Clarity

Hi!

Where would you capture info-security compliance rating in a project?

- Business Alignment?

- Risk Rating?

- Somewhere else?

We would like to start using info security rating as a part of our portfolio ranking rules.  We are debating where is a good home for the value.

Hi Toby, there are multiple ways to address this question - so I am going to come at it from a different angle. The 'Business Alignment' subpage is geared around describing how a project sits within the portfolio. I have had multiple discussions with stakeholders trying to drive for this page to be updated by Portfolio Managers (and be read-only by Project Managers), because it should not be up to a PM to describe how their project fits and is ranked in a portfolio.

In some respects the question you are asking around "info-security compliance" rating is not too dissimilar to the OOTB Alignment Factors attributes.

Thanks for the input Christopher.  Did you find making the business alignment subpage read only for Project Managers easy to config?  If it is not too complicated I will ask my stakeholders if that is something they would consider also.  That sounds like a very logical thing to do.

The configuration is simple, it is merely updating the display conditions of the sub-page and selecting the resources and access groups that require permission to see.

The pushback that you will likely receive is from 'Portfolio Managers' who don't want to have to get their hands dirty and update data in PPM. The argument is flawed because they want the PMs to update everything, even elements of the project that PMs should not have the remit to define.