Sprint 0 / Requirements Process
Process Owner: Manager, Business Relationship Management
Note: An owner must be a PCES-level manager.
This document establishes standard processes for the Technology Solution Life Cycle (TSLC) Agile Sprint 0 and Waterfall Requirements phase within the Postal Service Technical Environment. It addresses both Agile and Waterfall methodology.
The final approved Technology Solution Requirements (TSRs) will serve as the foundation for the Agile Sprint 0-n process and the Waterfall Analysis and Design and Build processes.
The purpose of the Sprint 0 / Requirements process is to:
- Discover and document business and technology requirements to be used in
the development of a Technology Solution.
- Tollgate Process Only: Perform the “Baseline” Tollgate. See the
Policy for the Baseline Tollgate purpose.
- Ensure that the Certification and Accreditation Process is followed as
described in the Handbook
AS-805A, Information Resource Certification and Accreditation
- PCI in-scope only: Develop and Maintain Secure PCI In-Scope Systems and Applications.
This process applies to all:
Postal Service employees and contracted personnel involved in TSLC activities.
Postal Service technology solutions that require a production change to software code, data, or batch schedule processing. These include, but are not limited to:
All technology solutions and their components (hardware/infrastructure, software, database management services, and/or network) as authorized in the approved Requirements.
All services (including network, server, and mainframe) to be deployed in the Postal Service Technical Environment.
All maintenance releases for services and technology solutions to be operable in the Postal Service Technical Environment; maintenance releases include hardware, software, network, and database management system (DBMS) upgrades.
Implementation and/or configuration of Commercial-Off-the-Shelf (COTS) software.
- Other types of technology solutions may be required to follow the TSLC depending on the nature and scope of the change.
The Technology Solution Requirements process consists of the following subprocesses:
- Follow the Certification and Accreditation
- PCI In-Scope Only: Develop and Maintain Secure PCI In-Scope Systems and Applications.
- Create/Manage Initial Requirements.
- Develop Initial Requirements.
- Review and Approve Initial Requirements.
The Business Relationship Management Program Manager (BRM PM) coordinates this task.
For security-related processes and artifacts, follow the Certification and Accreditation Process as described in the Handbook AS-805A, Information Resource Certification and Accreditation Process.
The BRM PM coordinates this task.
Ensure that all requirements listed and referenced in the Develop and Maintain Secure PCI In-Scope Systems and Applications are met.
The BRM PM coordinates this activity.
This activity relates to the collection of all the TSRs associated with
business owner (customer) business needs. The requirements developed in
Sprint 0/Requirements are high-level requirements and address the initial
backlog for release.
While the Technology
Solution Requirements (TSR) TSLC template may be used to ensure that all
business and technical requirements are defined, the Requirements
Traceability Matrix (RTM) with requirements and approvals will become
the Baseline artifact in the next phase.
Note: The TSR is a checklist, not a format for a
The RTM facilitates stakeholder involvement in a release by tracing each
requirement from initial approval through System Integration Testing (SIT)
scripts and results and Customer Acceptance Testing (CAT) scripts and
results. If there is a CAT exemption, then the Post-Production Review (PPR)
test scripts and results must be included in the RTM. This is a mandatory
document for all releases. The RTM must contain or reference the
requirement ID, requirement description, design document title, SIT
script, SIT results, CAT script, and CAT results.
The RTM must be uploaded to the “Requirements with Approval and RTM”
folder under the "Requirements" parent folder. TSR/SRS (Software
Requirements Specifications) are optional as supplemental documentation.
All requirements in any supplemental documents must be included in the RTM.
The BRM PM is responsible for coordinating the creation and maintenance of
For Tollgate releases, the RTM must also be associated to the appropriate Business Needs Statement (BNS) in the Master Release Inventory TSLC Template.
The BRM PM coordinates review by all Solution Stakeholders, as
identified in the Change Control Board (CCB) Document, for validation of the
After all Solution Stakeholders have reviewed and agreed the requirements document is complete, Stakeholders approve the requirements as outlined in the CCB Document.
Tollgate Process Only: Conduct Baseline
Approved Requirements and initial RTM comprise the Baseline Tollgate. Approved Requirements, RTM, and Tollgate Meeting Minutes are mandatory outputs of this meeting.
Upon formal approval, the TSR is placed under change control. Any changes to the requirements document must go through the CCB process.
The following tasks are performed by the Technology Solution Provider (TSP):
Determine whether new hardware and/or software is required.
Complete high-level architectural design: EA Checkpoint 1 reviewed and approved, if required.
The BRM PM coordinates the following tasks:
Determine what functionality can be provided in each release/sprint.
Assign User Stories for early Sprints.
Establish testing strategy. Draft the following initial:
SIT and CAT Strategies. The Draft SIT Strategy and Draft CAT Strategy are developed early to support generation of accurate and committed cost and schedule. The Draft SIT Strategy includes the following information:
- SIT or CAT logistics (where)
- People resource requirements (business owner, IT, etc.)
- Data requirements (source and migration)
- High-level script strategy (functionality, performance, etc.)
- Hardware requirements strategy
- Backup requirements
- Initial SIT Plan and CAT Plan. The SIT Plan and CAT Plan include all
steps necessary to perform SIT or CAT: when and who will exercise which
scripts, the system jobs to be run, system backups, security procedures
to be followed, etc.
- Scope and establish the project team (project organization
- Revisit CCB Document and update to align with release planning if
Note: The CCB Document is under change control as described in the TSLC Initiate and Plan Process.
The BRM PM coordinates the following task:
Determine components to be procured. This process involves performing preliminary procurement activities such as making versus buying / analysis and procurement / award supplier identification. This information will be used in the development of the project cost and schedule.
The BRM PM coordinates the following tasks:
Assemble Cost and Schedule from the TSPs. The Technology Solution Coordinator (TSC) has up to two weeks to request, obtain, and compile the Technology Solution implementation costs and schedule milestones from the TSPs. Decision Analysis Reports (DARs) and large project Technology Solution implementations that will require longer than the two-week timeframe can request an extension in writing in advance from the BRM PM responsible for the Technology Solution. Though the Technology Solution costs and schedule milestones have been provided, the TSC continues to complete and obtain signoff on the Technology Solution design document.
- Technology Solution Implementation Cost and Schedule Business Owner
(Customer) Approval. Upon the stakeholder review of the cost and schedule
to develop the Technology Solution, stakeholders provide a decision to
proceed with the project. If approved to proceed, funding is then obtained
to support the rest of the TSLC processes (Sprints 1-n [Analysis and
Design/Build], SIT, CAT, and Release) in implementing the Technology
The BRM PM submits the SOX Impact Assessment (SIA) for SOX in-scope systems.
The BRM PM ensures that the following artifacts are uploaded to the TSLC Artifacts Library in the appropriate folders:
- Approved RTM (Tollgate)
- EA Checkpoint 1
- Documented Tollgate Meeting Minutes (Tollgate)
- Updated Master Release Inventory (Tollgate)
Tollgate process only: Artifacts must be uploaded within 10 business days of the Tollgate meeting.
Baseline artifacts are mandatory and must be uploaded prior to release to
production unless the project is following the Tollgate process. If Tollgate,
documents from the Tollgate must be uploaded within 10 business days. Baseline
artifacts are indicated in this document by an asterisk (*).
- All Requirements Documents for the release
- Documented Approval and Funding to Proceed
- Initial Project Plan
- Tollgate process only:
- Master Release Inventory
- Draft SIT Strategy
- EA Checkpoint 1
- SIA (Sprint 0 only)
- Tollgate process only: The following must be uploaded within
10 business days of the Tollgate meeting:
- Approved RTM (Must be uploaded to the Baseline Tollgate folder)
- Documented Tollgate Meeting Minutes
- Updated Master Release Inventory
- TSLC Policy
- Develop and Maintain Secure PCI In-Scope Systems and Applications
- SIT – CAT Exemption and Post Production Review Process
- Secure System Review Process
- System Retirement Process
- Handbook AS-805 Information Security [PDF] [HTML]
- Handbook AS-805A, Information Resource Certification and Accreditation Process [PDF] [HTML]
- Payment Card Industry Data Security Standard (PCI DSS)
Access supporting documentation from ITWEB (Internal):
- TSLC Processes [Agile] [Waterfall]
- TSLC Templates [Agile] [Waterfall]
- Application Development Standards
Access Supporting Documentation from USPS.com (external):
- TSLC Processes
- For access to the following documents, contact the US Postal Service. See
Publication 5, Let's Do Business for further information
about local US Postal Service contacts.
- TSLC Templates
- Application Development Standards
Description of Change
|1.0||05.10.2013||Agile and Waterfall processes combined; updated for
Tollgates, PCI, and general compliance; ownership of TSLC processes
transferred from Manager, Solutions Development and Support, to Manager,
Business Relationship Management.|
Note: This document is Section 508 compliant.
Updated to clarify that the Requirements must be approved, not the Requirements Traceability Matrix document.
Removed references to the Freeze Waiver as this is a Change Management requirement, not a TSLC requirement.
Replaced "customer" with "business owner (customer)" to define the customer as the business owner. Reworded description of RTM so it is not a baseline artifact in this phase.
Updated "baseline artifacts" statement to clarify that they must be uploaded prior to release unless the project is following the Tollgate process. If Tollgate, required Tollgate artifacts must be uploaded within 10 business days. Removed baseline indicator (*) from RTM.
|1.4||02.10.2015||Process, Process Inputs/Outputs:|
Removed references to PCI Impact Assessment artifact. PCI Impact Assessment is retired.
|1.4.1||06.15.2015||The annual review for functional accuracy and current PCI DSS requirements has been completed: No changes. CR 81805|
|1.4.2||06.26.2015||Non-substantive update: Update CR for annual review. Remove link and version of PCI DSS.|
|1.4.3||03.14.2016||Annual Review: No changes. The annual review for functional accuracy and current PCI requirements has been completed. CR 154951|
|1.4.4||10.31.2016||Annual Review: The annual review for functional accuracy and current PCI requirements has been completed. CR 223948|