PMP Practice Questions #98
As the project manager of a rapidly evolving IT project, you face a significant challenge due to frequent team changes. This dynamic situation has raised concerns about the management of access to critical project information. The risk at hand is that outgoing team members might continue to have access to sensitive information, while new team members might experience delays in receiving necessary access. To effectively mitigate this risk associated with the fluctuating access requirements, which of the following strategies would be most appropriate?
A. Develop a robust configuration management plan that includes proactive procedures for updating access rights in alignment with team changes.
B. Create a guideline mandating outgoing team members to report to a designated access manager for revoking their access rights.
C. Conduct configuration audits at key project milestones to ensure access rights are correctly aligned with the current team composition.
D. Implement a policy of updating access rights on a fixed schedule, such as bi-weekly, to manage the changing team composition.
Analysis:
The scenario presents a challenge in a rapidly evolving IT project, where frequent team changes raise concerns about managing access to critical project information. The risk is that outgoing team members may retain access to sensitive data, while new members face delays in gaining necessary access. The goal is to find a strategy that effectively manages these fluctuating access requirements.
Analysis of Options:
Option A: Develop a robust configuration management plan that includes proactive procedures for updating access rights in alignment with team changes. This option involves creating a comprehensive plan tailored to the project’s dynamic environment. It highlights a proactive, preemptive approach in managing access rights, ensuring they remain aligned with the ever-changing team composition. This plan would include clear guidelines for granting and revoking access, regular audits to maintain current access levels, and integration with HR processes for seamless updates corresponding to team changes. This strategy ensures consistent and secure access control throughout the project lifecycle.
Option B: Create a guideline mandating outgoing team members to report to a designated access manager for revoking their access rights. This approach relies on the outgoing members’ compliance and focuses on a reactive method of access management. It may not be as effective due to its dependence on individual actions and delayed response to access changes.
Option C: Conduct configuration audits at key project milestones to ensure access rights are correctly aligned with the current team composition. This method provides periodic checks but is more reactive in nature, potentially falling short in rapidly changing team environments. While audits can identify discrepancies in access rights, they may not prevent them. Furthermore, these necessary audits can be incorporated into the configuration management plan for more comprehensive management.
Option D: Implement a policy of updating access rights on a fixed schedule, such as bi-weekly, to manage the changing team composition. This scheduled approach provides regular updates but may not be flexible enough to immediately address access changes as they occur. It could lead to gaps in access management between scheduled updates.
Conclusion: Option A is the most appropriate choice as it ensures a proactive and comprehensive approach to managing access rights in line with team changes. By developing a robust configuration management plan, the project manager can effectively mitigate the risk associated with fluctuating access requirements, maintaining the integrity and security of project information. This option covers both the proactive planning and the flexibility needed to adapt to a rapidly changing team environment.
PMP Exam Content Outline Mapping
| Domain | Task |
|---|---|
| Process | Task 12: Manage project artifacts |
Topics Covered
- Configuration Management System
- Configuration Management Plan
- Configuration Audit
