Project Management Capability Assessment

Peter T. Davis, CISM, CGEIT, PMP, PRINCE2 FC, Certified COBIT 5 Assessor, is the principal of Peter Davis+Associates, a management consulting firm specializing in the security, audit and control of information. Prior to founding PDA, Peter’s private sector experience included stints with two large Canadian banks and a manufacturing company. He was formerly a Principal in the Information Systems Audit practice of Ernst & Young. In the public sector, Peter was Director of Information Systems Audit in the Office of the Provincial Auditor (Ontario). A 35-year information systems audit and security veteran, his career includes positions as security administrator, security planner, consultant, and information systems auditor. Peter is the past president and founder of the Toronto chapter for the Information Systems Security Association (ISSA), past recording secretary of ISSA’s International Board and past Computer Security Institute Advisory Committee member. In addition, he was a member of the international committee formed to develop Generally Accepted System Security Principles (GSSP). Peter has written or co-written 12 books including Lean Six Sigma Secrets for the CIO, Wireless Networking for Dummies and Hacking Wireless Networks for Dummies. Peter is listed in the International Who’s Who of Professionals. He is a past editor of EDPACS, a monthly publication for security and audit professionals. Barry D. Lewis, FICB, has over 45 years of experience in the IT world with over 35 of those years focused on Information Security, Audit and Governance. He is a world renowned public speaker who has delivered seminars across 5 continents. He is subject matter expert on Information Security and IT governance using the COBIT 5 framework. He has been instrumental in the implementation of security programs in banking, utility and other industries. Barry is listed in the International Who’s Who of Entrepreneurs. Mr. Lewis held several distinguished certifications until he retired including CISSP, CISM, CRISC and CGEIT. He remains an FICB (Fellow of the Institute of Canadian Bankers). Mr. Lewis has published numerous articles and co-authored a half dozen books, the last being Wireless Networks for Dummies. He is also one of the developers of the Assessor Guide and Process Assessment Model. This model, based on COBIT 5 provides a basis for organizations to assess their current IT processes for compliance with ISO 15504 Information technology—Process assessment. The assessment model enables assessments by enterprises to support process improvement and to determine current capability levels.

Foreword

Acknowledgments

Authors

Reviewer

Why Should I Buy This Book?

Why Do We Need This Method?

Introduction

Part I Process Reference Model

Chapter 1 The Standards

Chapter 2 The Process Assessment Model

Chapter 3 The Process Dimension

Chapter 4 The Capability Dimension

Part II Process Assessment Method

Chapter 5 Executing the Assessment—Assessor Guide

Chapter 6 Executing the Assessment—Self-Assessment Guide

Appendix A: Level 1 Output Work Products

Appendix B: Level 2–5 Generic Work Products

Appendix C: Frequently Asked Questions (FAQ)

Appendix D: Terms and Definitions

Appendix E: Acronyms and Initialisms

Appendix F: References

Appendix G: Assessor Guide Checklist

Appendix H: Sample Data Tracking Form

Appendix I: Process Ranking Form

Appendix J: Key Steps in An Assessment

Index