Table of Contents | Chapter 3 | Chapter 5
4.1 TASKS AND ACTIVITIES
4.1.1 Study and Analyze the Business Need
4.1.2 Plan the Project
4.1.3 Form the Project Acquisition Strategy
4.1.4 Study and Analyze the Risks
4.1.5 Obtain Project Funding, Staff and Resources
4.1.6 Document the Phase Efforts
4.1.7 Review and Approval to Proceed
4.2 ROLES AND RESPONSIBILITIES
4.3.1 System Boundary Document
4.3.2 Cost Benefit Analysis
4.3.3 Feasibility Study
4.3.4 Risk Management Plan
4.4 ISSUES FOR CONSIDERATION
ADP Position Sensitivity Analysis
4.4.2 Identification of Sensitive Systems
4.4.3 Project Continuation Decisions
4.5 PHASE REVIEW ACTIVITY
System Concept Development begins when the Concept Proposal has been formally approved and requires study and analysis that may lead to system development activities.
The review and approval of the Concept Proposal begins the formal studies and analysis of the need in the System Concept Development Phase and begins the life cycle of an identifiable project.
The following activities are performed as part of the System Concept Development Phase. The results of these activities are captured in the four phase documents and their underlying institutional processes and procedures (See Figure 4-1).
The project team, supplemented by enterprise architecture or other technical experts, if needed, should analyze all feasible technical, business process, and commercial alternatives to meeting the business need. These alternatives should then be analyzed from a life cycle cost perspective. The results of these studies should show a range of feasible alternatives based on life cycle cost, technical capability, and scheduled availability. Typically, these studies should narrow the system technical approaches to only a few potential, desirable solutions that should proceed into the subsequent life cycle phases.
The project team should develop high-level (baseline) schedule, cost, and performance measures which are summarized in the System Boundary Document. These high-level estimates are further refined in subsequent phases.
The acquisition strategy should be included in the SBD. The project team should determine the strategies to be used during the remainder of the project concurrently with the development of the CBA and Feasibility Study. Will the work be accomplished with available staff or do contractors need to be hired? Discuss available and projected technologies, such as reuse or Commercial Off-the-Shelf and potential contract types.
Identify any programmatic or technical risks. The risks associated with further development should also be studied. The results of these assessments should be summarized in the SBD and documented in the Risk Management Plan and CBA.
Estimate, justify, submit requests for, and obtain resources to execute the project in the format of the Capital Asset Plan and Justification, Exhibit 300. An example and instructions are included in the ITIM policy and guidance at http://dojnet.doj.gov/jmd/irm/whatsnewpage.htm (available to DOJ Employees only).
The results of the phase efforts are documented in the System Boundary Document, Cost Benefit Analysis, Feasibility Study, and Risk Management Plan.
The results of the phase efforts are presented to project stakeholders and decision makers together with a recommendation to (1) proceed into the next life-cycle phase, (2) continue additional conceptual phase activities, or (3) terminate the project. The emphasis of the review should be on (1) the successful accomplishment of the phase objectives, (2) the plans for the next life-cycle phase, and (3) the risks associated with moving into the next life-cycle phase. The review also addresses the availability of resources to execute the subsequent life-cycle phases. The results of the review should be documented reflecting the decision on the recommended action.
The following deliverables shall be initiated during the System Concept Development Phase:
4.3.1 System Boundary Document - Identifies the scope of a system (or capability). It should contain the high level requirements, benefits, business assumptions, and program costs and schedules. It records management decisions on the envisioned system early in its development and provides guidance on its achievement. Appendix C-2 provides a template for the Systems Boundary Document.
4.3.2 Cost-Benefit Analysis - Provides cost or benefit information for analyzing and evaluating alternative solutions to a problem and for making decisions about initiating, as well as continuing, the development of information technology systems. The analysis should clearly indicate the cost to conform to the architectural standards in the Technical Reference Model (TRM). Appendix C-3 provides a template for the Cost-Benefit Analysis.
4.3.3 Feasibility Study - Provides an overview of a business requirement or opportunity and determines if feasible solutions exist before full life-cycle resources are committed. Appendix C-4 provides a template for the Feasibility Study.
4.3.4 Risk Management Plan - Identifies project risks and specifies the plans to reduce or mitigate the risks. Appendix C-5 provides a template for the Risk Management Plan.
After the SBD is approved and a recommendation is accepted by the program and/or executive management, the system project planning begins. A number of project continuation and project approach decisions are taken by the Project Manager.
All projects must ensure that all personnel are cleared to the appropriate level before performing work on sensitive systems. Automated Data Processing (ADP) position designation analysis applies to all DOJ personnel, including contract support personnel who are nominated to fill an ADP position. ADP positions are those that require access to DOJ ADP systems or require work on management, design, development, operation, or maintenance of DOJ automated information systems. The sensitivity analysis should be conducted only to determine an individual’s eligibility or continued eligibility for access to DOJ ADP systems or to unclassified sensitive information. Such an analysis is not to be construed as the sole determination of eligibility.
Public Law 100-235, the Computer security Act of 1987, requires Federal agencies to identify systems that contain sensitive information. In general, a sensitive system is a computer system that processes, stores, or transmits sensitive-but-unclassified (SBU) data. SBU data are any information that the loss, misuse, or unauthorized access to, or modification of, could adversely affect the national interest, the conduct of DOJ programs, or the privacy to which individuals are entitled under the Privacy Act. Guidelines for the identification of sensitive systems can be found with the DOJ IMSS. These procedures will help determine the type of sensitivity level to the data that will be processed, stored, and transmitted by the new or changed system.
The feasibility study and CBA confirm that the defined information management concept is significant enough to warrant an IT project with life-cycle management activities.
The feasibility study should confirm that the information management need or opportunity is beyond the capabilities of existing systems and that developing a new system is a promising approach.
The CBA confirms that the projected benefits of the proposed approach justify the projected resources required. The funding, personnel, and other resources shall be made available to proceed with the Planning Phase.
The System Concept Development Review shall by performed at the end of this phase. The review ensures that the goals and objectives of the system are identified and that the feasibility of the system is established. Products of the System Concept Development Phase are reviewed including the budget, risk, and user requirements. This review is organized, planned, and led by the Program Manager and/or representative.
Table of Contents | Chapter 3 | Chapter 5