Technology Solution Life Cycle (TSLC) Policy

PURPOSESCOPEPOLICYSUPPORTING DOCUMENTATIONREVISION HISTORY

Policy Owner: Manager, Business Relationship Management

Note: An owner must be a PCES-level manager.

This policy provides formally documented management expectations and intentions.

PURPOSE

The purpose of this document is to provide the policy for the Technology Solution Life Cycle (TSLC). The TSLC is the Corporate Technology project methodology to be used to develop and implement technology solutions. The TSLC is a key component used by IT Governance to measure compliance to IT policies, processes, standards, and controls.

This document also outlines the elements of the Tollgate process for TSLC. The Tollgate process includes a series of Stakeholder coordination meetings that require Stakeholder consensus and approval to proceed to the next TSLC phase. Stakeholders for a given technology solution may choose to use the Tollgate process to increase visibility into the scope and progress of the release. Solutions that follow the Tollgate process will complete all TSLC requirements and, in addition, must hold a total of five meetings at various points in the TSLC process. These meetings are the Business Needs Statement (BNS), Baseline (Requirements), Design, Release, and Closeout Tollgates.

SCOPE

This policy applies to all:

POLICY

All Postal Service technology solutions that require change to production software code, data, or job or batch schedule processing must be developed and implemented with adherence to the TSLC Agile methodology as described in the TSLC Agile Processes. Waterfall methodology, as described in the TSLC Waterfall Processes, may be used only when documented approval is received from both the Manager, Solutions Development and Support, and the Manager, Business Relationship Management. The documented approval must be uploaded to the TSLC Artifacts Library for the project and stored in the Business Needs Statement folder.

All TSLC Events

A project folder must be created in the TSLC Artifacts Library for each TSLC project implementation. The TSLC project ID generated when the TSLC project is created must be entered in all changes submitted in support of a TSLC project. All final TSLC artifacts must be uploaded to the TSLC Artifacts Library prior to implementing changes to production and/or as stated in specific TSLC processes.

Exception: Execution of changes associated with Expedited Change Requests (CRs) or Critical Incidents allows two business days to load TSLC artifacts to the TSLC Artifacts Library.

The following policy statements apply to the Change Control Board (CCB) process:

Tollgates

The Tollgate process should be elected when the project involves critical, multi-stakeholder releases across the organization (i.e., scheduled releases for PostalOne! or PTS/PTR).

Any Vice President (VP) Stakeholder can elect for a release to follow the Tollgate process in addition to the TSLC process.

The following policy statements apply to all releases that follow the Tollgate process:

PCI In-Scope

All requirements listed and referenced in the Develop and Maintain Secure PCI In-Scope Systems and Applications and in the TSLC processes must be met.

SUPPORTING DOCUMENTATION

Access supporting documentation from ITWEB (Internal):

Access Supporting Documentation from USPS.com (external):

REVISION HISTORY

Version
Date
Description of Change
1.0 N/A Initial release.
2.0 03.10.2009 Purpose, Policy:
Content updated.
3.0 12.23.2009 Policy:
TSLC Deliverables for Priority Urgent implementations now required within 2 business days.
4.0 11.02.2010 Policy:
Added System Retirement Process link.
5.0 02.22.2012 Introduction:
Updated Process Owner to Manager, Solutions Development and Support, to reflect current organization.

Policy:
Added “and/or as stated in specific TSLC processes” to upload prior to implementing changes to production statement; removed reference to templates as template use is not mandatory.

Supporting Documentation:
Updated to include Agile methodology.
6.0 FY12/Q3 This document was made Section 508 compliant and was converted to HTML.
7.0 05.10.2013 Updated for Tollgates, PCI, and general compliance; ownership of TSLC processes transferred from Manager, Solutions Development and Support, to Manager, Business Relationship Management.
7.1 08.16.2013 Scope:
Updated to clarify that the Requirements must be approved, not the Requirements Traceability Matrix document.
7.2 04.29.2014 Policy:
Added “Expedited CRs” to “Critical Incidents” as scenarios where TSLC artifacts may be uploaded up to two business days after implementation into production.
7.2.1 06.15.2015 The annual review for functional accuracy and current PCI DSS requirements has been completed: No changes. CR 81805
7.2.2 06.26.2015 Non-substantive update: Update CR for annual review. Remove link and version of PCI DSS.
7.2.3 03.14.2016 Annual Review: No changes. The annual review for functional accuracy and current PCI requirements has been completed. CR 154951
7.3 10.31.2016

Scope section: Added major software version upgrades.
Annual Review: The annual review for functional accuracy and current PCI requirements has been completed. CR 223948

Powered By OneLink