Governance and Compliance Process

PURPOSESCOPEPROCESS DESCRIPTIONPROCESS INPUTS/OUTPUTSSUPPORTING DOCUMENTATIONREVISION HISTORY

Process Owner: Manager, Business Relationship Management

Note: An owner must be a PCES-level manager.

This document establishes standard processes for the Technology Solution Life Cycle (TSLC) Governance and Compliance phase within the Postal Service Technical Environment. It addresses both Agile and Waterfall methodology.

PURPOSE

The purpose of the Governance and Compliance process is to validate that requirements and design documents meet United States Postal Service (USPS) compliance standards. From a compliance standpoint, nothing changes.

SCOPE

This process applies to all:

PROCESS DESCRIPTION

The Governance and Compliance process, which validates that the required documents are up to date and stored in the TSLC Artifact Library, consists of the following sub-process.

The Business Relationship Management Program Manager (BRM PM) ensures that all of the applicable artifacts listed below from all of the previous phases have been completed correctly and uploaded to the appropriate location in the TSLC Artifacts Library.

Baseline artifacts are mandatory and must be uploaded. Tollgate artifacts must be uploaded within 10 business days after the associated Tollgate meeting for projects following the Tollgate process.

Agile Phase Waterfall Phase Artifact Name Audit Requirements
Initiate & Plan Initiate & Plan Business Needs Statement (BNS) Tollgate
Initiate & Plan Initiate & Plan Rough Order of Magnitude Estimate (ROM) N/A
Initiate & Plan Initiate & Plan CCB Document for the release Baseline, Tollgate
Initiate & Plan Initiate & Plan Master Release Inventory Tollgate
Initiate & Plan Initiate & Plan Documented Approval and Funding to Proceed N/A
Initiate & Plan Initiate & Plan EIR Registration N/A
Initiate & Plan Initiate & Plan Documented Tollgate Meeting Minutes Tollgate
Initiate & Plan Initiate & Plan Approved Technology Solution Implementation Costs N/A
Initiate & Plan Initiate & Plan Documented Stakeholder Approval to Proceed Tollgate
Sprint 0 Requirements Requirements approval with Requirements Traceability Matrix (RTM) Tollgate
Sprint 0 Requirements EA Checkpoint 1 N/A
Sprint 0 Requirements SOX Impact Assessment (SIA) SOX
Sprint 0 Requirements Documented Tollgate Meeting Minutes Tollgate
Sprint 0 Requirements Updated Master Release Inventory Tollgate
Sprints 1-n Analysis & Design Updated RTM Baseline, Tollgate
Sprints 1-n Analysis & Design Updated SIA, if necessary SOX
Sprints 1-n Analysis & Design EA Checkpoint 2 Approval N/A
Sprints 1-n Analysis & Design Approved Technology Solution Design documents N/A
Sprints 1-n Analysis & Design Approved Technology Solution Funding and Schedule N/A
Sprints 1-n Analysis & Design Documented Tollgate Meeting Minutes Tollgate
Sprints 1-n Analysis & Design Documented Stakeholder Approval to Proceed Tollgate
Sprints 1-n Analysis & Design Updated Master Release Inventory Tollgate
Sprints 1-n Analysis & Design Updated Project Plan Tollgate
Sprints 1-n Build Build Plan N/A
Sprints 1-n Build Build Test Results N/A
SIT SIT Final SIT Strategy N/A
SIT SIT Documented SIT Approval Baseline
SIT SIT SIT Plan N/A
SIT SIT Updated SIA, if necessary SOX
SIT SIT Updated RTM
  • Final SIT Scripts
  • Final SIT Results with known issues
  • SIT Exemptions if needed
Baseline
CAT CAT CAT Strategy N/A
CAT CAT CAT Plan N/A
CAT CAT CAT Approval (Includes documented Stakeholder Approval to Proceed for Tollgate) Baseline, Tollgate
CAT CAT Documented Tollgate Meeting Minutes Tollgate
CAT CAT Updated RTM
  • Final CAT Scripts
  • Final CAT Results with known issues
  • CAT Exemptions if needed
Baseline, Tollgate
All Phases All Phases C&A Artifacts as called out in AS-805A N/A

PROCESS INPUTS/OUTPUTS

Baseline artifacts are mandatory and must be uploaded.

Inputs

All artifacts listed in the Process Description section

Outputs

Verify that artifacts are uploaded to the TSLC Library: Verify that all artifacts, with emphasis on Baseline, Tollgate, and PCI/SOX (if applicable), are uploaded to the TSLC Artifacts Library.

SUPPORTING DOCUMENTATION

Access supporting documentation from ITWEB (Internal):

Access Supporting Documentation from USPS.com (external):

REVISION HISTORY

Version
Date
Description of Change
1.0 05.10.2013 Agile and Waterfall processes combined; updated for Tollgates, PCI, and general compliance; ownership of TSLC processes transferred from Manager, Solutions Development and Support, to Manager, Business Relationship Management.

Note:
This document is Section 508 compliant.
1.1 08.16.2013 Scope, Process:
Updated to clarify that the Requirements must be approved, not the Requirements Traceability Matrix document.
1.2 03.18.2014 Process Description:
Removed baseline indicator from RTM for Sprint 0/Requirements phase.
1.3 02.10.2015 Process Description:
Removed PCI Impact Assessment artifact requirement. PCI Impact Assessment is retired.
1.3.1 06.15.2015 The annual review for functional accuracy and current PCI DSS requirements has been completed: No changes. CR 81805
1.3.2 06.26.2015 Non-substantive update: Update CR for annual review. Remove link and version of PCI DSS.
1.3.3 03.14.2016 Annual Review: No changes. The annual review for functional accuracy and current PCI requirements has been completed. CR 154951
1.3.4 10.31.2016 Annual Review: The annual review for functional accuracy and current PCI requirements has been completed. CR 223948
Powered By OneLink