Is the user to company association done ... - North Carolina



Contact Information | |

|Agency/Department |

|Name       |

|Address       |

|Email       |

|Phone Number    -   -     extension -      |

| |

|Application Information |

|Application/Project Name       |

|Sponsor/Owner’s Name       |

|Purpose of Application |

|      |

|Application Description |

|      |

|Application Type: If other, please explain       |

| |

|Project Information |

|Implementation timeline |

|      |

|Application Status |

|SB991 Project Project Number       Approved |

|Approval (projected) Date       |

|Management Approved Planned Approval Date       (MM/DD/YY) |

|Budget Approved Planned Approval Date       (MM/DD/YY) |

|Separate Application Environments that are or will be available: |

|Lab Development Pre Production/UAT Production |

|Application Architecture: Attach a diagram which should contain the following |

|Network links |Are any of the servers hosted by some other entity, if so show which |

|Database server and OS |one(s) and indicate where |

|Application server and OS |Any other architecture information |

|Presentation (GUI) server and OS | |

|User Administration, Authentication, Authorization and Auditing Information |

|Current user management method (if applicable) |

|      |

|Can it be disabled? |

|Current authentication and authorization method and data store for user accounts (if applicable) |

|      |

|Can it be disabled? |

|User base for the application |

| |

|User Type |

|Users Already in NCID |

|Estimated Number of Users |

| |

| |

| |

|Initial 1 |

|Year 2 |

|Year 3 |

|Year 5 |

| |

|State Employees |

| |

|      |

|      |

|      |

|      |

| |

|Local Government Employees |

| |

|      |

|      |

|      |

|      |

| |

|Business |

| |

|      |

|      |

|      |

|      |

| |

|Individual |

| |

|      |

|      |

|      |

|      |

| |

|TOTAL |

| |

|0 |

|0 |

|0 |

|0 |

| |

|If State or Local Government Employees will constitute the bulk of the users, please list the agencies that will have the majority of the end |

|users. |

|      |

|Load distribution |

|      |

|Type of authentication needed ID and Password |

|Other       |

| |

|Type of authorization needed Rule |

|Role |

|Group |

|Time of Day |

|Individual |

|IP Address |

|Other       |

|Process for approving access to application (Business Requirements) |

|      |

|Auditing requirements |

|      |

|Security requirements |

|      |

|Business continuity requirements |

|      |

Help

Contact Information

Enter your business contact information.

Application Information

Application/Project Name: The common name that the application, service or system is known by. How the system is commonly referred to by most people.

Sponsor/Owner’s Name: The sponsor is the business owner of the application or service.

Purpose of Application: A high level summary of what the application does. Who uses the system, and the services the system provides.

Application Description: A brief outline of the inputs, process, and outputs of the system. What other systems depend on this system. Is this system dependent on other systems or services?

Application Type: Has (or will) this application be developed by staff or contractors, or is it a purchased software package? If it is purchased, is it government off the shelf? Does your agency own the code and are you allowed to make changes to it?

Project Information

Implementation timeline: Please give a high level outline of the requirements gathering, planning, design phases, implementation, testing and release dates and dependencies.

Application Status: Is this an enhancement to an existing system or a completely new service/application?

SB991 Project: Does this application or project fall under the SB991 rules? If so please provide the project number. Has it been approved? If this is a SB991 project, please provide the project approval date or the anticipated approval date.

Management Approved: Has your agency’s management approved the project? If so please attach the information that shows this approval. If not, please enter planned approval date.

Budget approved: Has your agency budgeted for the project? If not, please enter the date you expect budgetary approval.

Separate Application Environments that are or will be available. Indicate, using the four check boxes which, separate, environments your application has or plans to have. Lab is generally an area that system support test patches and updates. Development is where application programmers generally develop and test code changes. Pre production or user acceptance testing is the environment where application owners test changes and functions before moving to production. Pre production generally closely replicates the production environment. Production is the environment that the application actually runs in for general day to day use.

Application Architecture: Please attach a diagram with the information requested depicted on it. If this is a SB991 project and you have submitted the architecture information, you can attach a copy of that or we will obtain a copy from the EPMO.

User Administration, Authentication, Authorization and Auditing Information

Current User Management Method: What type of management system is used to administer users in the current system? An example would be RACF or database with a GUI interface. Can this be disabled or removed from user access?

Current Authentication and Authorization Method and Storage: Please indicate the type or types of A&A the system can or does use. Examples are: ID with password and then a database lookup for authorization. Each user is individually flagged with rights and stored in the applications own database. Can this be disabled or removed from user access?

User Types: For each type of user listed, please indicate where the bulk of the users are already in the NCID system (for other application access) or not. In addition, indicate the number of users you anticipate for the first 6 months. Then indicate the total number of application users for each type in years two, three and five.

State and Local Government Employees: If state and local government users will be in the system in any substantial number, please indicate the agencies and total users for each.

Load Distribution: in this section indicate the normal load distribution in a day, week, month, and year. Are their peak demand times and if so when?

Type of Authentication and Authorization Needed: Indicate the type of authentication and coarse grain authorization you are requiring from NCID. Fine grained authorization, if required, will need to be implemented by the application.

Process of Approving Application Access: Briefly describe the business rules for granting access to the application. Is it done with direct supervisor approval, management approval, paper form, etc?

Auditing Requirements: Briefly describe the auditing requirements from a user access perspective. How long are logs required to be kept and in what form? Is there a time demand for getting audit information?

Security Requirements: Are there any special security requirements pertaining to authentication and authorization?

Business Continuity Requirements: It there were a disaster or service interruption, what are the requirements for having the system access restored?

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download