and risk assessment results?
<--- Score
61. Is Threat and risk assessment required?
<--- Score
62. Are there different segments of customers?
<--- Score
63. Is the current ‘as is’ process being followed? If not, what are the discrepancies?
<--- Score
64. What intelligence can you gather?
<--- Score
65. When is the estimated completion date?
<--- Score
66. How do you gather Threat and risk assessment requirements?
<--- Score
67. How did the Threat and risk assessment manager receive input to the development of a Threat and risk assessment improvement plan and the estimated completion dates/times of each activity?
<--- Score
68. What is out-of-scope initially?
<--- Score
69. How does the Threat and risk assessment manager ensure against scope creep?
<--- Score
70. Are approval levels defined for contracts and supplements to contracts?
<--- Score
71. How have you defined all Threat and risk assessment requirements first?
<--- Score
72. Who defines (or who defined) the rules and roles?
<--- Score
73. What are the rough order estimates on cost savings/opportunities that Threat and risk assessment brings?
<--- Score
74. How will the Threat and risk assessment team and the group measure complete success of Threat and risk assessment?
<--- Score
75. How often are the team meetings?
<--- Score
76. Are there any constraints known that bear on the ability to perform Threat and risk assessment work? How is the team addressing them?
<--- Score
77. What are the record-keeping requirements of Threat and risk assessment activities?
<--- Score
78. How will variation in the actual durations of each activity be dealt with to ensure that the expected Threat and risk assessment results are met?
<--- Score
79. How can the value of Threat and risk assessment be defined?
<--- Score
80. What knowledge or experience is required?
<--- Score
81. What is the scope of the Threat and risk assessment work?
<--- Score
82. What constraints exist that might impact the team?
<--- Score
83. What system do you use for gathering Threat and risk assessment information?
<--- Score
84. What baselines are required to be defined and managed?
<--- Score
85. Who is gathering information?
<--- Score
86. What sort of initial information to gather?
<--- Score
87. What is in the scope and what is not in scope?
<--- Score
88. What is the scope of Threat and risk assessment?
<--- Score
89. What is the definition of success?
<--- Score
90. Is Threat and risk assessment currently on schedule according to the plan?
<--- Score
91. What is the definition of Threat and risk assessment excellence?
<--- Score
92. Has/have the customer(s) been identified?
<--- Score
93. What is in scope?
<--- Score
94. How do you think the partners involved in Threat and risk assessment would have defined success?
<--- Score
95. What key stakeholder process output measure(s) does Threat and risk assessment leverage and how?
<--- Score
96. Have specific policy objectives been defined?
<--- Score
97. Is it clearly defined in and to your organization what you do?
<--- Score
98. How do you hand over Threat and risk assessment context?
<--- Score
99. What information do you gather?
<--- Score
100. How do you keep key subject matter experts in the loop?
<--- Score
101. What is the worst case scenario?
<--- Score
102. How was the ‘as is’ process map developed, reviewed, verified and validated?
<--- Score
103. What are the dynamics of the communication plan?
<--- Score
104. What scope to assess?
<--- Score
105. What customer feedback methods were used to solicit their input?
<--- Score
106. What defines best in class?
<--- Score
107. How is the team tracking and documenting its work?
<--- Score
108. How do you manage scope?
<--- Score
109. How do you gather the stories?
<--- Score
110. Are required metrics defined, what are they?
<--- Score
111. Do you all define Threat and risk assessment in the same way?
<--- Score
112. Will a Threat and risk assessment production readiness review be required?
<--- Score
113. How do you catch Threat and risk assessment definition inconsistencies?
<--- Score
114. Is there regularly 100% attendance at the team meetings? If not, have appointed substitutes attended to preserve cross-functionality and full representation?
<--- Score
115. Is the Threat and risk assessment scope manageable?
<--- Score
116. Is scope creep really all bad news?
<--- Score
117. Has the Threat and risk assessment work been fairly and/or equitably