System Retirement Process

PURPOSESCOPEPROCESS DESCRIPTIONPROCESS INPUTS/OUTPUTSSUPPORTING DOCUMENTATIONREVISION HISTORY

Process Owner: Manager, Business Relationship Management

Note: An owner must be a PCES-level manager.

PURPOSE

The purpose of this document is to define the process used to retire a technology solution from the Postal Service Technical Environment. This process also includes identifying activities, coordinating stakeholders, and ensuring that all affected users are accounted for in retiring the system.

SCOPE

This process must be used to retire any Postal Service production technology solutions, regardless of whether they are hosted by Postal Service or contracted vendors.

Each system has an associated Enterprise Information Repository (EIR) number. This process includes retirement of that EIR number, as well as retirement of the system.

PROCESS DESCRIPTION

  1. Complete request and obtain approvals.

    Note: The BRM PM may assign a designee to complete and obtain approvals for the forms in this process. However, the BRM PM must be the Requestor.

    The Business Relationship Management Program Manager (BRM PM):

    1. Designates a system to be retired and completes the Request for Approval in Part A of the System Retirement/Removal Request and Certification Form.

    2. Obtains the required approvals as stated in the System Retirement/Removal Request and Certification Form.

    3. Uploads the completed form to the Program Level in the TSLC Artifacts Library in the System Documentation / EIR / EIR Retirement folder.

    4. Completes and submits a SOX Impact Assessment (SIA) for SOX in-scope systems.

    Note: The approved SIA is stored in the Retirement Project in the TSLC.

    Removal Process

    In selected cases, EIR entries may be set to "REMOVED." These conditions typically apply when the resource is no longer required to be tracked in the EIR and does not require the actual removal / archival of hardware or corporate data as outlined in the AS-353 Guide to Privacy, the Freedom of Information Act (FOIA), and Records Management. These conditions do not apply when an eAccess resource(s), database(s), or application has been developed, is in production, or has TSLC artifacts.

    Examples include but are not limited to EIR entries that are:

    • Duplicate or redundant entries to an active EIR entry.

    • For a system under development that was discontinued by the business owner (customer).

    • Wholly related to systems not operated, managed, or in any way under the purview of the US Postal Service.

    These types of retirements require completion of the "Removal" areas of the System Retirement/Removal Request and Certification Form, including all required approvals. Continue with step 7.a.

  2. Develop requirements.
  3. The Technology Solution Coordinator (TSC) coordinates with the Technology Solution Provider (TSP) to evaluate the system to identify all components that will need to be addressed to retire the system. Documents such as the system design document, host diagram, and other system documentation may be used in developing the requirements for retiring the system.

    System Retirement must include (but is not limited to) coordinating and completing the tasks that are listed on the System Retirement/Removal Request and Certification Form, as applicable.

  4. Have coordination meeting.
  5. The BRM PM coordinates this task.

    Engage all TSPs who support components as identified in the preceding step and review requirements.

  6. Develop and finalize project plan and cost estimate.
  7. The TSP provides drafted project plans and cost estimates to the TSC. The Technology Solution Project Manager (TSPM) and TSC evaluate the project timeline and interdependencies and develop a finalized project plan.

  8. Execute the project plan.
  9. The TSC manages execution of project plan with TSP(s).

    Note: All Change Requests (CRs) associated with the retirement process are listed in the Retirement Project in the TSLC Artifacts Library.

  10. Perform validation.
  11. Each TSP provides the TSC with written confirmation (email) upon completion of decommissioning system components.

  12. Certify retirement, update EIR, document retirement.

    1. The BRM PM:

    2. The IT CMO reviews the uploaded system retirement artifacts and if the artifacts are:

      • Completed properly, notifies the EIR Admin. Continue with step c.

      • Not completed properly, notifies the BRM PM. Return to step a.

    3. The EIR Admin updates the EIR status to "Retired" or "Removed."

    Note: Retirement documentation for systems retired prior to December 15, 2013, may be requested via email from ITWEB if the documentation is not available in the TSLC Artifacts Library.

PROCESS INPUTS/OUTPUTS

Note: An asterisk (*) denotes a Baseline requirement.

Inputs

Outputs

SUPPORTING DOCUMENTATION

Access Supporting Documentation from ITWEB (internal):

Access Supporting Documentation from USPS.com (external):

REVISION HISTORY

Version
Date
Description of Change
1.0 N/A Initial release.
2.0 09.15.2010 Scope, Process Description, Process Diagram, Process Relationships, Supporting Documentation:
Updated to add System and EIR Retirement to the TSLC process.
3.0 11.18.2010 Process Description, Process Diagram, Process Inputs/Outputs, Process Relationships, Supporting Documentation:
Added SOX Impact Assessment to Retirement process.
4.0 04.01.2011 Purpose, Process Diagram, Process Inputs/Outputs, Process Relationships, Supporting Documentation:
Added reference to eAccess Resource Retirement Requirements template.
5.0 01.23.2012 Introduction:
Updated Process Owner to Manager, Solutions Development and Support, to reflect current organization.

Process Description:
Added Removal Process; removed Exception Process. Corrected EIR@usps.gov address.

Process Description, Process Diagram, Process Relationships:
Removed “Develop CAT Scripts;” added indicators and text for baseline artifacts.

Process Diagram, Process Relationships:
Added text in non-displayable format for Section 508 compliance.

Process Inputs/Outputs:
Removed reference to eAccess Retirement Template. No longer required.

Process Relationships:
Added Governance/Compliance phase to TSLC Waterfall Process Relationship diagram; added Agile/Scrum Process Relationship diagram.
6.0 FY12/Q3 This document was made Section 508 compliant and was converted to HTML.
7.0 05.10.2013 Updated for PCI and general compliance; ownership of TSLC processes transferred from Manager, Solutions Development and Support, to Manager, Business Relationship Management.
7.1 07.25.2013 Purpose, Scope:
Updated to remove "Components" from Purpose and Scope statement and change "EIR Support" to "EIR Admin" throughout the document.
7.2 11.26.2013 Process Description:
Updated to remove EIR as a repository for System Retirement artifacts. All artifacts are now kept at the Program Level in the TSLC Artifacts Library.
7.3 03.18.2014 Process Description:
Replaced "customer" with "business owner (customer)" to define the customer as the business owner.
7.4 08.25.2014 Process Description:
Added steps for IT CMO to review retirement artifacts before the system is marked as retired in the EIR or in the TSLC Artifacts Library. Added requirement for Removal to complete “Removal” sections of System Retirement/Removal Request and Certification Form with signatures.
7.5 11.03.2014 Process Description, Supporting Documentation:
Added references to Configuration Management Policy and notification of CMDB during retirement activities. Removed list of activities and referred to System Retirement/Removal Request and Certification Form.
7.6 02.10.2015 Updated to clarify BRM PM responsibilities and remove project plan/cost estimate as baseline artifact. Removed references to PCI Impact Assessment artifact. PCI Impact Assessment is retired.
7.6.1 06.15.2015 The annual review for functional accuracy and current PCI DSS requirements has been completed: No changes. CR 81805
7.6.2 06.26.2015 Non-substantive update: Update CR for annual review. Remove link and version of PCI DSS.
7.6.3 03.14.2016 Annual Review: No changes. The annual review for functional accuracy and current PCI requirements has been completed. CR 154951
7.6.4 10.31.2016 Annual Review: The annual review for functional accuracy and current PCI requirements has been completed. CR 223948
Powered By OneLink