Final answer:
Information security project managers typically follow the PMI's PMBOK guide which encompasses traditional methodologies like Waterfall. While Agile, Scrum, and Lean are also compatible, Waterfall is traditionally aligned with PMBOK's structured approach.
Step-by-step explanation:
Information security project managers frequently use methodologies promoted by the Project Management Institute (PMI), and one of the most renowned PMI methodologies is the Project Management Body of Knowledge (PMBOK). PMBOK is not specifically one of the methodologies like Agile, Waterfall, Scrum, or Lean, but it contains processes and best practices that can be applied within various project management methodologies, including those listed.
The PMBOK guide includes knowledge areas and process groups that are meant to work with various approaches like Waterfall methodology, which is a more traditional and sequential approach, or Agile methodology, which is an iterative and incremental approach. Scrum and Lean are implementations or frameworks that operate under the Agile principles. Therefore, while PMI's PMBOK guide is methodology-agnostic, it is often seen in practice that the Waterfall methodology aligns well with the structured approach of the PMBOK guide. So, if we are looking for the methodology that is often promoted by PMI and utilized by information security project managers, Waterfall would be a traditional choice.