With the latest and continued cyber-attacks, analysts, engineers, managers, and executives are scrambling to deploy solutions that will remedy their world, especially if they have an audit right around the corner. However, available resources - whether funding, people, or competing projects - are often the biggest challenges in any company, so don’t worry; you are not alone.
Here are three successful and proven strategies we have used to help our clients prioritize projects.
Auditors Can Either Help or Make Your Life Miserable
Auditors have a very difficult job, especially when they are trying to get information that helps them close out or show progress on open audit issues from technology teams. With that said, technology teams often run the opposite direction when they see an auditor coming their way. Our approach is to embrace the collaboration in order assist the progression of both parties' objectives.
Our approach is simple: help the auditors with the information they need, partner with them, and leverage that relationship to shed more light on critical issues that require additional attention or resources from your executive team. At the end of the day, high risk issues which are in the forefront of the executive team or board will always get funding first.
Not Everyone Speaks Technology
A common challenge and mistake we have seen in project charter and business justification documents is that there are often way too many technical references, terms, and assumed to be known abbreviations and acronyms. Even though most executives and managers are brilliant on what they have historically achieved, they may not be familiar with the latest and ever-changing technical lexicon.
Our suggestion is to keep it simple. You want to avoid having an executive read something that is unclear or raises questions, thereby diminishing your chances of getting funding or priority over other competing projects. A good practice is to create the documents and have one or two people unrelated to the technical field (colleagues, parents, 5th graders...you get our point) read and attempt to explain the purpose of the document. This helps you gain a different perspective on your message and possibly improve and/or simplify the language.
Know Your Internal Competition
Competing projects are a norm; executives can’t fund everything, and managers don’t have the resources for every new project that comes across their desks. It’s important to know who else is submitting and what their proposal is seeking to solve. This way your project can be better assessed and positioned. For example, if a peer is submitting a request to fund a project that addresses Role Based Access Controls (RBAC) which happens to solve a high-risk audit issue in your organization, your project proposal must solve something that is an even higher priority.
In most cases, executives and managers are aware of these tactics, and they can anticipate what will be submitted well in advance. The best thing to do is start marketing early on and create a supportive fan base among your colleagues. Aligning with your leadership goals is often the simplest and least restrictive path.
For more information on Advisory Services please email us at hello@defendedge.com