fbpx

Reply: Legal requirements such as Sarbanes oxley

Name
E-mail
Your e-mail address will never be displayed on the site.
Subject
Message

Topic History of : Legal requirements such as Sarbanes oxley

Max. showing the last 6 posts - (Last post first)
4 years 9 months ago #17776

Rick Schleicher

Rick Schleicher's Avatar

Thank you Donald for the follow up

The test question came from a boot camp that I attended this week, therefore I am not allowed to share their test questions.

Your rationale for CR is what I would have expected since the SO report was new to the project and implementing the requirements would change the cost, schedule and scope of the project.

Also, TY for the reminder to post the question, I will remember that moving forward

Rick
4 years 9 months ago #17775

Donald Terry

Donald Terry's Avatar

Hi Rick,

First, please post the source of the practice question per forum policy.

We would need to see the practice question verbatim to align on the correct answer. Paraphrasing can lead to a different outcome as changing just a single word can lead to a different correct response. However, based on your question as worded, you should still submit a CR. This is assuming that the implementation of the cybersecurity requirements would require a change to any element of the project management plan including the associated baselines. The reason I hedge on the CR is because it is possible that these requirements were already captured and included in the project management plan in which case no change is necessary. Any change to the project management plan including baselines requires an approved change request to implement even if it is a legal requirement.
4 years 9 months ago #17774

Rick Schleicher

Rick Schleicher's Avatar

Hello all,

Let's say i'm in executing and a SO report comes into the org that says we must implement NIST Cybersecurity requirements.

Question is what should the PM do next? (yes this was a recent sample test question)
1. Tell the team to implement the requirements b/c it's a legal requirement?
2. Submit a change request through the PICC process?

Reason I ask is this, I was told recently that since it's a legal requirement, you don't have a choice but to comply. While I agree with that statement, shouldn't the CCB have say in the matter, since they might choose to deny the CR and terminate the project?

Seems like in the PMI world, you don't do much unless it is either to the plan or approved to change the plan

Am I off base here?
Thanks, Rick

OSP INTERNATIONAL LLC
OSP INTERNATIONAL LLC
Training for Project Management Professional (PMP)®, PMI Agile Certified Practitioner (PMI-ACP)®, and Certified Associate in Project Management (CAPM)®

Login