Vendor Contract For 2015 Pdf Format (.Pdf: Fill & Download for Free

Top 10 Cyber Security breaches of 2015[Image Credit: Logic Works]Data breaches have become a status quo considering how attackers keep finding paths to infiltrate networks and steal confidential information. Last year, we have seen big industry breaches such as Sony, JP Morgan Chase, Target, eBay etc. This year hasn’t changed much. The security industry has seen not just targeted attacks at these organizations but also there is this theme around the nation-state-sponsored hackers because they are generally resourced the best, and their collective motivations run across the spectrum. While the security breach barrage on one end continues, investments are pouring into security technologies on the other end and it’s clearly not enough.Here are the top 10 cyber security breaches of 2015 categorized from least to most compromised records.10. SlackWhen it happened: March 2015No of records compromised: 500,000 email addresses and other personal account data (phone number, Skype ID, etc)Slack’s blog confirmed that Slack’s hashing function is bcrypt with a randomly generated salt per-password. We have seen so many unauthorized database incidents before. Haven’t we? Think about HipChat and Twitch. It was not too long before they experienced similar breach.Lesson Learned: For companies that are still relying on passwords, it’s a blow. Do not just use salting. Invest in technologies and people to prevent hackers getting access to your database in the first place. Overcome the post-breach mindset.9. Hacking TeamWhen it happened: July 2015No of records compromised: 1 million emailsThe Hacking Team develops spy tools for government agencies, including those that can go around traditional anti-virus solutions.This breach published more than 1 million emails from the Italian surveillance company, revealing its involvement with oppressive governments as well as multiple Flash zero-day vulnerabilities and Adobe exploits. As a cyber security professional, this is definitely frightening. A full list of Hacking Team's customers were leaked in the 2015 breach that included mostly military, police, federal and provincial governments.Lesson Learned: Patch your systems and applications. Inventory your systems and applications. This has been extensively covered as part of NIST SP-800-137, SANS CSC and ASD.8. KasperskyWhen it happened: June 2015No of records compromised: Affected multiple customersKaspersky blog reported that “We’ve found that the group behind Duqu 2.0 also spied on several prominent targets, including participants in the international negotiations on Iran’s nuclear program and in the 70th anniversary event of the liberation of Auschwitz”.If you don’t know about Duqu, it’s sometimes referred to as the stepbrother of Stuxnet. One of the most notable features of Duqu 2.0 was its lack of persistence, leaving almost no traces in the system. The malware made no changes to the disk or system settings: the malware platform was designed in such a way that it survives almost exclusively in the memory of infected systems. The technical details about this are published here.Kaspersky’s breach just proves that some of the security-conscious organizations can fall victim to determined hackers.Lessons Learned: Security teams have to adopt this as part of continuous monitoring strategy. Know your network. Train your teams to alert for any suspicious activity on the network. Do not just monitor inbound communications. Be watchful of all the security updates as a general best practice.7. CareFirst BlueCross BlueShieldWhen it happened: May 2015No of records compromised: 1.1 million records1.1 million members had their names, birth dates, email addresses and subscriber information compromised, but member password encryption prevented cybercriminals from gaining access to Social Security numbers, medical claims, employment, credit card and financial data.CareFirst discovered the breach as part of a Mandiant-led security review that found hackers had gained access to a database that members use to get access to the company's website and servicesLesson Learned: Enable DNS query logging to detect hostname lookup for known malicious C2 domains. Detect random string entropy - unknown certificates, file names etc. Disclose and communicate data breaches in a timely manner.6. LastPassWhen it happened: July 2015No of records compromised: 7 million usersThe password management company LastPass revealed that it had been the victim of a cyberattack, compromising email addresses, password reminders, server per user salts and authentication hashes. “LastPass strengthens the authentication hash with a random salt and 100,000 rounds of server-side PBKDF2-SHA256, in addition to the rounds performed client-side. This additional strengthening makes it difficult to attack the stolen hashes with any significant speed”, the company said.Salts are really not useful for preventing dictionary attacks or brute force attacks. One of the drawbacks of the hashing algorithm PBKDF2-SHA256 employed by LastPass is that it was not designed to protect passwords.Lesson Learned: For end users, make sure you rotate master passwords periodically. Also ensure that you have password reminders/recovery questions different for every critical application.5. Premera BlueCross BlueShieldWhen it happened: March 2015No of records compromised: 11.2 million recordsPremera BlueCross BlueShield said in March that it had discovered a breach in January that affected as many as 11.2 million subscribers, as well as some individuals who do business with the company. The breach compromised subscriber data, which includes names, birth dates, Social Security numbers, bank account information, addresses and other information. There were suits filed against Premera for waiting roughly six weeks to tell victims that their data might have been exposed. Pile of lawsuits filed against Premera— for being negligent, breached its contract with customers, violated the Washington Consumer Protection Act and failed to disclose the breach in a timely manner.ThreatConnect blog indicates that the prennera[.]com domain may have been impersonating the Healthcare provider Premera Blue Cross, where the attackers used the same character replacement technique by replacing the “m” with two “n” characters within the faux domain.It definitely looks like suspicious domain, prennera.com which is likely a spoof of Premera, and a malicious payload signed with the same digital certificate as malware from the Anthem hack.Lesson Learned: Enable DNS query logging to detect hostname lookup for known malicious C2 domains. Detect random string entropy - unknown certificates, file names etc. Monitor for overly short certificates, certificates with missing information, etc. Disclose and communicate data breaches in a timely manner.4. Experian/T-MobileWhen it happened: October 2015No of records compromised: 15 million people’s recordsT-Mobile uses Experian to process its credit applications. Experian Plc (EXPN.L), the world's biggest consumer credit monitoring firm disclosed a massive data breach that exposed sensitive personal data of some 15 million people who applied for service with T-Mobile US Inc.Experian explained the details on its Web site:The unauthorized access was in an isolated incident over a limited period of time. It included access to a server that contained personal information for consumers who applied for T-Mobile USA postpaid services or products, which require a credit check, from Sept. 1, 2013 through Sept. 16, 2015.Brian Krebs reported in his blog that the Experian’s Decision Analysis credit information support portal allowed anyone to upload arbitrary file attachments of virtually any file type. Those experts said such file upload capabilities are notoriously easy for attackers to use to inject malicious files into databases and other computing environments, and that having such capability out in the open without at least first requiring users to supply valid username and password credentials is asking for trouble. Experian’s insecurity has dragged T-Mobile into its privacy scandal.Lesson Learned: Bake security assessment as part of acquisition strategy. Also, do not open systems exposed to internet without any form of authentication.3. Office of Personnel ManagementWhen it happened: June 2015No of records compromised: 21-25 million federal workers records (including both breaches)On Sep23, OPM Press Secretary Sam Schumach stated that “Of the 21.5 million individuals whose Social Security Numbers and other sensitive information were impacted by the breach, the subset of individuals whose fingerprints have been stolen has increased from a total of approximately 1.1 million to approximately 5.6 million”.These kind of breaches involving biometric data like fingerprints are unique and particularly concerning because you cannot rotate these unlike passwords. These are permanent identity of those people.A report (PDF) by OPM’s Office of the Inspector General on the agency’s compliance with FISMA finds “significant” deficiencies in the department’s IT security. The report found OPM did not maintain a comprehensive inventory of servers, databases and network devices, nor were auditors able to tell if OPM even had a vulnerability scanning program. The audit also found that multi-factor authentication (the use of a token such as a smart card, along with an access code) was not required to access OPM systems. “We believe that the volume and sensitivity of OPM systems that are operating without an active Authorization represents a material weakness in the internal control structure of the agency’s IT security program,” the report concluded.Lesson Learned: Implement multi-factor authentication for admins accessing sensitive systems, implement continous monitoring strategy. It is important to constantly fine-tune your logs and baseline your environment.2. Ashley MadisonWhen it happened: July 2015No of records compromised: 37 million clientele recordsAshley Madison made headline after a hacking group, the Impact team penetrated its servers and published the information of all 37 million users online.The hackers leaked maps of sensitive information - including internal company servers, employee network account information, company bank account data and salary information. According to security consultant Gabor Szathmari, Ashley Madison may have made things easy for their attackers by writing a variety of credentials directly into their source code -- including database credentials, SSL private keys, Twitter OAuth tokens, and Amazon Web Services credentials.In addition, the database passwords Szathmari found "were between 5 and 8 characters, and many of them contained 2 character classes only.” Aside from hardcoded credentials, Szathmari also noted that the website didn't employ form or email validation to help screen out bots.Lesson learned: Never ever store clear-text sensitive data in your source code, rotate your API tokens and service credentials. Educate software developers about secure coding practices1. AnthemWhen it happened: Feb 2015No of records compromised: 80 million patient and employee recordsThe breach was revealed in February that exposed an astonishing 80 million patient and employee records. Anthem said the breach exposed names, date of birth, Social Security numbers, health-care ID numbers, home addresses, email addresses, employment information, income data and more. The attack would not have been possible if Anthem had ensured that data at rest was securely encrypted and as a result, millions of peoples’ confidential information would not be in the hands of the hackers.Derusbi is a family of malware used by multiple actor groups but associated exclusively with Chinese APT as part of Anthem breach.ThreatConnect blog indicates that the “Sakula” (aka. Sakurel) family of malware, a known variant of the Derusbi backdoor, and was configured to communicate with the malicious command and control (C2) domains extcitrix.we11point[.]com and www.we11point[.]com. They also confirmed that this malicious infrastructure was likely named in such a way to impersonate the legitimate Wellpoint IT infrastructure.Lesson learned: Do not just rely on perimeter security. Use a threat intelligence platform to be able to recognize potential malware activity from multiple threat intelligence sources and act upon. Encrypt data-at rest and ensure that the encryption keys, network access control and identity management all work together to ensure data is secure.In 2016, attacks are only going to get worse and we need to step up our game rather than just relying on tools. More security vendors will be targeted, drones hacked, ERP platforms continuing to be used as conduits to cause real-world physical damage by attacking industrial control systems, more darknets and blackmarkets surge and more nation-sponsored attacks to come.

Snap-on tools? Best in the world.Franchise model? Not so much.Forbes’ Praise of the Snap-On Franchise Draws Fire, DisbeliefOctober 25, 2015When Jim Lager saw that Forbes had named Snap-On Tools #1 on its Top 20 Franchises for the Buck list, he was shocked… then angry.“Snap-On? The top franchise opportunity? You gotta be kidding me!” Lager exclaimed.Jim Lager is one of the top 10 Snap-On Tools franchisees in the world.Despite his financial success, Jim Lager is deeply critical of the Snap-on Tools franchise program and organization.“Forbes made a serious mistake endorsing this deeply flawed franchise,” says Lager.“Unfortunately, Snap-on will use this undeserved ranking to recruit unsuspecting franchisees who will not fully understand what they’re getting into. For some, it will be the worst mistake they ever make.”So how did one of the world’s most respected business publications get it so wrong?In compiling the rankings, the writer made some of the mistakes that lead franchisees into making the wrong decisions.Forbes Mistake #1: Average initial investmentOne of the deadliest mistakes prospective franchisees make is underestimating the investment required. Without enough working capital, says Lager, a Snap-on Tools franchisee will surely fail due to the high cost of inventory and Snap-on financing.The Forbes article states that the average initial investment for the Snap-on Tools franchise is $135,390.“No way,” says Jim Lager, who owns 5 Snap-on Tools franchises. “The truck alone is $91,000. By the time you purchase inventory and incur other expenses, your investment will easily be $250,000.”Snap-on Tools’ own disclosure document confirms Lager’s contention. The Snap-on Tools Franchise Disclosure Document (FDD) states “The total investment necessary to begin operation of a Snap-on Standard Franchise will range from $150,614 to $289,080.”The Forbes Snap-on Tools ranking is based, in part, on an incorrect and misleading investment amount.Forbes Mistake #2: Claim of “0 closures” in past three yearsFranchisors are masters of cloaking their franchise failures in terms like “transfers” or “franchisees having left the system.”Often, one must read between the lines to see how many franchisees exit the system without their investments, good credit scores or peace of mind.The #1 Forbes ranking is based on the notion that Snap-on Tools has had no franchise “closures” in the past 3 years… and the assumption that not a single franchisee has failed.Lager says that’s just not true.“Unlike stores or restaurants, mobile tool routes don’t ‘close’ when they fail,” Lager points out. “When Snap-on franchisees lose their investments and leave the system, the franchisor repackages the route and resells it to someone else. It might not be a ‘closure,’ but it’s certainly a failure.”So how many Snap-on franchisees leave or are “terminated” from the Snap-on franchise system? According to these these reports, (compiled from information gleaned from Snap-on FDDs by research firm Frandata), quite a few:Snap-on Franchisees who “Terminated” in 2009 (pdf)*Snap-on Franchisees who “Terminated” in 2010 (pdf)*In fact, the 3-year total of franchises “reacquired by franchisor” is 835 for the standard franchise and 225 for the “Gateway franchise.*Note the disclaimer on these lists of “terminated” franchisees: In some instances franchisees who have left the Snap-on System have signed agreements with provisions restricting their ability to speak openly about their experience with Snap-on. You may wish to speak with these former franchisees, but be aware that not all franchisees will be able to communicate with you.Forbes Mistake #3: Not understanding Snap-on’s dominance over its franchiseesOne of Lager’s main complaints with the Snap-on franchise is the franchisor’s dictatorial control its Snap-on franchisees. While his industry experience and high sales volume has given him a bit more control, Snap-on controls almost every aspect of the average franchisee’s business, including which customers he can call on, which vendors he can buy from and if and when he can sell his business.As we stated in an earlier post (SNAP-ON TOOLS Why SBA Won’t Guarantee Snap-On Franchise Loans), the Snap-on franchisor maintains such dominance that its franchisees are not eligible for the Small Business Administration’s (SBA) loan guarantee program. The SBA has determined that the Snap-on franchise agreements “impose unacceptable control provisions on a franchisee or potential franchisee.”When it named Snap-on Tools #1, Forbes obviously didn’t take into account that Snap-on Tools has such control over every aspect of the franchisee’s business, the SBA doesn’t even consider Snap-on franchisees business owners.Forbes Mistake #4: Ignoring franchisee lawsuitsJerry Marks, of the NJ-based law firm Marks & Klein, is a franchise attorney who has represented many disgruntled Snap-on Tools franchisees.According to Marks, one of the first places to look when assessing a franchise opportunity is the list of franchise lawsuits disclosed in the franchisor’s FDD.After all, does a favorable ratio of training hours to startup costs really matter if the franchisees are lighting torches and storming the castle?The 2011 FDD lists nearly 40 lawsuits against Snap-on Tools by its franchisees in the last ten years, including a class action lawsuit that was brought by the Marks & Klein firm and was settled in 2006. Marks & Klein and the franchisees prevailed, and that class action suit cost Snap-on Tools a total of $125 million dollars including $38 million in settlement fees, attorney fees and other costs.According to the Snap-on FDD “This complaint set forth various alleged deceptive practices, sought to represent a class for current and former franchisees and independent dealers, sought injunctive relief, and contained counts for alleged violation of RICO, state statutes prohibiting deceptive trade practices, deceptive franchise practices and consumer fraud, common law fraud, breach of contract, breach of fiduciary duty and breach of implied covenant of good faith and fair dealing.”Out of 4000 or so franchise opportunities available today, does this, seriously, sound like the #1 “Franchise for the Buck” ?Forbes’ Biggest mistake: Not consulting franchisees (or UnhappyFranchisee.com)Every guide to buying a franchise stresses the importance of speaking to current and former franchisees. This step is so critical in franchise due diligence, the Federal Trade Commission requires franchisors to list the franchisee names and contact information in their FDDs. Yet the franchise rankings and “top ten” from business publications rarely, if ever, bother to even consult the franchisees of the systems they are praising and endorsing.Unfortunately, the Forbes “Top 20 Franchises for the Buck” list is certainly no exception.We highly doubt that any writer or editor who takes the time to read our Mobile Tool Franchise Guide & Index, and the thousands of franchisee comments, will rank Snap-on Tools or any other tool truck franchise, as #1 on any franchise list.Except, perhaps, the “Top 20 Franchises to Avoid.”

PMBOK 6th Edition has been released on 2017 Q4 and the PMP exam has changed for PMBOK 6th Ed after 26th of March 2018. But what are the changes from the PMBOK 5th edition to PMBOK 6th edition?PMBOK 6th edition Process GroupsThere were 5 process groups in PMBOK 5: Initiating, Planning, Executing, Monitoring & Controlling and Closing. These 5 process groups will remain same in PMBOK 6th edition as well. There is essentially the same framework in PMBOK 6th edition too. A few additions in the number of processes and streamlining of processes to reflect current practices has been the focus of change to PMBOK 6th edition from the PMBOK 5th edition.What is different in PMBOK 6?In PMBOK 6th edition, the processes are organized around the process groups. Since processes are more relevant to the process group as compared to a knowledge area, PMBOK 6th edition has organized processes by process groups. As already mentioned, PMI listens to the practitioners and hence brought about this change in PMBOK 6th edition.Change #1: Changes in total chapters in PMBOK 6th editionWe had a total of 13 chapters in PMBOK 5th edition. Chapter 1-3 was to give you an overall picture of project management framework and the role and skills of a project manager. It covered the concepts of project, program, portfolio and organizational structures in addition to the life cycle of project.PMBOK 6th edition consolidates these chapters. We have a new chapter on what a project manager is supposed to do. In addition to this, the skills and competencies you should possess as a Project manager are now aligned to the PMI Talent Triangle.What is PMI Talent Triangle?As a contemporary project manager, it is not enough if you have technical skills. The dynamically changing project environment and the evolving trends in the industry necessitate the project manager to have additional skills. What are the skills needed?Strategic & Business ManagementIt is not enough to manage the triple constraints of a project. You need to understand the business alignment and fitment of the project. Therefore, you need strategic & business management skills. What does it involve?With the changes in PMBOK 6th edition, you need to understand skills that help you analyze competition, market, know the legal implications, business models, etc.Leadership SkillsThough leadership skills were discussed in PMBOK 5, the PMBOK 6th edition gives a greater emphasis to these skills. Leadership skills include emotional intelligence, problem solving, team building and influencing which give you the needed competency to motivate your team.Technical SkillsPMBOK 6th edition continues the need for skills with respect to the domain you are working in. In addition to this, you would need to know the performance management, earned value management, governance, life cycle management, etc. which were part of the earlier edition too.Change #2: PMBOK 6th Edition Knowledge Areas:There are 10 knowledge areas in PMBOK 5. These knowledge areas will still exist in PMBOK 6th edition but 2 of these knowledge areas will appear with new names as below in the table::What changed in knowledge areas in PMBOK 6th edition?As you have seen, number did not change but names of two knowledge areas changed to better align with project needs. Now, every knowledge area in PMBOK 6th edition will have 4 additional sections. These are:Key conceptsTailoring considerations: Earlier edition had a mention on need for tailoring but nothing specific was mentioned. PMBOK 6th edition has more detailed guidelines on these and an appendix added that discusses the tailoring considerations. Using these tailoring guidelines, you know which processes to put more focus on that depend on the size of the project you are working on and of course the scope of work!What are the developments and New practices being used in project management is also discussedFocus on Agile and adaptive methodology: keeping with the changing trend in various industries, PMBOK 6th edition has included what a project using agile or adaptive methodology may useWhy Name Change in PMBOK 6th Edition?Human Resource ManagementHuman Resource management knowledge area is renamed as Resource Management knowledge area. Definitely, this is a logical change that was needed, since many project managers have felt this need for a long time. Why only people when we need to also manage other materials, equipment, machines, etc.?Because, project management discipline does not cover human resources alone. It covers other types of resources as well. Physical resources (materials, equipment, licenses …etc) are also part of project management and their management is essential for success.Often, equipment and tools are shared resources and planning their availability and managing them is a critical aspect for successful project completion. Therefore, this Resource Management knowledge area now includes human resources and other resources too.Time ManagementTime Management knowledge area is renamed as Schedule Management knowledge area to emphasize the importance of scheduling in project management. Moreover, this now supports the Practice Standard on this published by PMI – Practice standard for Scheduling. Practice standards help you implement the concepts in the PMBOK. These practice standards detail how you can use the tools, techniques and processes given in the foundation standards. PMBOK 6th edition is a foundation standard. Therefore, it makes sense to bring the Time Management in line with the Practice Standard for scheduling.What are the changes in the processes in PMBOK 6th Edition?There were a total of 47 processes in PMBOK 5th edition. Were processes added or removed from PMBOK 6th edition? How does it impact me for PMP or CAPM exam?Total Number of processes increased from 47 to 49. But, there were both additions and deletions. Then, how did the final count go up?Change #3: Three New Processes in PMBOK 6th Edition:Here is the tally of the processes: There will be three new processes in PMBOK 6th edition.Close procurement in Procurement Knowledge area has been removed as a process and the content of this process clubbed with control procurement and close project. Close procurement was dealing with the closure of contracts of vendors which was generally not performed by project managers in most organizations. Hence, PMI implementing Kaizen and feedback into its processes has modified to reflect the reality.Therefore the tally is PMBOK 5th edition 47 processes to which 3 added = 50 from which 1 removed, essentially becomes 50-1=49 in PMBOK 6th edition.Manage Project Knowledge in PMBOK 6th edition:This is the new process added to Integration knowledge area under execution process group and the total count in integration becomes 7. What is this process meant for in PMBOK 6th edition? Execution in Integration is where the deliverables are being created. This is where there is a need for decision making. Hence, there is a need for processing data to information to knowledge & wisdom based on which the decisions will be made. Keeping with the current trends, knowledge is power which will help project manager use the data crunching technologies and make informed decisions.Implement Risk Response in PMBOK 6th Edition:In risk management, earlier editions had planning risk response & control of risk (now monitor risk) while there was no explicit mention on implementation. Though the implementation was part of the execution process of integration, the need for explicit implementation was realized in the PMBOK 6th edition.PMI survey also stated that many project failures are due to improper risk management. Hence, this implement risk response in execution is a needed addition in the risk management knowledge area.Control Resources in PMBOK 6th editionThis is the new process which is for monitoring and controlling the different resources that are there in the project. This is aligned to the change in the knowledge area from Human Resources to a broader ‘Resource’ management. Hence, keeping track of the various resources and their utilization becomes imperative. Therefore, this control resources process has been added to PMBOK 6th edition.Change #4: Six Changes in Existing Processes in PMBOK 6th Edition:There are slight changes in existing processes in PMBOK 6th Edition.Estimate Activity Resources was belonging to Planning Process Group and Time Management Knowledge area. In PMBOK 6th edition, it is still belonging to Planning Process Group but now it will be part of Resource Management knowledge area.6 processes are renamed in PMBOK 6 although the content of these processes remains same. Table below shows the changes of process names from PMBOK 5 to PMBOK 6th edition.The table shows the processes where there is either a name change or a new process added/moved.Why have these done? If you look at the changes that have been happening in the PMBOK over the years, one major reason is to bring uniformity while another is bridging the gaps that were there. These changes to the process names in PMBOK 6th edition reflect the reality in terms of what happens there.Control to Monitor: While the project is executed, we observe (monitor) to understand what is happening and customize the strategy to meet changing needs. This is the realignment that has been done in communication, risk and stakeholder knowledge areas for the processes in monitor and controlling process group in PMBOK 6th edition.Quality Management: While quality assurance is one way to manage quality during execution, there are also other aspects to be taken care of. This management of quality is what the name change reflects.Stakeholder: During the project, it is essential to understand how to involve stakeholders, their participation to ensure all the stakeholders are in consensus with the progress and results. Hence, the change to engagement in PMBOK 6th edition from management makes sense.Comparison of processes by Knowledge Area in PMBOK 5th edition and PMBOK 6th edition:Change #5: PMBOK 6th Edition Changes in Project Management Plan Components and Project DocumentsIn PMBOK 5, project management plan components (procurement management plan, stakeholder management plan … etc.) were depicted as inputs/outputs to a process. In PMBOK 6th Edition, project management plan itself will be depicted as input/output.Beneath the input/output table, a list of potential project management plan components is identified. However, the components of the project management plan that will be inputs or updated depends on the needs of the project.Project documents are listed as an input and project documents updates is listed as an output, as appropriate. Beneath the input/output table, there is a list of potential project documents that may be inputs, or may be updated as an output. The needs of the project will determine the actual project documents that should be inputs or updated as an output.Change #6: Agile in PMBOK 6th EditionAgain an addition to keep up with current practices is, adding more information on the iterative and adaptive methods. Therefore, this includes the agile methodology in PMBOK 6th edition. Many projects are embracing the agile methodology to deliver their projects. Hence, PMI has updated the PMBOK 6th edition with the relevant agile practices that are needed for each knowledge area. Moreover, an appendix containing practices used in adaptive environment is a great change in PMBOK 6th edition.Change #7: Other notable changes in PMBOK 6th Edition:Escalate Response: During project execution, you may not be able to handle all the risk and the many need to be escalated to others to be addressed appropriately. You can do this in PMBOK 6th edition using ‘Escalate Response’Scope: Though you may have seen the mention of project scope as part of the total scope, PMBOK 6th edition emphasizes the importance of both product and project scope.Many processes are renamed from control to monitor, bringing commonality in terms of tools and techniques used for each process are a few changes.What changes can I expect in PMP Exam with PMBOK 6th edition?Will there be a drastic change in the PMP exam when the PMBOK 6th edition comes? To answer this, we need to understand what impacts the PMP Exam:PMP Exam will change in two instances:When PMBOK edition gets updated: As you have seen, there are quite a few changes in PMBOK 6th edition. The names of knowledge areas, processes, etc. have changed. A few new concepts added. Therefore, the exam has to be aligned to the modified/updated content.Role Delineation Study: PMI advocates and practices continuous improvement. Therefore you see the PMBOK edition changing every few years, as it has now changed to PMBOK 6th edition.Exam Content Outline: The outline upon which the PMP Exam is based depends on the Role Delineation Study. The most recent study was conducted by PMI in 2015 and hence major changes in exam content may not be expected.Therefore, exam terms may be realigned to reflect the PMBOK 6th edition changes.Full post: 2020 PMBOK PDF: How Can I Get PMBOK 6th Edition & All Content