Implementing Software Project Management Strategies

 Imagine that you are employed by an organization that would like to further invest in the development of internal software applications. The organization finds it very costly to maintain vendor built and maintained software apps. It believes that the strategy of developing internal software could provide cost savings in the long run.One of your responsibilities at this organization is to advise upper management on the latest trends and methodologies of software project management strategies. Upper management has asked you to identify and analyze the challenges and issues that the software development teams may experience if they transition to this new strategy. In addition, you are asked to provide your suggestions and solutions to mitigate the challenges and issues. Write a three to five (3-5) page paper in which you:

1. Describe the latest trends of software project management strategies and suggest at least three (3) methodologies of software project management strategies for this project.
2. Select the optimal software project management strategy for this project and provide a rationale. 
3. Select three (3) typical constraints that may exist while managing and leading software projects within this organization. Analyze why the determination and clarification of these constraints is essential within the planning phases of the project. Note: Please refer to Table 1.1 in Chapter 1 of the text for information on typical constraints on software projects.
4. Analyze the relationship between the organizational structure and a project manager’s level of authority and responsibility. 
5. Suggest how a typical software engineering team could be staffed and describe each team member’s role. Determine the skills that are required for each team member for the success of the software project development.
6. Select two (2) software project management frameworks as options for software development. Discuss how each framework provides an opportunity for efficient project resource management. Use examples to justify your answer. 
7. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

• Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
• Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

Based on your reading and on additional research on line, what are the major components of an IT or cyber security policy?  If you work for a company are you aware of what the policy is for the company?  Please describe it and if it corresponds to the reading or your research.

If you have not or are not working in industry, pick either the school, a bank you do business with or other company whose policy you can view and evaluate it. 

Write a 2 to 3 paragraph synopsis of what you found and your analysis.  It must be less than one page. This will be 8 of the 10 points.

Once submitted, comment on at least one other student’s post.  Saying “I agree” or “Nice post” is not adequate. Be sure to say why you agree or disagree with what they wrote.

 “Routing Protocols.” Please respond to the following:
 

• Compare and contrast classless with classful routing. Support and cite your response with real-world examples.

 Access Control.

Access control is a procedure that is incorporated into an organization’s information technology environment. The system identify and regulate the authorization process to gaining control of software, control policies, auditing and enforcement of a given command. Access control (AC) is the selective constraint of access to a place or other resource in the field of physical security and information security. This controls how the system interacts or communicates with other resources or systems.

There is various type of access control system and they differ based on their purpose and they include mandatory access control which is security model in which access rights are controlled by a central authority based on numerous levels of security (Levergood et al, 1998). Discretionary access control is access control technique in which owners or overseers of the secured system, statistics or resource set the strategies outlining who or what is authorized to access the resource.

Some of the factor that influences the selection of the access control system includes need or purpose of the company. Security or purpose is one of the fundamental aspects that any organization requires in order to remain competitive. Therefore, the given purpose that the access system offer determines the selection for instance for prevention you will select preventive access control (Sandhu et al, 1996). Cost of the access control system is another aspect that can determine the selection process where a less expensive platform can be considered over an expensive one. Flexibility is the other aspect where the access control system needs to be flexible integrating with other systems. The ease of use is another factor that can determine the selection of the access control system in the sense that the owner needs something easy to control and use. The operation of the business or traffic of people using a given system can determine the selection process in the sense that a high traffic or busy system will require more sophisticated access control systems.

Download the Cloud Security Alliance (CSA) Cloud Controls Matrix spreadsheet. (A quick Internet search should give you the address of the most current version for download.) Under the “Scope Applicability” heading, select a category that is applicable to the organization for which you work. For example, if your organization handle personal medical data and uses the COBIT framework, you could choose either COBIT or HIPAA/HITECH. Once you select a category, choose  row from “Control Domain” (that no other student has already selected!) Then, create a new thread in this week’s discussion with the title from column B (i.e. CCM V3.0 Control ID.) Explain the control domain, how it maps to your chosen scope, and specifically what your organization does to implement the stated control.

If you don’t know which scope applies to your organization, just use the University of the Cumberlands (UC) as your organization. As a university, we are under the domain of FERPA, So, is you choose UC, you would need to choose a Control Domain and explain how it maps to FERPA, and how UC implements the controls.

So, here’s an example. Let’s suppose I work for a large on-line retailer. We handle payment cards and are therefore under PCI DSS requirements. I’ll select BCR-03 control ID (Business Continuity Planning.) So I would create a new thread in this week’s discussion with the title “BCR-03.” Then I’d explain what BCR-03 is, what it maps to in PCI DSS (4.1, 4.1.1, 9.1, 9.2), and then I’d explain what my organization does to comply with this control requirement.

below is sample work

Assignment 2

Organization: University of Cumberland’s (UC)

Control domain: DSC-07

FERPA -99.31.a.1.ii

Security is that the crucial parameter for the academic agency or organization. The management domain our institute are victimization was DCS-07(Distributed Control System).We will be discussing regarding knowledge Center MI space Authorization was engineered for our organization. And what institute will so as to accommodates with the management instrumentation.

The Family instructional Rights and Privacy Act (FERPA) could be a federal law that affords oldsters the correct to own access to their children’s education records, the correct to hunt to own the records amended, and therefore the right to own some management over the revelation of in person recognizable data from the education records. once a student turns eighteen years recent, or enters a postsecondary establishment at any age, the rights beneath FERPA transfer from the fogeys to the coed (“eligible student”).

Our educational establishment maps to FERPA -99.31.a.1.ii that states that organization should use cheap strategies to confirm that faculty officers acquire access to solely those education records during which they need legitimate instructional interests. An academic agency or establishment that doesn’t use physical or technological access controls should make sure that its body policy for dominant access to education records is effective which it remains in compliance with the legitimate educational interest demand.

In Order to go with the info security standards of our organization it ought to have the set of policies, precautions and practices adopted to avoid unauthorized access and manipulation of an information center’s resource, the licensed access list ought to be restricted coextensive to the restrictions the organization places on root level server access and Access ought to be restricted to those people and want to support the environmental and network infrastructure. Maintaining standalone or freelance systems provide you with additional management, however raise the complexities of tasks, However, some audit standards mandate this level of management.

References

Links:  https://searchdatacenter.techtarget.com/feature/How-do-I-implement-an-access-control-system-in-the-data-center