Project Management

I recently participated in a webinar titled Industrial Security in the Real World: Practical Steps, which indirectly discussed how some fundamental tenants of project management were applied to this topic. The presentation was sponsored by Automation World and led by two staff members of Belden. Belden is a company focused on communication, and the webinar concentrated on security and communications equipment in an industrial environment.

The presenters discussed three topics that are the cornerstones of project management practice—stakeholders, definition and change. This led me to consider how project management techniques might apply to the area of security in general, regardless of the chosen technology. Beyond the definition of terms, it is helpful for team members participating in a project to understand some of these fundamental project management concepts and how to incorporate them to make a project successful.

Project managers focus on three elements of a development: budget, utility and schedule, where utility is the functionality incorporated in the project, whether it be a physical security or an IT project. Usually— and some would say at best—a project manager can help a team optimize two of these elements. Engineers appreciate the necessity to make similar trade-offs; for example, an electronic design will have to balance the trade-offs between running at a faster speed and the power consumed to run at that speed.

When looking at the elements of budget, utility and schedule, the tradeoffs are more fluid. While there are a number of reasons for this, it is partly due to the participants or stakeholders on the project.

Unlike the final customer, all stakeholders may not be have daily involvement in a project, but it is important to get all of them to agree on the priority of project goals. This aspect of a project consumes a great deal of energy. It is not uncommon for teams to have divergent and energetic opinions on which elements are most critical. A classic tool that I have recently used to help a project team arrive at consensus is a decision matrix.

What It Is

The decision matrix defines individual requirements to the stakeholders. After the requirements are defined, the stakeholders determine the importance of each element. This is done by assigning a weighting for each element as agreed to by the stakeholders. The weightings are tallied and the result will provide the priorities of the project.

One of the most recent projects I worked on used the decision matrix to help the team define what features were to be created and when they would be tested on a communications module. This empowered the team to set the project priorities and had a direct relationship to the schedule and budget. For those who are not familiar with this technique, I recommend that you go to the ASQ Web site for a description of the process.

The decision matrix should be used at the outset of a project, particularly if there is significant disagreement between the stakeholders. The initial stage of development is critical, for without a well-described definition and proper resourcing—funding and staffing—a project is doomed to struggle at best, or in the worst case, fail completely. One of the most glaring examples of such a situation, with respect to national security, is the fence to prevent illegal immigration from Mexico.

Frequently, a crisis will influence team members to determine the solution before reflecting upon the requirements and constraints of the project. This is a situation where the decision matrix can be useful to quickly determine the importance of each of the requirements. As part of a definition document there should be descriptions of features that have been discussed or eliminated; these should remain in the documentation to let others know the thought process used to gain consensus.

Adjusting to Change

The decision matrix also is useful when the project must adjust to change that will occur during the life of the project. Change is inevitable, and while some change is unexpected, such as the attacks on 9/11, some changes can be anticipated and should be addressed in the definition of a project. A colleague of mine has an expression: “They pay me to put it in; they pay me to take it out; they pay me to put it in again.”

This indicates that some stakeholders will start with optimistic goals for schedule, utility and budgets and will revise those requirements as pressures are applied or conditions change. In the case of the networking security Webinar, the presenters described how to connect the network to allow for expansion in the future as conditions changed. This is another way in which the decision matrix can be used—to think through potential changes that may occur in the future.

While all security projects have their unique requirements and constraints, it is important to recognize that there are common aspects to all projects. Techniques such as decision matrixes will help to define parameters, set goals and determine the impact of change of a project. Analysis provided by the decision matrix can establish the stakeholders’ understanding and set the project’s direction.

This article originally appeared in the June 2013 issue of Security Today.


  • President Biden Issues Executive Order to Bolster U.S Port Cybersecurity

    On Wednesday, President Biden issued an Executive Order to bolster the security of the nation’s ports, alongside a series of additional actions that will strengthen maritime cybersecurity and more Read Now

  • Report: 15 Percent of All Emails Sent in 2023 Were Malicious

    VIPRE Security Group recently released its report titled “Email Security in 2024: An Expert Look at Email-Based Threats”. The 2024 predictions for email security in this report are based on an analysis of over 7 billion emails processed by VIPRE worldwide during 2023. This equates to almost one email for everyone on the planet. Of those, roughly 1 billion (or 15%) were malicious. Read Now

  • ASIS Announces ANSI-Approved Cannabis Security Standard

    ASIS International, a leading authority in security standards and guidelines, proudly announces the release of a pioneering American National Standards Institute (ANSI)-approved standard dedicated to cannabis security. This best-in-class standard, meticulously developed by industry experts, sets a new benchmark by providing comprehensive requirements and guidance for the design, implementation, monitoring, evaluation, and maintenance of a cannabis security program. Read Now

  • ISC West Announces Keynote Lineup

    ISC West, in collaboration with premier sponsor the Security Industry Association (SIA), announced this year’s dynamic trio of speakers that will headline the Keynote Series at ISC West 2024. Read Now

    • Industry Events

Featured Cybersecurity


New Products

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3