniques. London: Oxford University Press. Schwalbe, K. (2006). Information Technology Project Management (4th ed.). Cambridge, Mass.: Thomson/Course Technology. Thomas, G. (2009). How to do your research project. New York: Sage Publications Inc. . Read More