ABSTRACT
There are very real pitfalls to developing an ISA. These pitfalls are discussed in this chapter so that one can anticipate them and follow through with proper analysis of the organization’s environment to provide a smoother implementation. The pitfalls include:
1. lack of project sponsorship and executive management support 2. executive management’s lack of understanding of realistic risk 3. lack of resources 4. impact of mergers and acquisitions on disparate systems 5. independent operations throughout business units 6. discord between mainframe versus distributed computing cultures 7. corporate cultures with the objective to foster trust in the organiza-
tion that contradict an environment requiring more stringent controls
8. Fortune 500 enterprises that have grown from mom-and-pop shop beginnings and do not completely support the constraints conducive to secure operations
9. third party and remote network management 10. the rate of change in technology
Understanding these pitfalls prior to beginning an ISA project will provide the background and knowledge to counter these issues before they manifest themselves into larger problems for the project.
