networking , security

Sample VLAN Project Charter

March 11, 2010

 

Sample VLAN Project Charter
Implement a Virtual Local Area Network Solution

Project Overview
Business Case
Background and Rationale for the project
As outlined by the gap analysis our internal auditors, our internal network has numerous security weaknesses. In short, once our local area network (LAN) has been accessed, any person with the proper knowledge and intent could gain access to system and data within our corporate environment.
From a SOX, HIPAA or PCI data security perspective, employees, contractors and visitors with access to our network need to be limited so that they cannot access sensitive information unless they have a business need.

Thus to achieve corporate and regulatory requirement and protect the assets Corporeate needs to implement a solution that gives us the ability to secure our information assets. The industry standard way to do this is through the implementation of a Virtual Local Area Network (VLAN). A VLAN solution would allow Corporate to give very specific permissions to each person logged onto our network. These permissions would dictate what he/she has access to. It would allow us to isolate sensitive information to a highly secure environment. It would also allow us to limit the impact of viruses which hit out network.

Balanced Scorecard Strategic Objectives*
To which Strategic Objectives is this project tied directly?

Risk and Regulatory Management

Security Compliance Standards
Which security standards will be fully or partially reached by the end of this project?

 

Project Objectives
Mission Statement for the project

To implement a VLAN solution at international headquarters that allows Corporate to setup parameters for all persons wanting to access our network such that we can (a) allow them to do their job, (b) protect Corporate’s sensitive assets and (c) allow Corporate to become PCI compliant.

Project Customers
Who will receive & approve the Final Deliverable(s)

Customer Needs
The opportunities or problems

• To segregate our servers, users and applications into separate logical networks
• To isolate sensitive information to secured areas accessible only by people have a need to access the information
• To create quarantine areas for persons who attempt to access our network inappropriately
• To enable network and internet services to persons visiting headquarters
• To enable video and real-time conferencing in secured environment

Project Scope

Final Deliverable(s)
The product, service, process or plan that is delivered to the project customer to satisfy their needs and requirements

1. An implemented VLAN solution at International Headquarters 

Customer Requirements
Features and/or characteristics of the Final Deliverable

Specific features beyond those listed in the Customer Needs section above will solidified after the project is in Planning.

Customer Acceptance Criteria
Standards by which the customer will approve the Final Deliverable(s)

• The VLAN solution must be (a) stable, (b) documented and (c) giving appropriate access to all employees and contractors
• The VLAN solution must meet Corporate’s desire to support PCI and ISO compliance
• The VLAN solution must be transitioned to IT SSO such that they can continue on-going support for the network.

Key Stakeholders
Individuals & groups affected by the project

The person hired to oversee Corporate’s security matters
Director of Sponsor Donor Relations
Manager of Income Processing
Director of IT SSO
Other to be determined at a later date

Organizational Deliverables
Deliverables which are a byproduct of the project

Organizational Acceptance Criteria
The standards by which any Organizational Deliverables will be approved

Organizational Goals
Internal goals that the project is responsible for

Scope Risk Limit
The tolerance level for scope risk

Reviews & Approvals Required
Initial list of Final and Organizational Deliverables that require input or go/no-go decisions

None outside the normal processes and procedures

Status Reports Required

Normal reports and status’ will be followed

Predefined Project Resources

Team Assignments

Deadlines

Staff Effort Limit

Spending Limit 

Organizational Constraints

Project Priorities
Rank order prioritization of Scope, Schedule and Cost to guide the team

Least Flexible – Scope
 – Time
Most Flexible – Cost

Project Planning Estimates *
What is being requested with approval of this Charter

Who will pay for this project *
To what cost center(s) will the expenses for this project be charged

Information Technology – Specific cost center to be determined.

What cost center(s) will be used for S/W Development