Product Concept and Definition

Product Concept and Definition

Account Access Request Application

Learning Team A:

Kelly Benavides, Glenn Eldridge, Macgregor Felix,

Dorothy Hulan, Dave Patterson & Peter Peterson

Project Planning and Implementation

CMGT/410

Pat Bhatt

February 2, 2005

Abstract

This paper presents the concept and definition of the Account Access Request Application project. The project aims to deliver an application that will provide an online mode of access to Company A (the company)'s resources for its some 1000 employees. The continued growth dictates the company solution be scalable

, while the current external political and financial atmosphere requires compliance to new internal audit regulations. With such sizable impetus, reducing costs, eliminating delays, decreasing errors, and producing internal audit reports are part of the audacious goals of the project. The following pages will attempt to define the Account Access Request Application product, the project objectives, its mission and goals, its approach, its organization, and the various tasks and responsibilities.

Account Access Request Application

The need for access provisioning solutions is necessary as applications and systems require specific access, and security becomes a number one issue throughout the industry. There is currently no online method to request access to systems resources within the 1000-employee company. The current process to gain access to any of Company A's resources is to contact the Technical Response Center (TRC). The TRC administrator creates a tracking ticket. The administrator requires validation from the requestor. In some cases, the administrator will be required to get approval from the resource owner. Once the request is complete, the TRC administrator manually creates the access and gives the password to the requester. The tracking ticket is then closed. The process can take anywhere from 2 to 3 days.

According to article 2, section 404 of the Sarbanes-Oxley of 2002; we are required to establish and maintain an adequate internal control structure and procedures for financial reporting (AICPA, 2004). This means that our critical business systems need to have a secure process for requesting access and the level of access is granted to only those authorized. In addition, the entire process should be well documented and the access data is available for reporting and periodic audits.

The application will need to be scalable

to handle increasing resources, data, and a growing employee population. It should also be flexible to allow for new technology advancements in automation, such as, automatically creating accounts on systems, applications and databases.

Project Objectives

Once the need for the application is understood, the project objectives are defined. These objectives will guide the project team in the development of the project recommendation and project plan. Three key objectives have been defined. Objective one will verify that the project aligns with departmental and company goals. It is important to know, if an executive strategy, such as the outsourcing of company systems to a vendor. A second key objective will build an IT recommendation or proposal for executive approval. This proposal will include all of the necessary information for the executive to make a decision. The third objective, to install the Access Administration system, sets the ultimate objective of the project. Once the application is installed and tested, the project can begin its closeout phase.

Mission and Goals

The mission of this project is to provide rapid access to system applications for employees from any device or connection within the company while decreasing the workload of the IT department. According to IBM, the benefits to the company are consistent security implementation across the organization while simplifying management through a single interface (IBM. 2004). Goals of this project include:

 Reduce administration costs by 50 percent

 Eliminate delays associated with the current manual process

 Decrease errors in current manual process

 Produce reports for internal audits

 Track employee access to applications

 Ensure regulatory compliance

 User self-service of password management and application requests

Phased Approach

Using standard project management principles and methods, Team A advocates using a Phased Project Approach for all projects, large or small. This will insure that a project meets the goals of the business and maintains the time-line and budget necessary for overall project success.

Team A will first analyze and evaluate the business and its current processes and technology. The ultimate success of the Information Technology (IT) strategy is dependent on the IT organization understanding their business. The cornerstone of our success in working with this project is our understanding of how the business is evolving. We then establish requirements and goals and begin all projects by:

 Establishment & Clarification of Objectives

 Functional Requirements Documentation

 Current Technology Analysis

 Return on Investment Analysis

After doing a careful analysis of the requirements, Team A will develop a solution that meets the requirements and goals. We evaluate current available and legacy technology that will support the business initiatives. Team A will manage the implementation process to ensure success. The goal is to provide on-time and on-budget implementation of the system. Implementation includes:

 Developing and Documenting a Management Procedure Plan for the System

 Writing