Release Management Process


Process Owners: Manager, Business Relationship Management, and Manager, Solutions Development and Support

Note: An owner must be a PCES-level manager.

This document establishes standard processes for the Technology Solution Life Cycle (TSLC) Agile Release Management phase within the Postal Service Technical Environment.


Objectives of the Technology Solution Release Management process are to:


This process applies to all:


The Post-Production Review portion of the same SIT/CAT Exemption_Post-Production Review (PPR) Form that was completed for CAT Exemption must be completed any time that CAT is not completed. The entire form must then be uploaded to the TSLC Artifacts Library (Release phase / IT Change Request folder) within 5 business days of implementation. The form must include:

For additional information, refer to the SIT – CAT Exemption and Post-Production Review (PPR) Process.


The Technology Solution Release Management Process is composed of the following subprocesses:

  1. Follow the Certification and Accreditation Process.
  2. The Business Relationship Management Program Manager (BRM PM) oversees this task.

    For security-related processes and artifacts, follow the Certification and Accreditation Process as described in the Handbook AS-805A, Information Resource Certification and Accreditation Process.

  3. PCI In-Scope Only: Develop and Maintain Secure PCI In-Scope Systems and Applications.
  4. The BRM PM coordinates this task.

    Ensure that all requirements listed and referenced in the Develop and Maintain Secure PCI In-Scope Systems and Applications are met.

  5. Create the Pre-Implementation Plan.
  6. Stakeholders develop the Pre-Implementation Plan before promotion of the technology solution into the production environment. The Pre-Implementation Plan outlines which tasks need to be executed, when tasks are to be executed, and by whom.

    The Pre-Implementation Plan may also include such items as preparing for data migration, configuration settings, field training, contingencies, etc. The information from this planning step is included in the Change Request (CR) that will be entered into the IT Change Management system.

  7. Provide a Back-Out Plan or Back-Out Plan Exemption.
  8. The BRM PM oversees this process.

    Every release must have a back-out plan that documents the steps to be taken in the event that a release must be removed from production after implementation. If a back-out plan cannot be created for the release for any reason, the Back-Out Plan Exemption form must be completed and approved prior to the release. Back-out plans are mandatory and must be created for every TSLC release. The Back-Out Plan or approved Exemption form must be attached to the release CR prior to release approval.

  9. Execute the Release.
  10. The Technology Solution Coordinator (TSC) initiates the IT Change Management Process. This includes:

  11. Perform Post-Implementation Review.
  12. The BRM PM verifies that the release was successful and monitors the tasks developed in the pre-implementation step. This also includes a review so that identified problems might be prevented in the future or improvement to the processes can be made.

  13. Upload Documents to the TSLC Artifacts Library. The BRM PM ensures that the following artifacts are uploaded to the TSLC Artifacts Library in the appropriate folders. All Tollgate artifacts must be uploaded within 10 business days of the Tollgate meeting.


Baseline artifacts are mandatory and must be uploaded prior to release to production unless the project is following the Tollgate process. If Tollgate, documents from the Tollgate must be uploaded within 10 business days of the Tollgate meeting. Baseline artifacts are indicated in this document by an asterisk (*).




Access supporting documentation from ITWEB (Internal):

Access Supporting Documentation from (external):


Description of Change
1.0 05.10.2013 Agile and Waterfall processes combined; updated for Tollgates, PCI, and general compliance; ownership of TSLC processes transferred from Manager, Solutions Development and Support, to Manager, Business Relationship Management.

Note: This document is Section 508 compliant.
1.1 08.16.2013 Scope:
Updated to clarify that the Requirements must be approved, not the Requirements Traceability Matrix document.
1.2 03.18.2014 Process Description and Process Inputs/Outputs:
Added "if CAT was exempted" to the Final Requirements Traceability Matrix artifact listings.
1.2.1 06.15.2015 The annual review for functional accuracy and current PCI DSS requirements has been completed: No changes. CR 81805
1.2.2 06.26.2015 Non-substantive update: Update CR for annual review. Remove link and version of PCI DSS.
1.2.3 03.14.2016 Annual Review: No changes. The annual review for functional accuracy and current PCI requirements has been completed. CR 154951
1.2.4 10.31.2016 Annual Review: The annual review for functional accuracy and current PCI requirements has been completed. CR 223948
1.3 05.03.2017 Artifacts were updated as a result of the 2016 Lean Six Sigma effort to improve the TSLC process (approved by Manager, Business Relationship Management and Manager, Solutions Development and Support):
  • The Requirements Traceability Matrix (RTM) is no longer a required artifact. Customer business requirements with Approval replace the RTM and eliminate the need to upload redundant information.
  • Artifacts are now uploaded to the Release phase / IT Change Request folder prior to release to simplify navigation and increase efficiency.

Process Owner: Added Manager, Solutions Development and Support.

Removed references to Waterfall methodology. CR 269601
1.3.1 10.04.2017 Annual Review: The annual review for functional accuracy and current PCI requirements has been completed. CR 311546
Powered By OneLink