Learn how to perform project management according to international standards of compliance using capability assessment processes. This book compares and contrasts the approach to project management using ISO 21500 against the more direct ISO 33000 Capability Assessment. It shows how to assess projects adequately for process improvement or how well an organization performs against a standard, measurable framework. Using ISO 21500 as the project management reference point and ISO 15504/33000 as the capability assessment reference, the book shows you how to assess whether your projects are being run according to a specific capability level or support them to reach higher levels of capability.
Table of Contents
Why Should I Buy This Book?
Why Do We Need This Method?
Part I Process Reference Model
Chapter 1 The Standards
Chapter 2 The Process Assessment Model
Chapter 3 The Process Dimension
Chapter 4 The Capability Dimension
Part II Process Assessment Method
Chapter 5 Executing the Assessment—Assessor Guide
Chapter 6 Executing the Assessment—Self-Assessment Guide
Appendix A: Level 1 Output Work Products
Appendix B: Level 2–5 Generic Work Products
Appendix C: Frequently Asked Questions (FAQ)
Appendix D: Terms and Definitions
Appendix E: Acronyms and Initialisms
Appendix F: References
Appendix G: Assessor Guide Checklist
Appendix H: Sample Data Tracking Form
Appendix I: Process Ranking Form
Appendix J: Key Steps in An Assessment
Peter T. Davis, CISM, CGEIT, PMP, PRINCE2 FC, Certified COBIT 5 Assessor, is the principal of Peter Davis+Associates, a management consulting firm specializing in the security, audit and control of information. Prior to founding PDA, Peter’s private sector experience included stints with two large Canadian banks and a manufacturing company. He was formerly a Principal in the Information Systems Audit practice of Ernst & Young. In the public sector, Peter was Director of Information Systems Audit in the Office of the Provincial Auditor (Ontario). A 35-year information systems audit and security veteran, his career includes positions as security administrator, security planner, consultant, and information systems auditor. Peter is the past president and founder of the Toronto chapter for the Information Systems Security Association (ISSA), past recording secretary of ISSA’s International Board and past Computer Security Institute Advisory Committee member. In addition, he was a member of the international committee formed to develop Generally Accepted System Security Principles (GSSP). Peter has written or co-written 12 books including Lean Six Sigma Secrets for the CIO, Wireless Networking for Dummies and Hacking Wireless Networks for Dummies. Peter is listed in the International Who’s Who of Professionals. He is a past editor of EDPACS, a monthly publication for security and audit professionals.
Barry D. Lewis, FICB, has over 45 years of experience in the IT world with over 35 of those years focused on Information Security, Audit and Governance. He is a world renowned public speaker who has delivered seminars across 5 continents. He is subject matter expert on Information Security and IT governance using the COBIT 5 framework. He has been instrumental in the implementation of security programs in banking, utility and other industries. Barry is listed in the International Who’s Who of Entrepreneurs. Mr. Lewis held several distinguished certifications until he retired including CISSP, CISM, CRISC and CGEIT. He remains an FICB (Fellow of the Institute of Canadian Bankers). Mr. Lewis has published numerous articles and co-authored a half dozen books, the last being Wireless Networks for Dummies. He is also one of the developers of the Assessor Guide and Process Assessment Model. This model, based on COBIT 5 provides a basis for organizations to assess their current IT processes for compliance with ISO 15504 Information technology—Process assessment. The assessment model enables assessments by enterprises to support process improvement and to determine current capability levels.