SANS LDR525: Managing Security Initiatives and Effective Communication provides the training necessary to maintain the Project Management Professional (PMP)® and other professional credentials. SANS Institute is a PMI® authorized training partner.

This course is focused on delivering bottom line value from security initiatives while following modern adaptive, agile, iterative, and predictive development approaches and leveraging the benefits of increased effective organizational communication. During this class students learn how to improve project planning methodology and project task scheduling to get the most out of critical IT resources. We utilize cyber security project case studies to increase practical understanding of real-world issues. LDR525 follows the basic methodologies and principles from the updated PMBOK® Guide, also providing specific implementation techniques for success. Throughout the 5 sections, all aspects of leading security initiatives – from project business justification analysis, selecting the appropriate development approach that fits your stakeholder and organizational structure using predictive, adaptive, and hybrid implementations tailored to drive value – are covered. We focus on planning for and managing cost, time, quality, and risk while your project is active, to completing, closing, and documenting as your project finishes. A copy of the PMBOK® Guide Seventh edition is provided to all participants. Students can reference the PMBOK® Guide and use course material along with the knowledge gained in class to prepare for the GIAC Certified Project Manager Exam (GCPM) and earn PDUs/CPEs to maintain the Project Management Professional (PMP)® and other professional credentials.

Project management methodologies and frameworks are highlighted that can be applied across any product life cycle, in any industry. Although our primary focus is the application of security initiatives, our approach is transferable to any projects that create and maintain services as well as general product development. We cover in-depth how cost, time, quality, risk, and compliance aspects affect the services we provide to others. We will also address practical human resource management as well as effective communication and conflict resolution. You will learn specific tools to bridge the communications gap between managers and technical staff.

NOTE: PMP® and PMBOK® are registered marks of the Project Management Institute, Inc. PMP® exams are not hosted by SANS. You will need to make separate arrangements to take the PMP® exam and this course is not an official PMP® prep class.

• Improve the effectiveness, efficiency, and success of cybersecurity initiatives
• Develop internal leaders who can relate to and communicate with technical teams, management, and other stakeholders
• Streamline project timelines, costs, and communications
• Present accurate status and forecasting to stakeholders on all projects and initiatives
• Decrease organizational risk while implementing security initiatives and increase return on investment
• Take key cybersecurity professionals to the next level, adding value to your organization

• Understand predictive / waterfall, adaptive / agile development approaches and how they interact with product and project life cycles.
• Learn how to use and implement lean / agile tools, complexity models, root cause analysis
• Recognize the top failure mechanisms related to security projects, so that your projects can avoid common pitfalls
• Create a project charter which increases stakeholder engagement
• Document project requirements and create requirements traceability matrix to track changes throughout the project lifecycle
• Clearly define the scope of a project in terms of cost, schedule, and technical deliverables
• Develop a project schedule, including critical path tasks and milestones
• Cultivate user stories to drive adaptive sprint cycles
• Create accurate project cost and time estimates
• Develop planned and earned value metrics for your project deliverables and automate reporting functions
• Effectively manage conflict situations and build communication skills with your project team
• Analyze project risks in terms of probability and impact, assign triggers and risk response responsibilities
• Create project earned value baselines and project forecasts based on actual performance
• Communicate effectively with stakeholders, technical staff, and management teams
•  

LDR525 uses many types of exercises to enhance and solidify understanding of the material, such as table top exercises involving self-assessments, group and individual discussion, reviewing case studies to implement security remediation initiatives with various development approaches, and following risk identification, assessment, and mitigation through common case-study security initiatives. No computers are needed. Reveiw the summary of activies in each section:

Section 1: Discussion of modern security projects – predictive, adaptive, hybrid development approaches; project business justification analysis; responsibility assignment matrices; acquiring project resources

Section 2: Stakeholder Identification and analysis; issue logs; stakeholder communications channels; understanding project priorities; project charter and requirements development; building negotiating skill sets; team project development; conflict management and resolution

Section 3: Project brief development; process improvement; sprint release planning; cost estimating; estimating resources; project schedule development; critical path method; earned value analysis and schedule forecasting

Section 4: Effective listening; trend analysis; building effective communication skills; make-or-buy analysis; procurement and vendor evaluation criteria; contract types; collecting and documenting requirements; scope planning; work breakdown structure and decomposition steps; project quality planning

Section 5: Defining quality metrics; cost budgeting and earned value; forecasting; understanding stakeholder risk appetite; risk ID; risk analysis; probability and impact analysis; risk response planning

Section 1: Galvanize your understanding of various project methodologies and be able to tailor your approach to meet your organizational needs.

Section 2: Build strong stakeholder communications, improve resource management skills while refining overall team interaction through motivation and dynamic leadership.

Section 3: Learning to operationalize planning techniques, including estimating, staffing, and scheduling, utilizing predictive, adaptive, and hybrid approaches to meet the needs of your organization.

Section 4: Improving knowledge management to drive return on investment with effective communication for strategic initiatives that deliver value throughout the project life cycle.

Section 5: Establishing metrics, baselines, and dashboards to be able to forecast and present information, while analyzing and managing risk throughout cybersecurity initiatives.