Monday, January 25, 2010

Section A.2.  Acquisition and Implementation










A.2. Acquisition and Implementation



A.2.1. Identify Automated Solutions


  • Definition of information requirements

  • Formulation of alternative courses of action

  • Formulation of acquisition strategy

  • Third-party service requirements

  • Technological feasibility study

  • Economic feasibility study

  • Information architecture

  • Risk analysis report

  • Cost-effective security controls

  • Audit trails design

  • Ergonomics

  • Selection of system software

  • Procurement control

  • Software product acquisition

  • Third-party software maintenance

  • Contract application programming

  • Acceptance of facilities

  • Acceptance of technology




A.2.2. Acquire and Maintain Application Software


  • Design methods

  • Major changes to existing systems

  • Design approval

  • File requirements definition and documentation

  • Program specifications

  • Source data collection design

  • Input requirements definition and documentation

  • Definition of interfaces

  • User-machine interface

  • Processing requirements definition and documentation

  • Output requirements definition and documentation

  • Controllability

  • Availability as a key design factor

  • IT integrity provisions in application program software

  • Application software testing

  • User reference and support materials

  • Reassessment of system design




A.2.3. Acquire and Maintain Technology Infrastructure


  • Assessment of new hardware and software

  • Preventive maintenance for hardware

  • System software security

  • System software installation

  • System software maintenance

  • System software change controls

  • Use and monitoring of system utilities




A.2.4. Develop and Maintain Procedures


  • Operational requirements and service levels

  • User procedures manual

  • Operations manual

  • Training materials




A.2.5. Install and Accredit Systems


  • Training

  • Application software performance sizing

  • Implementation plan

  • System conversion

  • Data conversion

  • Testing strategies and plans

  • Testing of changes

  • Parallel/pilot testing criteria and performance

  • Final acceptance test

  • Security testing and accreditation

  • Operational test

  • Promotion to production

  • Evaluation of meeting user requirements

  • Management's post-implementation review




A.2.6. Manage Changes


  • Change request initiation and control

  • Control of changes

  • Emergency changes

  • Documentation and procedures

  • Authorized maintenance

  • Software release policy

  • Distribution of software













Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)