Ensure that project management methods in used by the organization cover
Information security objectives are included in project objectives
An information security risk assessment is conducted at an early stage of the project to identify necessary controls
Information security is part of all phases of the applied project methodology
Ensure information security implications are addressed and reviewed regularly in all projects