Information Technology Project Management
PPD-0389
Introduction
The Information Technology and Network Services unit (ITNS) is committed to continuously improving the delivery of information technology (IT) solutions within budget, on schedule, within scope and in such a way as to best contribute to accomplishing the Institute's strategic mission. This policy furthers that goal by establishing the common and consistent application of project management best practices in the management of ITNS projects. A uniform project management framework promotes consistency and better control of ITNS projects, thereby reducing risks and increasing project successes.
Scope
This policy applies to all ITNS projects defined as ‘mission critical’ as determined by the VIMS CIO and/or VIMS Senior Leadership. The policy and procedures outlined herein are applicable to staff as well as customers of ITNS projects and system owners.
Policy
- All ITNS projects within scope will be approved by the VIMS CIO and/or VIMS Senior Leadership prior to substantial work beginning on the Planning Phase outlined in the table below.
- Project teams will consist of a Project Manager (PM) within ITNS and a System Owner (SO) representing the customer. Projects deemed to be internal to ITNS only as part of a technology initiative will consist of a PM and the CIO.
- ITNS will maintain a centralized Project Management Tracking System (PMTS) consisting of but not limited to project milestones, including scope, project plan, meeting notes and correspondences for maintaining objectives and tracking progress.
- A project security role will be identified for each project to ensure security throughout the phases of the project. Project elements will include an estimate of risk at each step (i.e., a Risk Register), followed up by an assessment and notes of any mitigating actions.
- Access to the PMTS will be granted to all project participants within ITNS at the level appropriate to their involvement, as determined by the PM and SO. The SO will be granted access as needed but not by default.
- Projects not designated “mission critical” may also be tracked in the PMTS if desired.
- It will be the policy of VIMS ITNS Project Management to practice the principle of least privilege during the development, testing and production phases of ITNS projects. Duties will be separated to the extent possible to mitigate risks and will be defined within the project plan and execution phases as described in the Roles & Responsibilities section, below.
Project Management Methodology
This section describes the project management processes that ITNS projects will follow. The methodology is closely aligned with the lifecycle an information technology project typically undergoes. The four phases of a project's lifecycle are the Proposal phase, the Planning phase, the Executing/Controlling phase, and the Closing phase. The phases are distinct and sequential but can have significant overlap and reiteration during an actual project's lifecycle. The table below presents each project phase along with the key activities, milestones, and deliverable required. These will be documented within the VIMS PMTS.
Project Phase |
Key Activities & Milestones |
Deliverable |
Project Initiation |
·Develop project business case |
Project Proposal |
Project Planning |
·Refine scope of project/product ·Perform system and data security assessment ·Develop post project support plan |
Project Plan |
Project Execution/Control |
·Execute project tasks |
As identified in the Project Plan |
Project Closeout |
·Formal acceptance of final deliverable(s) from customer |
Project documentation is finalized when lessons learned and other notes have been documented in project closeout report |
Roles & Responsibilities
Authorized ITNS staff serving in roles as system architects, programmers, contract mangers or system builders are designated as individuals whose areas of responsibilities may require access to the Information Technology systems and assets as needed. These roles and responsibilities will be outlined the project plan and execution phases described above.