Week 1 Plan: Change Manager on a Cybersecurity Project

Monie Thomas
Aug 7
2 min read

🔍 Day 1–2: Understand the Landscape

Objective: Get oriented with the project scope, goals, and stakeholders.

Review project documentation
- Cybersecurity strategy and objectives
- Project charter, timelines, and deliverables
- Risk assessments and compliance requirements
Meet with project sponsor and cybersecurity lead
- Clarify expectations for change management
- Understand technical scope and potential user impact
Identify key stakeholders
- IT teams, business unit leaders, compliance officers
- End-user groups affected by the change

🤝 Day 3–4: Stakeholder Engagement & Impact Analysis

Objective: Begin stakeholder mapping and assess change impacts.

Conduct stakeholder analysis
- Influence, interest, resistance levels
- Communication preferences
Begin change impact assessment
- What processes, tools, or behaviors will change?
- Who will be most affected?
Schedule introductory meetings
- With department heads and team leads
- Gather initial feedback and concerns

🧠 Day 5: Develop Change Strategy Foundations

Objective: Lay the groundwork for the change management strategy.

Draft initial change management approach
- Align with cybersecurity goals and organizational culture
- Consider ADKAR, Kotter, or Prosci frameworks
Outline early communication plan
- Key messages for awareness and urgency
- Channels (email, town halls, intranet, etc.)
Identify quick wins
- Small actions that build trust and momentum
- Examples: security tips campaign, phishing awareness quiz

📌 End-of-Week Deliverables

Stakeholder map and engagement plan
Preliminary change impact assessment
Draft change management strategy outline
Initial communication plan and messaging themes

Would you like a template for the stakeholder map or a sample communication plan next? Or we could dive into Week 2 planning, where training and resistance management start to take shape.

Can you provide a template for the stakeholder map?

Absolutely! Here's a Stakeholder Map Template tailored for a cybersecurity project. This will help you assess influence, interest, and engagement strategies for each stakeholder group.

🗂️ Stakeholder Map Template: Cybersecurity Project

Stakeholder Name	Role/Department	Influence (H/M/L)	Interest (H/M/L)	Impact Level	Current Attitude	Engagement Strategy	Notes
Jane Doe	CIO	High	High	High	Supportive	Active involvement in planning	Key sponsor
IT Security Team	IT	High	High	High	Engaged	Weekly syncs, technical workshops	Core delivery team
Compliance Lead	Legal/Compliance	Medium	High	Medium	Neutral	Monthly updates, policy alignment	Concerned about regulatory risks
HR Director	HR	Medium	Medium	Low	Unaware	Awareness campaign, FAQs	May help with training logistics
Finance Manager	Finance	Low	Low	Low	Resistant	One-on-one briefing, risk framing	Concerned about budget impact
End Users	All departments	Low	Medium	High	Mixed	Email updates, training sessions	Varying levels of tech literacy

🧭 Definitions & Tips

Influence: Ability to affect project decisions or outcomes.
Interest: Level of concern or involvement with the cybersecurity initiative.
Impact Level: Degree to which the stakeholder will be affected by the change.
Current Attitude: Supportive, Neutral, Resistant, Unaware, Engaged.
Engagement Strategy: Tailored approach to inform, involve, or influence the stakeholder.

VIOLA LUPIN