Sample Application Documentation

Application, Software bundle or process Description:

This for is required for current AND new applications.

The goal of this document is:

  • Improve the Business decisions.
  • Improve communication between the Business, the requester, the Audit, the IT and the compliance.
  • Formalize the requests.
  • Assign roles, responsibilities
  • Help the support

Name of the application, software or process:

Sponsor Information:

  • Name:
  • Dept:
  • Location:
  • E-Mail:

Process Ownership:

  • Responsible:
  • Accountable:
  • Owner:
  • Informed users:

Scope of the application:

  • User
  • Part of department
  • Complete department
  • Multi Dept.
  • Organization Wide
  • Organization Wide and External

Brief description (Goal and Objectives):

  • Domains:
    Processes:
  • Activities:
  • Please provide a brief description of the Business requirement:
  • Please provide a brief description of the software:
  • Please give some justification of this request:

Resources:
Information:

Data Flows?

  • Bloomberg, Reuters, Swift, Web, Mail?

Applications:

Check which on system(s) you wish the software:

  • Linux, (SuSE, Ubuntu, Redhat, …)
  • Solaris,
  • Windows XP
  • Windows 2003Windows 2008
  • Windows Vista/ 7

Which 3rd part application is required?

Database

  • Oracle (version _)
  • Microsoft SQL (version _)
  • MySQL

File Server
Directory
Web server
Else

Infrastructure:

Which storage, extra media or devices are required?

People:

People requirement:

  • DBA, Developer, Analysts, …

Software / Application Information:

Vendor Name:

  • Address:
  • Phone:
  • Contact:

Funding source:

Please explain:

Type of licenses (Named, CPU, user, concurrent)

Number of license(s) needed.

Is a site license available?
Deliver and Support information:

Local support person(s):

  • Name
  • Mail
  • Phone
  • Role

Distant support person(s):

  • Name
  • Mail
  • Phone
  • Role

Documentation availability: Setup, Trouble Shooting, End-Users, FAQ

Contracts

  • Maintenance,
  • SLA
  • Support
  • Non disclosure

Test / Validation, Deployment:

If it’s a new project;

  • Explain your POC (Proof of Concept) plan
  • Explain your test and validation plan.

If it’s an upgrade:

* Explain your test and validation plan.

Do you have deployment schedule and resources ready?

  • People
  • Training
  • Hardware / Software / License
  • Support

Risk analysis.

Effectiveness of application to meet the business needs.

  • Meets all needs
  • Key needs met, regular change requests
  • Key needs met, end user computing and regular change requests
  • Some key needs missing
  • Fail to meet key needs

Confidentiality of the data in the application.

  • Systems contain generally available information, manipulation of data would have no impact
  • Systems contain generally available information, manipulation of data would have minimal impact on operations or control are strong
  • Systems contain confidential information; disclosure or manipulation would have a significant impact on operations

Data integrity (interface between applications).

  • Application input and processing controls in place, no data fixes
  • Not all application controls in place, end user computing
  • Data fixes, manual interfaces, limited interface controls

Number of error that occurs per year (if needed or known).

  • <5
  • <10
  • >10

The financial impact if the application is not available or not functioning properly/correctly :

  • No/Minimal financial loss
  • Medium financial loss
  • Substantial Financial Loss
  • Major financial loss
  • Huge financial loss

Backup procedure and policy:

  • Data retention
  • Archiving
  • Backup policy
  • RTO

Availability of the application:

Open hours – 7×7 24×24

Time frame before fall-out of the application will impact the business (the reputation, finance, operation) .

  • < 1 hour
  • < 1 day
  • < 1 week

Critical window(s):

  • End of week
  • End of month
  • Depends
  • Not specified.

Recovery:

Is this application must be in the recovery plan?

  • yes
  • no

If required, what is the recovery time for this application?

Application dependency:

Dependency with operation:

  • No relation with operations
  • No significant relation with operations – unavailability or malfunctioning will only lead to occasional interruptions of operations
  • Medium relation with operations – ultimately unavailability or malfunctioning will lead to regular interruptions of operations
  • Strong relation with operations – ultimately unavailability or malfunctioning will lead to frequent delays and a significant decrease of efficiency and effectiveness
  • Very strong relation with operations – ultimately unavailability or malfunctioning will lead to a cessation of activities

This application depends on those other applications:
Other application are related to the current one:

Security and Audit

Security requirement:

  • Firewall
  • Access list
  • Checks or controls to put in place

Audit requirement:

See with the auditors.
Reputation

Can the application fault or data lose (corruption, miss, thief) can be a reputation issue?

Compliance / Regulation

Is the application, data or process requires some compliance feature?

  • Data is not used for compliance purposes
  • Data is partially used for compliance purposes, supported by human intervention
  • Data is the single source for compliance purposes without human intervention

Is the application, data or process requires some regulation feature?
Monitoring / Evaluation

Is the some monitoring and / or evaluation to do ?

* Performance monitoring
* Capacity planning and monitoring
* Quality requirements

Be the first to comment

Leave a Reply

Your email address will not be published.


*


*