Скачать книгу

How do you build the right business case?

      <--- Score

      7. When is/was the Threat and risk assessment start date?

      <--- Score

      8. Is the Threat and risk assessment scope complete and appropriately sized?

      <--- Score

      9. What are (control) requirements for Threat and risk assessment Information?

      <--- Score

      10. What scope do you want your strategy to cover?

      <--- Score

      11. Have the customer needs been translated into specific, measurable requirements? How?

      <--- Score

      12. What is a worst-case scenario for losses?

      <--- Score

      13. In what way can you redefine the criteria of choice clients have in your category in your favor?

      <--- Score

      14. Are different versions of process maps needed to account for the different types of inputs?

      <--- Score

      15. Scope of sensitive information?

      <--- Score

      16. What is out of scope?

      <--- Score

      17. How do you manage unclear Threat and risk assessment requirements?

      <--- Score

      18. Are task requirements clearly defined?

      <--- Score

      19. What sources do you use to gather information for a Threat and risk assessment study?

      <--- Score

      20. Is there any additional Threat and risk assessment definition of success?

      <--- Score

      21. Is the team adequately staffed with the desired cross-functionality? If not, what additional resources are available to the team?

      <--- Score

      22. When are meeting minutes sent out? Who is on the distribution list?

      <--- Score

      23. Who is gathering Threat and risk assessment information?

      <--- Score

      24. How do you manage changes in Threat and risk assessment requirements?

      <--- Score

      25. Is special Threat and risk assessment user knowledge required?

      <--- Score

      26. Is data collected and displayed to better understand customer(s) critical needs and requirements.

      <--- Score

      27. Are the Threat and risk assessment requirements complete?

      <--- Score

      28. Are all requirements met?

      <--- Score

      29. What happens if Threat and risk assessment’s scope changes?

      <--- Score

      30. What critical content must be communicated – who, what, when, where, and how?

      <--- Score

      31. What are the Threat and risk assessment tasks and definitions?

      <--- Score

      32. What is the context?

      <--- Score

      33. Is there a Threat and risk assessment management charter, including stakeholder case, problem and goal statements, scope, milestones, roles and responsibilities, communication plan?

      <--- Score

      34. What are the boundaries of the scope? What is in bounds and what is not? What is the start point? What is the stop point?

      <--- Score

      35. What are the core elements of the Threat and risk assessment business case?

      <--- Score

      36. Are the Threat and risk assessment requirements testable?

      <--- Score

      37. Is the work to date meeting requirements?

      <--- Score

      38. Do the problem and goal statements meet the SMART criteria (specific, measurable, attainable, relevant, and time-bound)?

      <--- Score

      39. Is there a completed SIPOC representation, describing the Suppliers, Inputs, Process, Outputs, and Customers?

      <--- Score

      40. Has the direction changed at all during the course of Threat and risk assessment? If so, when did it change and why?

      <--- Score

      41. Is Threat and risk assessment linked to key stakeholder goals and objectives?

      <--- Score

      42. What information should you gather?

      <--- Score

      43. How would you define the culture at your organization, how susceptible is it to Threat and risk assessment changes?

      <--- Score

      44. Has a project plan, Gantt chart, or similar been developed/completed?

      <--- Score

      45. What Threat and risk assessment requirements should be gathered?

      <--- Score

      46. How are consistent Threat and risk assessment definitions important?

      <--- Score

      47. Has a high-level ‘as is’ process map been completed, verified and validated?

      <--- Score

      48. What are the Threat and risk assessment use cases?

      <--- Score

      49. Does the team have regular meetings?

      <--- Score

      50. How and when will the baselines be defined?

      <--- Score

      51. Is there a clear Threat and risk assessment case definition?

      <--- Score

      52. What are the Roles and Responsibilities for each team member and its leadership? Where is this documented?

      <--- Score

      53. Why are you doing Threat and risk assessment and what is the scope?

      <--- Score

      54. What are the tasks and definitions?

      <--- Score

      55. Has everyone on the team, including the team leaders, been properly trained?

      <--- Score

      56. What would be the goal or target for a Threat and risk assessment’s improvement team?

      <--- Score

      57. If substitutes have been appointed, have they been briefed on the Threat and risk assessment goals and received regular communications as to the progress to date?

      <--- Score

      58. What are the requirements for audit information?

      <--- Score

      59. Has a team charter been developed and communicated?

      <--- Score

      60. Is there a critical path to deliver

Скачать книгу