Defense Finance and Accounting Service

1
Defense Finance and Accounting Service
System Maintenance
DFAS-DTC SLC Seminar 2002 2003
Maint-02-1
2
Production and Deployment(System Maintenance)

• Operation Performance Oversight
• Change Analysis and Approval
• Design
• Develop
• Validate / Accept
• Field
• Measure Effectiveness

3
Reviews in System Maintenance
4
Operation and Performance Oversight

• Audit Production System
• Measure System Performance

5
Change Analysis and Approval

• Whats Done in this Phase
• Capture and identify change requests
• Prioritize change requests
• Analyze requests against current business
  processes
• Analyze requests against the fielded Product
  Baseline
• Determine other systems/feeders that will be
  affected by proposed changes
• Determine the affect on future release schedules
• Develop cost estimates for proposed changes and
  determine their affect on resources
• Concludes with
• Requirements / Solution Review

6
Change Analysis and Approval Leads to
Requirements/Solution Review
Production and Deployment
Requirements / Solution Review
Validate, Approve, Allocate
Capture and Identify
Analyze Document
Capture Identify Change Request
Impact Analysis
System Change Request (SCR)
Deployed System
For Corporate-level Change Requests Review and
Approval by CIO/BIE Council For Business
Line-level Change Requests Review and Approval
by Business Line Management Board For
System-level Change Requests Review and
Approval by System CCB
7
Capture and Identify Change Request

• Record and Analyze Problem
• Define Functional Change Requirements
• Define Technical Change Requirements

8
Impact Analysis

• Perform Change Impact Analysis
• Perform System Requirements Review (Modification)

repeated for each Release
9
Requirements / Solution Review
10
Who Conducts the Review?
Corporate Issues Cross-Program Coordination
CIO/BIE Council
Business-Line issues Involve more than one
product line Cross business or support lines
Business or Support Line Management Board, or
Exec Steering Group (ESG)
System-Level Issues Technical FixesAdapting
to Technology Changes
System Change Control Board (CCB)
11
Requirements / Solution ReviewAll Levels

• Have customers and appropriate DFAS subject
  matter experts been involved in detailing the
  change and do they agree with the SCRs as
  presented?
• Have supporting non-material process changes been
  identified and programmed for implementation?
• Have the priority of the SCRs been established?
• Are anticipated risks identified and was
  mitigation planning done?
• How do the SCRs fit with OUSD(C) evaluation
  criteria?
• Do the parameters of the SCRs decisions make them
  fall above thresholds that require elevation? -
  Scope - Directives - Impact - External
  Requirement Source- Cost/Funding - Special
  Interest - OUSD(C) Memo 10/12/01
• Is the tailored technical development life cycle
  (as briefed by the SM and TPO) appropriate for
  the SCRs implementation?

12
Requirements / Solution ReviewLevel Concerns (1)

• System CCB
• Has Product Baseline required changes been
  identified and included as part of the cost
  schedule submission?
• Business Line Management Board
• What are the Business-Line issues in these SCRs?
• Have the SCRs been evaluated and elevated from a
  system-level activity? Why were they elevated?
• Is funding available to support SCRs solution
  implementation?
• Do the SCRs apply to more than one subordinate
  product line and supporting system?
• Do the SCRs have the appropriate priorities
  assigned?
• What priorities are required to implement a
  business/support line end-to-end solution and
  meet customer, client, and DFAS goals and
  objectives?

13
Requirements / Solution ReviewLevel Concerns (2)

• CIO-BIE Council
• What are the corporate-level issues in these
  SCRs?
• Have the SCRs been evaluated and elevated from a
  business-line activity? Why were they elevated?
• Do the SCRs apply to more than one business line?
• Do the SCRs have the appropriate priority
  assigned?
• What priorities are required to meet customer,
  client, and DFAS goals and objectives?

14
Requirements / Solution Review

• Decision whether to
• Approve the SCR for implementation,
• Allocate the SCR for implementation, with or
  without additional resources,
• Modify the scheduled release or the release
  schedule,
• Disapprove the SCR,
• Return the SCR for clarification, or
• Elevate the SCR for higher review/action/approval.
  
• Actions are documented in a Decision Memorandum

15
Design

• Whats Done in this Phase
• SCRs prioritized, assigned to implementation
  releases
• Customer MOUs/MOAs negotiated and signed
• Software Development Plan TPO allocates
  resources
• Development IPT formed
• Product Baseline documentation updated to reflect
  changes to be implemented by release
• SSAAs evaluated and updated for change impact by
  release
• Test plan established
• Concludes with
• Design Review

16
DesignLeads to Design Review
Requirements / Solution Review
Design Review
Validate, Approve, Allocate
Design
Program Planning / Management
Program Planning / Management
System Mgmt Plan
Customer MOU
Information Assurance/ Security
SSAA
Release Planning
Technical Project Planning / Management
Software Development Plan4
Development IPT
Test Planning
Test Plans
Configuration Management / Quality Assurance
Program Functional Baseline
17
Program Planning/Management

• Manage System Operations and Maintenance
• Establish System Quality Assurance Strategy
• Establish Configuration Management Strategy
• Establish System Risk Management Strategy
• Maintain Customer Relationship

18
Information Assurance/Security

• Conduct DITSCAP Phase 4, Security Operations and
  Compliance Validation

19
Technical Project Planning/Management

• Support Development Integrated Product Teams
• Coordinate Technical Integration
• Assess Technical Project Risks
• Manage Technology/Services Acquisition
• Manage Software Quality Assurance
• Ensure Configuration Management

repeated for each Release
20
Release Planning

• Manage System Changes

21
System Development

• Identify Integration Requirements
• Prepare Software Development Plan
• Modify Integrated Software Architecture
• Perform Application Modification
• Prepare Application Release Checklist
• Produce Documentation
• Obtain Implementation Approval
• Establish Release Baseline
• Conduct Release Review
• Perform SQA Audit of Product
• Perform SQA Review of Process

repeated for each Release
22
Test Planning

• Establish System Test and Evaluation Strategy

23
Design Review
24
Design ReviewAll Levels

• Are SCRs adequately defined and stable for
  design, development, and testing of changes?
• Has there been adequate architecture planning and
  change planning?
• Is there customer, client, and user agreement on
  the SCRs?
• Are release scheduled SCRs under configuration
  control?
• Are adequate resources available to meet the
  proposed release scheduling?
• If appropriate, are plans in place to reengineer
  business processes and to provide training to
  take advantage of scheduled system changes?
• Is higher level review and approval required on
  any scheduled release?
• Are anticipated risks identified and was
  mitigation planning done?
• Is the test strategy and planning sound?

25
Design ReviewLevel Concerns

• System CCB
• Are release changes to Product Baseline
  documentation finished and under configuration
  control?
• Business Line Management Boardand CIO/BIE
  Council
• Have PMs, SM, CMs and QA Managers validated
  revised product baselines to SCR requirements?
• Are the SCRs logically bundled by release for
  efficient implementation within timelines needed
  to meet customer, client, business line, and DFAS
  goals and objectives?
• Is the release timing for SCRs in each product
  line systems coordinated between systems to
  provide business line capability by required
  dates?

26
Design Review

• Decision whether to
• Approve release SCR scheduling,
• Modify the assignment of SCRs to releases,
• Suspend implementation of an SCR, or
• Elevate SCR release scheduling for higher
  review/action/approval.
• Actions are documented in a Decision Memorandum

27
Development

• Whats Done in this Phase
• Develop software for the Release
• Request/acquire infrastructure and other
  technical provisions required for Release
• Plan installation, transition, and training
• Develop deployment plan
• Update the Allocated Baseline
• Concludes with
• Test Readiness Review

28
DevelopmentLeads to Test Readiness Review
Test Readiness Review
Design Review
Development
Program Planning / Management
Program Planning / Management
Information Assurance/ Security
Technical Project Planning / Management
Deployment Planning
Configuration Management / Quality Assurance
Allocated Baseline
Program Functional Baseline
29
Deployment Planning

• Establish Transition Strategy
• Prepare Product Delivery and Installation Plans
  
• Issue User Advisory
• Prepare User Training Plans
• Produce User Class Materials

repeated for each Release
30
Test Readiness Review
31
Test Readiness ReviewDevelopment IPT

• Development IPT, as chartered by System CCB
• Has release software been adequately developed
  and passed unit testing?
• Were test scripts originated from release SCR
  requirements?
• Are both software and test scripts under
  configuration control?
• Are test facilities and staff scheduled and
  prepared to perform testing?
• Does test readiness need to be reviewed by higher
  DFAS organization levels for any reason? If so,
  are these reviews scheduled?
• Has a formal DIPT review be accomplished and
  documented?
• Has customer/user participation in tests been
  arranged?

32
Test Readiness ReviewLevel Concerns

• Business Line Management Boardand CIO/BIE
  Council
• Has system-level Test Readiness Review been
  accomplished and approved?
• Do test scripts for the multiple system releases
  reflect testing of the business/support line or
  DFAS-wide capability to be provided?
• Are both software and test scripts under
  configuration control?
• Are test facilities and staff scheduled and
  prepared to perform testing in a timely manner to
  meet target release date?
• Have baseline documents been updated and put
  under Configuration Control?
• Does test readiness need to be reviewed by the
  DFAS CIO/BIE Council? If so, has this review
  been scheduled?

33
Test Readiness Review

• Decision whether to
• Approve the execution of tests,
• Delay the execution of test for rework, or
• Elevate the TRR conclusions for higher
  review/action/approval.
• Actions are documented in a Decision Memorandum

34
Validate / Accept

• Whats Done in this Phase
• Conduct Development Test and Evaluation (DTE)
• Resolve discrepancies and retest for satisfaction
• Obtain compliance certifications
• Update Accreditation Memo (SSAA)
• Complete functional and physical audits (FCA
  PCA)
• Update Product Baseline documentation under
  configuration control
• Conduct Operational Test and Evaluation (OTE)
• Concludes with
• Implementation Readiness Review

35
Validate / Accept Leads to Implementation
Readiness Review
Implementation Readiness Review
Test Readiness Review
Operational TRR
Validate / Accept
Program Planning / Management
Program Planning / Management
Information Assurance/ Security
Updated Accreditation Memo
Technical Project Planning / Management
Operational Test Evaluation
Development Test Evaluation
Test Scripts (F) Test Discrepancy Reports Test
Reports Compliance Certifications
Test Scripts (F) Test Discrepancy Reports Test
Reports Compliance Certifications
PCA
FCA
Configuration Management / Quality Assurance
Product Baseline
Allocated Baseline
36
Developmental Test and Evaluation

• Train Test Users
• Prepare Test Schedule
• Develop Test Scripts and Test Data
• Conduct Testing Peer Review
• Build Application Test Environment
• Conduct Test Readiness Review
• Perform Tests
• Approve and Certify Test Results

repeated for each Release
37
Operational Test Readiness ReviewTest IPT

• Test IPT, as chartered by System CCB
• Is test documentation adequate and results agreed
  to?
• Is compliance certification documentation
  available?
• Have the FCA and PCAs been reviewed and agreed
  to?
• Is the Product Baseline documentation available,
  agreed to, and under Configuration Control?
• Is the Team confident that the system is ready
  for operational testing?
• Does operational readiness need to be reviewed by
  higher DFAS organization levels for any reason?
  If so, have these reviews been scheduled?

38
Operational Test and Evaluation

• Train Test Users
• Prepare Test Schedule
• Develop Test Scripts and Test Data
• Conduct Testing Peer Review
• Build Application Test Environment
• Conduct Test Readiness Review
• Perform Tests
• Approve and Certify Test Results
• Conduct Implementation Readiness Review

repeated for each Release
39
Implementation Readiness Review (IRR)
40
Implementation Readiness Review (IRR)

• System Configuration Control Board
• Is test documentation adequate and results agreed
  to?
• Is compliance certification documentation
  available?
• Have customers validated requirements have been
  meet?
• Is the Operational Baseline documentation
  available, agreed to, and placed under
  Configuration Control?
• Is the Team confident that the system is ready
  for fielding?
• Does implementation readiness need to be reviewed
  by higher DFAS organization levels for any
  reason? If so, are these reviews scheduled?
• Business Line Management Board, orCIO/BIE
  Council
• Is the Board/Council confident that the system is
  ready for fielding?

41
Field

• Whats Done in this Phase
• Operational tests completed
• Compliance Certifications have been obtained
• Deployment Plans are executed and site
  acceptances are obtained
• Operational Baseline documentation has been
  updated for each site and and placed under
  configuration control
• Concludes with
• Post-Implementation Review

42
Field andMeasure Effectiveness (System Operation)
MeasureEffectiveness
Post-Implementation Review
Implementation Readiness Review
Field
Program Planning / Management
Operation Performance Oversight
Audit Reports PTR
Performance Measurements
Information Assurance/ Security
Technical Project Planning / Management
Next Changes
Deployment Site Acceptance Test
Site Acceptance Test Reports
Configuration Management / Quality Assurance
Operational Baseline
Per Site
43
Deployment and Site Acceptance Test

• Deliver Release
• Convert and Verify Data
• Train Users
• Conduct Site Acceptance Test
• Manage Operational Baseline
• Establish Help Desk Support
• Conduct Post Implementation Review
• Shut Down Legacy Systems

repeated for each Release
44
Post-Implementation Review (PIR)
45
Post-Implementation Review (PIR)

• System Configuration Control Board
• What are the results of the post implementation
  audit and surveys?
• Are performance measures meeting standards?
• Is help desk support effective and assistance
  timely?
• Have all Performance Trouble Tickets been
  recorded and analyzed to determine common
  problems?
• Have SCRs been created to document identified
  problems and recommended changes?
• Business Line Management Board, orCIO/BIE
  Council
• Are solutions to identified problems being
  adequately addressed?
• Have specific issues been elevated for business
  line or corporate resolution?

46
Operation and Performance Oversight

• Audit Production System
• Measure System Performance

47
DFAS System Life Cycle
System Acquisition
System Maintenance
and the cycle goes on...