INFORMATION RESOURCES MANAGEMENT
The
Department of Justice
Systems Development Life Cycle
Guidance Document
January 2003
Table of Contents
EXECUTIVE SUMMARY
FORWARD
CHAPTER 1: INTRODUCTION
1.0 Background
1.1 Purpose, Scope, and Applicability
1.1.1 Purpose
1.1.2 Scope
1.1.3 Applicability
1.2 Introduction to System Development Life Cycle (SDLC)
1.2.1 Initiation Phase
1.2.2 System Concept Development Phase
1.2.3 Planning Phase
1.2.4 Requirements Analysis Phase
1.2.5 Design Phase
1.2.6 Development Phase
1.2.7 Integration and Test Phase
1.2.8 Implementation Phase
1.2.9 Operations and Maintenance Phase
1.2.10 Disposition Phase
1.3 Controls/Assumptions
1.4 Documentation
CHAPTER 2: STRATEGIC PLANNING FOR INFORMATION SYSTEMS
2.0 Strategic Planning
2.1 Information Technology Investment Management (ITIM)
2.2 Enterprise Architecture
2.3 Performance Measurement
2.4 Business Process Reengineering
2.5 Systems Security
CHAPTER 3: INITIATION PHASE
3.0 Objective
3.1 Tasks and Activities
3.1.1 Identify the Opportunity to Improve Business Functions
3.1.2 Identify a Project Sponsor
3.1.3 Form a Project Organization
3.1.4 Document the Phase Efforts
3.1.5 Review and Approval to Proceed
3.2 Roles and Responsibilities
3.3 Deliverables
3.3.1 Concept Proposal
3.4 Issues for Consideration
3.5 Phase Review Activity
CHAPTER 4: SYSTEM CONCEPT DEVELOPMENT
4.0 Objective
4.1 Tasks and Activities
4.1.1 Study and Analyze the Business Need
4.1.2 Plan the Project
4.1.3 Form the Project Acquisition Strategy
4.1.4 Study and Analyze the Risks
4.1.5 Obtain Project Funding, Staff and Resources
4.1.6 Document the Phase Efforts
4.1.7 Review and Approval to Proceed
4.2 Roles and Responsibilities
4.3 Deliverables
4.3.1 System Boundary Document.
4.3.2 Cost Benefit Analysis.
4.3.3 Feasibility Study.
4.3.4 Risk Management Plan.
4.4 Issues for Consideration.
4.4.1 ADP Position Sensitivity Analysis.
4.4.2 Identification of Sensitive Systems.
4.4.3 Project Continuation Decisions.
4.5 Phase Review Activity.
CHAPTER 5: PLANNING PHASE
5.0 OBJECTIVE.
5.1 Tasks and Activities.
5.1.1 Refine Acquisition Strategy in System Boundary Document.
5.1.2 Analyze Project Schedule.
5.1.3 Create Internal Processes.
5.1.4 Staff Project Office.
5.1.5 Establish Agreements with Stakeholders.
5.1.6 Develop the Project Management Plan.
5.1.7 Develop the Systems Engineering Management Plan.
5.1.8 Review Feasibility of System Alternatives.
5.1.9 Study and Analyze Security Implications.
5.1.10 Plan the Solicitation, Selection and Award.
5.1.11 Develop the CONOPS.
5.1.12 Revise Previous Documentation.
5.2 Roles and Responsibilities.
5.3 Deliverables.
5.3.1 Acquisition Plan.
5.3.2 Configuration Management Plan.
5.3.3 Quality Assurance Plan.
5.3.4.Concept of Operations.
5.3.5 System Security Plan.
5.3.6 Project Management Plan.
5.3.7 Validation and Verification Plan.
5.3.8 Systems Engineering Management Plan.
5.4 Issues for Consideration.
5.4.1 Audit Trails.
5.4.2 Access Based on “Need to Know”.
5.5 Phase Review Activity.
CHAPTER 6: REQUIREMENTS ANALYSIS PHASE
6.0 Objective.
6.1 Tasks and Activities.
6.1.1 Analyze and Document Requirements.
6.1.2 Develop the Test Criteria and Plans.
6.1.3 Develop an Interface Control Document.
6.1.4 Review and Assess FOIAbrA Requirements.
6.1.5 Conduct Functional Review.
6.1.6 Revise Previous Documentation.
6.2 Roles and Responsibilities.
6.3 Deliverables.
6.3.1 Functional Requirements Document.
6.3.2 Test and Evaluation Master Plan.
6.3.3 Interface Control Document.
6.3.4 Privacy Act Noticebrrivacy Impact Assessment.
6.4 Issues for Consideration.
6.5 Phase Review Activity.
CHAPTER 7: DESIGN PHASE
7.0 Objective.
7.1 Tasks and Activities.
7.1.1 Establish the Application Environment.
7.1.2 Design the Application.
7.1.3 Develop Maintenance Manual.
7.1.4 Develop Operations Manual.
7.1.5 Conduct Preliminary Design Review.
7.1.6 Design Human Performance Support (Training).
7.1.7 Design Conversion/Migration/Transition Strategies.
7.1.8 Conduct Security Risk Assessment.
7.1.9 Conduct Critical Design Review.
7.1.10 Revise Previous Documentation.
7.2 Roles and Responsibilities.
7.3 Deliverables.
7.3.1 Security Risk Assessment.
7.3.2 Conversion Plan.
7.3.3 System Design Document.
7.3.4 Implementation Plan.
7.3.5 Maintenance Manual.
7.3.6 Operations Manual or System Administration Manual.
7.3.7 Training Plan.
7.3.8 User Manual.
7.4 Issues for Consideration.
7.4.1 Project Decision Issues.
7.4.2 Security Issues.
7.5 Phase Review Activity.
CHAPTER 8: DEVELOPMENT PHASE
8.0 Objective.
8.1 Tasks and Activities.
8.1.1 Code and Test Software .
8.1.2 Integrate Software.
8.1.3 Conduct Software Qualification Testing.
8.1.4 Integrate System .
8.1.5 Conduct System Qualification Testing.
8.1.6 Install Software.
8.1.7 Document Software Acceptance .
8.1.8 Revise Previous Documentation.
8.2 Roles and Responsibilities.
8.3 Deliverables.
8.3.1 Contingency Plan.
8.3.2 Software Development Document.
8.3.3 System (Application) Software.
8.3.4 Test Files/Data.
8.3.5 Integration Document.
8.4 Issues for Consideration.
8.5 Phase Review Activity.
CHAPTER 9: INTEGRATION AND TEST PHASE
9.0 Objective.
9.1 Tasks and Activities.
9.1.1 Establish the Test Environment.
9.1.2 Conduct Integration Tests.
9.1.3 Conduct Subsystem/System Testing.
9.1.4 Conduct Security Testing.
9.1.5 Conduct Acceptance Testing.
9.1.6 Revise Previous Documentation.
9.2 Roles and Responsibilities.
9.3 Deliverables.
9.3.1 Test Analysis Report.
9.3.2 Test Analysis Approval Determination.
9.3.3 Test Problem Report.
9.3.4 IT Systems Security Certification & Accreditation.
9.4 Issues for Consideration.
9.5 Phase Review Activity.
CHAPTER 10: IMPLEMENTATION PHASE
10.0 Objective.
10.1 Tasks and Activities.
10.1.1 Notify Users of New Implementation.
10.1.2 Execute Training Plan.
10.1.3 Perform Data Entry or Conversion.
10.1.4 Install System.
10.1.5 Conduct Post-Implementation Review
10.2 Roles and Responsibilities.
10.3 Deliverables.
10.3.1 Delivered System.
10.3.2 Change Implementation Notice.
10.3.3 Version Description Document.
10.3.4 Post-Implementation Review.
10.4 Issues for Consideration.
10.5 Phase Review Activity.
CHAPTER 11: OPERATIONS AND MAINTENANCE PHASE
11.0 Objectives.
11.1 Tasks and Activities.
11.1.1 Identify Systems Operations.
11.1.2 Maintain Data/Software Administration.
11.1.3 Identify Problem and Modification Process.
11.1.4 Maintain System/Software Maintenance.
11.1.5 Revise Previous Documentation.
11.2 Roles and Responsibilities.
11.3 Deliverables.
11.3.1 In-Process Review Report.
11.3.2 User Satisfaction Review.
11.4 Issues for Consideration.
11.5 Phase Review Activity.
CHAPTER 12: DISPOSITION PHASE
12.0 Objective.
12.1 Tasks and Activities.
12.1.1 Prepare Disposition Plan.
12.1.2 Archive or Transfer Data.
12.1.3 Archive or Transfer Software Components.
12.1.4 Archive Life Cycle Deliverables.
12.1.5 End the System in an Orderly Manner.
12.1.6 Dispose of Equipment.
12.1.7 Prepare Post-Termination Review Report.
12.2 Roles and Responsibilities.
12.3 Deliverables.
12.3.1 Disposition Plan.
12.3.2 Post-Termination Review Report.
12.3.3 Archived System.
12.4 Issues for Consideration.
12.5 Phase Review Activity.
CHAPTER 13: ALTERNATIVE SDLC WORK PATTERNS
13.0 Objective.
13.1 Standard SDLC Methodology (Full Sequential Work Pattern).
13.2 Alternative Work Patterns.
13.3 Work Pattern Descriptions and Exhibits.
13.3.1 Reduced Effort (Small Application Development) Work Pattern.
13.3.2 Rapid Application Development Work Pattern.
13.3.3 Pilot Development Work Pattern.
13.3.4 Managed Evolutionary Development Work Pattern.
13.3.5 O&M Small-Scale Enhancement Work Pattern.
13.3.6 O&M Project Work Pattern.
13.3.7 Procurement of Commercial-Off-the-Shelf (COTS) Product.
Appendix A - Glossary
Appendix B - Acronyms
Appendix C - Document Content guidelines/templates
Appendix C-1 Concept Proposal.
Appendix C-2 System Boundary Document
Appendix C-3 Cost-Benefit Analysis
Appendix C-4 Feasibility Study
Appendix C-5 Risk Management Plan
Appendix C-6 Acquisition Plan
Appendix C-7 Configuration Management Plan
Appendix C-8 Quality Assurance Plan
Appendix C-9 Concept of Operations
Appendix C-10 System Security Plan
Appendix C-11 Project Management Plan
Appendix C-12 Verification and Validation Plan.
Appendix C-13 Systems Engineering Management Plan.
Appendix C-14 Functional Requirements Document.
Appendix C-15 Test and Evaluation Master Plan.
Appendix C-16 Interface Control Document.
Appendix C-17 Security Risk Assessment.
Appendix C-18 Conversion Plan.
Appendix C-19 System Design Document.
Appendix C-20 Implementation Plan.
Appendix C-21 Maintenance Manual.
Appendix C-22 Operations Manual.
Appendix C-23 Systems Administration Manual.
Appendix C-24 Training Plan.
Appendix C-25 User Manual.
Appendix C-26 Contingency Plan.
Appendix C-27 Software Development Document.
Appendix C-28 Integration Document.
Appendix C-29 Test Analysis Report.
Appendix C-30 Test Analysis Approval Determination.
Appendix C-31 Test Problem Report.
Appendix C-32 Change Implementation Notice.
Appendix C-33 Version Description Document.
Appendix C-34 Post-Implementation Review.
Appendix C-35 In-Process Review Report.
Appendix C-36 User Satisfaction Review Report.
Appendix C-37 Disposition Plan.
Appendix C-38 Post-Termination Review Report.
