A project is, by definition, a goal-driven activity to be completed by a specific deadline. Although many security professionals dedicate most of their time to daily operational tasks, some of the most valuable contributions they can deliver to a company are in the form of security projects. Such projects may include enterprise-wide security solutions implementations, security reviews or risk assessment.
The success of such an exercise will highly depend on the skills and experience of the individual who manages the project. The reasons for which a security project may fail can be countless, but one of the most common ones is the lack of proper tracking.
Let’s imagine, for a second, that all the necessary planning was done, a charter was signed, and a sponsor fully supports the project. How can the project manager know if everything is going according to the plan?
A simple answer is by tracking the progress. There are several measurable indicators a project manager can keep track of, but a crucial one is the schedule.
Tracking the progress according to a schedule helps to identify possible risks and take timely preventive actions, such assigning more resources to the tasks or undertaking some of the activities in parallel.
Project management was never about tools and software, though they may be very helpful. A sample spreadsheet was developed for project tracking which you can use to track the activities on your project. It was created for infrastructure / application hardening programmes and perfectly fits projects with clearly defined scopes of similar tasks.