*
1. identify the procedures, systems, structures and roles that need to be changed
2. determine the rationale and priorities for change with appropriate stakeholders
3. develop strategies and plans that set out the way forward
4. design new work processes and procedures to achieve change
5. assess the risks and benefits associated with change and develop contingency arrangements
6. set timescales and prioritise objectives for change
7. monitor, document and communicate progress to all involved
8. identify, assess and deal with issues and barriers to change
9. make sure change is effective and meets the requirements of the client
10. overcome resistance to change within the client organisation
Research and maintain compliance with current legal and regulatory requirements during implementation of security processes
11. obtain current legal and regulatory requirements from relevant sources
12. confirm with appropriate stakeholders their legal and regulatory responsibilities before implementation work starts
13. agree arrangements with appropriate stakeholders for monitoring compliance with legal and regulatory requirements
14. agree arrangements with appropriate stakeholders for monitoring compliance with relevant industry standards
15. identify situations which do not meet legal and regulatory requirements and take appropriate action
16. identify situations which do not meet relevant industry standards and take appropriate action
17. identify any new legal and regulatory requirements which may impact on the project and provide this information to the appropriate persons
18. complete required documentation accurately and within agreed timescale
19. maintain the security and confidentiality of relevant information
Manage the implementation of security processes in accordance with the client's security requirements
20. confirm that people responsible for implementation understand the requirements of relevant specifications before work is started
21. confirm with appropriate stakeholders the responsibilities which individuals have for meeting design requirements and specifications
22. agree with appropriate stakeholders arrangements for monitoring the quality of work and recording the outcomes
23. ensure at agreed intervals that work meets the design requirements and specifications
24. identify work which fails to meet the recommended specifications and agree corrective action
25. inform the client promptly about significant variations from design requirements and specifications, and suggest remedial actions when necessary
26. identify potential improvements and recommend to the client, highlighting benefits of the improvements
27. negotiate and agree amendments to security contract specifications with the client and accurately record relevant details
28. maintain the security and confidentiality of information relevant to the client and their security objectives
Co-ordinate implementation of security processes in accordance with agreed project plans
29. agree arrangements with appropriate stakeholders to monitor and record the progress against agreed project plans
30. identify and determine the implications of any deviations from the project plan
31. agree with the appropriate stakeholders and implement any action necessary to prevent disruption to the implementation of the project plans
32. inform the appropriate stakeholders at agreed intervals about progress, changes to the operational programme or resource needs and suggest any actions that could improve the implementation of security processes
33. complete required documentation accurately and within agreed timescale
34. maintain the security and confidentiality of relevant information
35. manage security requirements in accordance with contractual obligations
Assess the effectiveness of the implementation of the security process *
36. monitor the effectiveness of the implementation of the security processes
37. investigate any deviation from the security process, and agree remedial action with responsible persons or appropriate stakeholders
38. identify potential improvements to security processes and recommend them to the client, emphasising the benefits of the improvements
39. maintain the security of assets whilst implementing new arrangements
40. maintain the security and confidentiality of information relevant to the client and their security objectives