by clicking the arrows at the side of the page, or by using the toolbar.
by clicking anywhere on the page.
by dragging the page around when zoomed in.
by clicking anywhere on the page when zoomed in.
web sites or send emails by clicking on hyperlinks.
Email this page to a friend
Search this issue
Index - jump to page or section
Archive - view past issues
Project Manager : Project Manager June July 2012
I WOULD BEGIN BY ensuring that this talented senior team member has been through ‘project induction training’. New project team members should be required to attend training where IT policy and confidentially is explained and policy documents are distributed. In addition, the business should have a code of conduct and ethics policy for all employees. If, after having already breached their obligation under the IT policy and code of conduct, I would then call a formal meeting, possibly including a HR manager. It’s important to acknowledge the senior team member’s valuable contribution. However, it is as equally important to express management’s concerns about breaching policy as it pertains to confidentiality, and that any breach is considered a serious matter. The team member should be required to re-take induction training. A further breach should be dealt with as a formal written reprimand and, if the behaviour continues, then dismissal. To ensure that the unauthorised release of confidential information does not occur, the following procedures should be endorsed by the project leadership and implemented by the project team: • The project manager should brief the team on the procedures and how to avoid breaches of confidentiality; The project manager is responsible for ensuring that confidentiality procedures are adhered THIS PERSON IS AN accident looking for a place to happen. Regardless of how good they are at their job, basic data security is fundamental to assuring client trust and the reputation and integrity of your business. This person has had two near misses. Agreed enforced protocols are required. There is no point having protocols to manage risks like this if you don’t bother to enforce them and make people accountable. Clearly, you have identified this situation as a risk management issue. You accept that handling any data is a risk. It is likely that from time to time data integrity 30 Project Manager problem solvers Managing a security risk We put a difficult project management problem to tHe eXpertS 1. NEILL BUCK COMPLIANCE, RISK GOVERNANCE, STRATEGy AND INTEGRITy CONSULTANT 2. PAUL HUNT DEVELOPMENT DIRECTOR, DEPARTMENT OF FINANCE & SERVICES protocols will fail – things happen. The consequence is that you look foolish and incompetent, or worse. The client will simply take the work away, not use you again and, of course, tell everyone they know. But there is a personal consequence here. Clearly this has not been made sufficiently clear to the senior team member. They will not follow the rules because they don’t think you think that they are sufficiently important. This is your problem. You need to get their attention. tHinKStocK QYou have a talented senior team member who often takes sensitive information about the project outside of the office (for example, when working from home or on business trips). You fear they may unintentionally cause a breach of confidentiality. to date, they have lost a media storage device and one of their family members accidentally gained access to the data. How do you manage this team member in order to prevent an unintentional leak? What other processes can the project manager put in place to mitigate against the risk of this happening? the client will simPly take the work away
Project Manager April May 2012
Project Manager Aug Sept 2012