In the first Bulletin in this two-part series (" Best Practices for Combatting Malicious Software, Part 1," 4 March 2004), I began an examination of the components that must be considered when developing an information security program. In this article, I conclude that discussion.

Recently, one of my clients and I were discussing a project that his team had deployed some time ago. It was a real success story in risk management. The team had skillfully managed the deadline and the scope, using project simulations of where things were heading, and delivered within two weeks of their 90% probability date.

Recently, one of my clients and I were discussing a project that his team had deployed some time ago. It was a real success story in risk management. The team had skillfully managed the deadline and the scope, using project simulations of where things were heading, and delivered within two weeks of their 90% probability date.

Recently, one of my clients and I were discussing a project that his team had deployed some time ago. It was a real success story in risk management. The team had skillfully managed the deadline and the scope, using project simulations of where things were heading, and delivered within two weeks of their 90% probability date.

Here's an interesting finding based on the results of a Cutter survey (conducted last September), which asked 127 end-user organizations of various sizes located worldwide questions designed to measure the adoption and use of enterprise information portals (EIPs) in conjunction with other information technologies and business strategies.

"When you lose a person's future, you lose the person."

"When you lose a person's future, you lose the person."

"When you lose a person's future, you lose the person."

"When you lose a person's future, you lose the person."

"When you lose a person's future, you lose the person."