Risk Mitigation

The Galactic Customer IT Services is an IT support company with over 250,000 employees with companies in 50 States with the main headquarters located in Gainesville, FL. The location chosen for the headquarters is based on a Telco Gateway Infrastructure that the main fiber-optic trunk line runs along the I-75 corridor, from Miami Lakes FL to the most northern part of Michigan. This I-75 corridor plays an important part of the Networking ability for the organization. The Galactic Customer IT Services is an IT support company, which provides IT support to various small to large companies both within the Unites States and support to various military bases overseas. This large customer service company has installed an application software to its large Help Desk ticketing system.

The next phase to implement is the upgrading of its Networking Infrastructure. This Organization has several new updated Servers ready to install on the network. With the previous project being accepted the organization has decided to move forward to improving its networking infrastructure, however the organization has requested that the project team to draft a plan that requires the following in the plan: Requirements, Design, System Development Methodology, WBS (Work Breakdown Structure), Communications Plan, Quality Assurance Plan, Documentation Plan, and Quality Assurance and results of test-case execution be the project can be closed.

I75 Corridor

http://gregkantner.com/blog/wp-content/uploads/2012/05/interstate-75-map.gif

The project requirements will come from the software requirements for the Galactic customer services. The project was to create a new ticketing software that the customer wanted upgraded and to completely replace the previous product. The requirements are the following:

• Ticket system

• Ticketing automation forwarding system

• VoIP system for out of country calls

• Application that delivers automated workflow

• Application that handles auto-updates and simple to intermediate patches

The ticketing system that we have to create has to follow the design that the stakeholders and owners expect. A ticketing system that needs to be omni-channel supported, which is a type of support that gives the customer using the product the ability to utilize the application from any multiple sources. This includes phone, email, self-service ticket creation via application, and walk-in visits to the company itself. (Andrews, 2019)

This application requires a section that allows the system to process incoming tickets and to be able to route the ticket to the appropriate IT support personnel. This system will require the capability to allow the user to select in detail what their issue is, select the department the issue pertains too, and also select the level of importance the user the believes the issue is. However, the end-used will not decide the level of importance, the automated system will determine the level of importance by keywords located in the ticket and which section the ticket is for. (Andrews, 2019)

The VoIP telecommunication is crucial to the company’s success of providing adequate care to its overseas and out of state clients. Companies that must call into the main HQ in Gainesville, FL, do not want to spend the extra money for long distance phone calls. Instead the stakeholders have insisted on requiring an easier more cost-efficient way of telecommunication for the long-distance entities. VoIP will utilize a private VPN that will allow the client and HQ to speak directly with each other over the internet rather than use a phone company that will hike up prices of telephone usage. (Unknown, 2019)

The application portion of the software will be able to create self-service tickets while also being able to create and recommend updated software while providing the adequate information to patch the current software if needed. This is a valuable part of the software because it allows the end users the ability to fix issues and low-level problems themselves or have the automated service patch the issue if possible. Having that service will provide the client and the service provider to spend more time on conducting business as usual instead of losing time and money waiting to speak to an operator or having their ticket cleared.

.

Below is a design diagram that I did for the team project from the last course, as you see it was for an online ticketing application. As seen, you have customers that can communicate to the customer service group via the Internet, which will connect by way of a secure VPN that links to the online ticketing application, which connects to the ticket automation part of the system and sends tickets to customer service operators. As you can see the system is simple and yet can be complicated.

Figure 1: Drafted and Imported from my Smart Draw Software 16 November 2019

Now the team is working on the Networking portion for the organization. The organization will have to send out service technicians to customers for issues that are not resolved by remote access for customers that the help deck could not resolve. Even though the main hub is in Gainesville, FL there is a remote site in every State located in one of the major cities. Below is a diagram depicting a replica of the network that will connect all areas where trouble tickets will print for the service technicians.

Figure 2: Drafted and Imported from my Smart Draw Software 16 November 2019

The ticketing application servers will be in Gainesville, Florida. The network will consist of Voice over Internet Protocols (VoIP), IP routing, DS3 lines to the ISPs (Internet Service Provider) HTML protocols will be in use and the HTTPS protocol. The Organization will be utilizing Secured Virtual Private Network services.

For the creation of our network that will work with the Galactic Customer Service unit we will implement the Waterfall methodology. This method is a slow starter but once it gets in the design and development stages it fairs great because of the long planning. The waterfall approach begins with multiple meetings that allows the stakeholders, owners, dev team, and customer to brainstorm and come up with detailed plans to ensure that the entire project is open for viewing from beginning to end. The reason for this choice is because the very detailed structured documentation of the project. (Rouse, 2019) This structure allows our group to follow step by step to ensure the success of the project and guarantee that nothing gets overlooked. The planning stages increases the efficiency of the project while allowing all avenues open to view. This is to include all risks and threat factors. During the planning stage, the group will come together to discuss probable/possible risks that could come along during the development stage. Once all factors meet satisfaction, then the plans made available to create a risk mitigation process. (Rouse, 2019) This will allow the team to know how to mitigate/avoid certain risks that come along.

Another factor in choosing this method is the fact that the personnel on the development team can be interchangeable. This means that if six people start the project and one or two decide to leave or let go, the process can continue as planned. This works well also if other people come in to fill those vacant position. It allows the process to continue as planned without a lag in the development process because of the detail in the plans. With the way our remote communication is set-up, communication issues are sure to occur. With that being said, the waterfall method is the appropriate choice because the approach is our way of risk mitigation.

Collection of data and analysis will merge at the same time in the planning phase, which will help to establish the needs of stakeholders. The process is supposed to take one week where the project crew will collect all the information from vendors, customers, and stakeholders. This will help to decide the features expected from the program. The next process is coming up with integration tools and this step will take approximately 3 weeks due to the complex nature of the process.

Time and cost should be well managed and thus testing and development of the project features will be conducted simultaneously. Actual testing of the application on vendors and customers will provide real-time support that greatly aids in the development and implementation of security measures to reduce risk. Real-time support also helps greatly to reduce the effects of malfunctioning on the business and also try to establish the vital features that may not get into the development phase. This phase will take no more than 3 weeks to complete. The development team will actively fix any malfunctioning of the application.

The last process is monitoring how the application is performing. The team will offer oversight for support for example database administration or cloud-based services. Cloud-based services always have various security features in place to ensure information communicated through the network resource is reliable and secured properly (Dennis, 2018).

The system will utilize the use of automated response system which will always ensure that customers and vendors get real-time as well as proper company support using well-organized customer service. The applications design is in a way that whenever a customer logs into the system, there is an automatic query popping out prompting the customer to chat with the client about anything they may wish to enquire about the company.

Customer satisfaction is very essential; therefore, there is the need to properly track customer and client communication. To ensure there is monitoring, the application will have to always produce a copy of the communication between the companies; client and other users. This will easily provide an oversight authority for tracking the communications there; the business managers can check if the clients are useful to the business. This approach is very beneficial in determining if the application effectively provides customer satisfaction.

The alignment of stakeholders’ requirements and the applications design will ensure the organization has attained operational effectiveness. The organization will attain improved productivity if the customer service application is working properly (Lin, 2007).

Regarding the quality of communication, the application architecture, which it put together in model form in a way that response will give the preferred quality assurance to the customers by the utilization of automated systems. Using automated alert applications in the automation strategy will ensure that customers’ issues are properly and in time. Communication quality will enhance ability by ensuring every stakeholder’s requirements meet their expectations since different people have different interests. Additionally, it also aids in ensuring the right design gets put together properly.

Table 1

The objective of our Quality Assurance plan is to create a product that has these qualities (Spacey, 2017):

· Stability

· Availability

· Reliability

· Timeliness

· Accuracy

· Durability

To ensure that our product meets those criteria, we have decided to implement these specific objectives to produce the best product for the customer. The objectives are as follows:

· Connection speed should allow fast VoIP connection and create and easy connection for customers/employees to utilize the ticketing system.

· Front-line employees should have adequate training on new network capabilities and its usage.

· Ticketing system should connect to the network within the building in approximately 30 seconds while the outside connectors should only experience a 1-minute delay depending on the connection speed of their internet service. **Allow for up to 2.5 minutes with a 50Mbps internet speed connection**

· Employees should be able to connect to the network 99.99% of the time.

· The new network should accurately (90%) deliver service to the customer service application to allow employees the ability to actively connect to satisfy their customer incident reports.

· Network should not experience any drops of service during business peak hours.

· Maintenance needs adequate training and have a 1-2-hour response time, either remotely or if need physically.

Our company is looking to provide a service that is 100% defect free. We will continue to monitor and test until the system is working at the levels that meet the customer’s requirements and our own.

After the objectives are in place it is time to put a QA team together. Once we have the team together, we will then assign roles. Each role has a specific duty that needs assigning to team members where they need to follow the detailed specifications outlined in the requirements and specification phase of the waterfall method (Unknown, 2018). The roles are breaking down in the following matter:

QA Manager (QAM): The QA Manager responsibility will be to supervise the actions of the members of his/her team. He/she is responsible for selecting the members of his team and providing them with the job assignment that fits their skill set. The QA Manager will be the person that is responsible for creating and disseminating the final report for the QA assessment.

Manual QA Engineer (MQAE): The responsibility of the MQAE is to develop the software/hardware needed in order to manually test components and/or separate sections of application software.

Test Automation Engineer (TAE): The responsibility of the TAE is to develop the software that will be using to conduct the portions of the system that run automatically.

Business Analyst (BA): Acts as the liaison between the upper management and the QA teams. Ensures that the application and the network it runs on is meeting expectations.

QA Analyst (QAA): The QAA is the person that goes beyond the testing and does an evaluation of the network. It’s often said that this member of the team goes off script to see if they can find anything that unusual with the product.

(Eisenberg, 2019)

In terms of coordination, this basically involves making sure that the QA plan does not overlap or contradict another plan in place. It is vital that we plan and check with other plans in the work such as risk management plan. The QAM will be responsible to ensure that the QA plan does not contradict another plan and vice versa.

The objective of the unit testing plan is to provide the team doing the testing the help needed in validating the quality of the software that is in the testing phase. It also helps those outside of the testing team like developers and others involved in the process. “In the test plan there are important aspects that are documented such as test scope, test strategy, and test estimation.” (Guru99, 2019) Unit testing is one of the levels of testing within a quality assurance plan. In my opinion it is the most important of all testing sequences. It is the first level of testing. The testing is done in individual units or components, whether it is software or any other type of product being in development. The main purpose of a unit testing plan is to validate each unit of a product or software meet what the design is to do.

Within the Unit Test Plan there are test cases that will need documenting and each one scheduled. I will show ten major test cases relating to this project shown in a table form.

Integration testing will test the integration of each module using the Bottom-Up Approach. This will test each module by testing each child module with the parent module. This will be an efficient way to find errors, bugs, and other problems between each module.

Regression testing will consist of two phases:

Phase 1 (Partial Test) – When a new update/feature when added to the system, the team will test the modules it directly affects. This will help identify early bugs and errors. If the test results in no errors, then the full testing won’t happen. If bugs/errors occur or if the system fails to operate after, we will proceed to phase 2 testing.

Phase 2 (Full test) – The system test, will help identify bugs/errors across the entire system.

First, a quality metric is an objective measure of a product or processes quality. Using quality metric measurements will allow the user to quantify the quality of a product and or process, which is comparing it to a particular value. There are several quality metrics that developers use in the development of products, processes, and projects. The type of quality metric that the team will use in this project are as follows:

Product quality metrics

· Mean time to failure

· Defects

· Customer issues

· Customer Pleasure

Process quality metrics

· Defects during network testing

· Defect arrival pattern during network testing

· Phase defect removal

· Effectiveness of defect removal

The main source of input for system defects or irregularities will be the internal Quality Assurance Team, the idea is to catch any major defects with the system before the users of the system notice them. If a User reports a defect, it’s given a higher prioritization for repair than one reported by the internal team. This is to fix any issues in the practical function of the program, allowing business to continue to operate with minimal impact from system errors (Ivanova, 2019).

To assist the quality assurance team in their task of examining the system for potential defects, there are several formulae that will help compare the system’s current performance to ideal thresholds. These will also assist in informing other quality metrics like the total bug count, the defect removal efficiency rate or DRE and the Bug burn down (the projected amount of time to close out all remaining bugs in the system).

Tracking the DRE will show how effective the QA team is at removing bugs from the product before they effect the experience of the end user, represented as a percentage. The Calculations made by taking the number of bugs found in development and dividing that by all the bugs found in both production and development then multiplying by 100 to get the percentage of DRE (Arnold, 2019). Keeping track of this number will give a good representation of the team’s ability to get ahead of potential issues as well as provide valuable data on bug burn down, BBD.

BBD is a projection used to determine the potential length of time the QA team will need to research and fix open bug tickets, based on the average closure amount over the previous lifecycle of the project (Data, 2017). If there are 100 open bug tickets and after 5-weeks, 10-tickets closed per week, you could average it would take another 5 weeks to finish the bug tickets. If the project has a completion date within 4 weeks, you could use that project to assign extra resources to accomplish the task sooner.

Measuring the fixed defects percentage will also assist in tracking the success of the QA team in repairing the bugs reported by users or QA testers and should be under review by management to determine overall quality and success. Calculations made by dividing defects fixed by defects reported and multiply by 100 to get the percentage.

To assist the quality assurance team in their task of examining the system for potential defects, there are several formulae that will help compare the system’s current performance to ideal thresholds. These will also assist in informing other quality metrics like the total bug count, the defect removal efficiency rate or DRE and the Bug burn down (the projected amount of time to close out all remaining bugs in the system).

Tracking the DRE will show how effective the QA team is at removing bugs from the product before they effect the experience of the end user, represented as a percentage. The Calculations made by taking the number of bugs found in development and dividing that by all the bugs found in both production and development then multiplying by 100 to get the percentage of DRE (Arnold, 2019). Keeping track of this number will give a good representation of the team’s ability to get ahead of potential issues as well as provide valuable data on bug burn down, BBD.

BBD is a projection used to determine the potential length of time the QA team will need to research and fix open bug tickets, based on the average closure amount over the previous lifecycle of the project (Data, 2017). If there are 100 open bug tickets and after 5-weeks, 10-tickets closed per week, you could average it would take another 5 weeks to finish the bug tickets. If the project has a completion date within 4 weeks, you could use that project to assign extra resources to accomplish the task sooner.

Measuring the fixed defects percentage will also assist in tracking the success of the QA team in repairing the bugs reported by users or QA testers and should be under review by management to determine overall quality and success. Calculations made by dividing defects fixed by defects reported and multiply by 100 to get the percentage.

The likelihood of damage, threat or hardship and some other mischief realized by inside or external liabilities is known as a risk. It is powerlessness where neither the probability nor the technique for occasion is known (Jacoby and Kaplan, 2013). Various sorts of risks can occur in an undertaking. These are; cost perils, plan threats, and the introduction risks. Despite the way that there are others that can happen, these are the most generally perceived ones. Errand threats consolidate both internal perils and the risks which are insane.

Positive risk is a questionable circumstance that prompts a gainful result. A negative risk then again is one that outcomes in a misfortune (Doherty, 2000). Cost, execution, preparing, plan and legally binding dangers are on the whole negative dangers. They are dangers instead of chances

Utilized for recording risks, is a risk register, the guides made against that risk and the administration of each risk (Funtowicz and Ravetz 2010). The register is basic to fruitful administration of dangers. Likelihood and effect lattice are the way toward surveying the probabilities and significances of dangers when they occur. Each risk evaluated on its probability of event and the effect on a target on the off chance that it occurs. It very well may be in use in my task to characterize the degree of the dangers that can emerge and the likelihood against the outcomes of the dangers. It can combine both parts onto a similar scale.

A=high (rating 100)

B=medium rating (rating 50)

C=low (low rating 10)

Probability occurrence (in percentage)

A= 80-100

B= 60-80

C=30-60

D=0-30

Risk in a development project is unpreventable. As much as one may prepare totally, certain perils may happen due to unavoidable conditions. Perils either present minute or long stretch to the security of the people, prosperity and condition, are immaterial. This risk could either have a negative or constructive outcome on the endeavor if it occurs. It may have in any event one reason and besides at any rate one impact.

The strategy of risk management the board is a total commitment (Froot, Scarfstein and Stein, 2013). The legally binding specialists and the assignment group need to work inseparable to ensure that the vulnerabilities reduced or oversaw appropriately. The critical responses to risks join controlling, enduring, help, move, sharing, avoiding improving and abusing.

The team members have decided to develop three user documents for three audiences. The audiences selected are Management, Network/System Administration, and the end-users. In this Phase the team will be developing the templates necessary for the information that the three audiences will need. Some of the information will be technical in nature, Instructional in nature and informational in nature with diagrams where necessary. The development of the documents started on November 28, 2019 with the template for each audience to be complete by December 04, 2019. The full audiences’ documents are expected to be complete by December 17. 2019.

The management documentation (beta version) will be disseminated before the product is complete. It will more than likely be created while the project is in the development phase. However, if there are any changes to the product after the management manual is complete and disseminated then the team will amend the manual and produce hard copies in order for the managers to take home and study before they have to become compliant on the new equipment. The timeline is to be in production two weeks after the December 17th date. Final copies to be complete and giving out a week after completion of project.

Upon completion of the product, a manual for the network admins will be created and disseminated via email. This document will provide the user with the ability to know the ins and outs of the network and how to troubleshoot the system if need be. We believe that the document should be given out via email and a hard copy should also be produced in case of a situation where the admin does not have access to the computer to complete the troubleshoot. Timeline for product dissemination is after the December 17th date but further down the line where the project is also complete, preferably a week after product completion to give time to make edits to the document.

The end user manual is the most detailed manual that we have decided to create. It does into full detail on how to operate, troubleshoot, install, and perform routine maintenance. This document has a completion date of December 17th, 2019 as well. However, dissemination will not begin until the project is complete, and all tests have passed audits. This manual will need to be in review and tested for cohesiveness in order to pass the requirements expectation. Once that is complete, we expect the document to be ready for release about a month before launch of new system.

The purpose of this Document Control Plan for the company ISI is to keep accurate records on the current and past methodologies, used during the creation and maintenance of the current hardware systems being used. This should include a list of personnel that have or continue to make changes to the system. The plan should be reviewed annually to keep current with advancing technology and evolving business practices.

Sections that are currently being worked on will be identified by a version number, time stamp and an employee code to identify and trace the work being done. Official Documentation should be marked as such, with signatures on approvals updates or changes being made only by the project team’s lead. Changes to documents should be marked to identify physical or electronic to update the appropriate area and track any changes being made (F, 2018). An additional table of contents should be provided for any sub along with image and video references in the sections where applicable.

Document creation, updates or approvals will be performed by the Network System Administrator and authorized then released by the Management. The IT staff will be responsible for the completion and hard copy storage of new materials. Management will determine what information is accessible to the different versions released to different Users.

The categories of documents include but are not limited to Project Administration, Presentations, Cost Analysis Breakdown, contracts, employee assignments, version tracking, help sections and research materials.

The Storage of the documents, once created, will be handled by management to ensure the secure storage of sensitive materials. Hardcopies stored will also include any official project materials, including contracts, contacts proposals and licenses. Electronic Versions will include copies of the materials above, and will be identified clearly by name, date, version number and uploader. These will be materials will be sub sectioned by project folders in the database that will be clearly identified by the Projects name and subsequent version.

The different versions of documentation will be maintained in the same manner by staff, though the availability of information in the documents will be different. Management will be provided with the complete contents of the documents provided, including any sensitive or proprietary information to be able to formulate administrative or financial changes and respond to various interests. Network System Administration, or NSA will be provided a document oriented at the system itself, with less emphasis on financial interests and sensitive information not directly impacting the projects operations (Akinci, 2010). With multiple clearance levels on the NSA staff, each employee login will provide the appropriate clearance to view the sections needed for that job code. Policies, procedures and included forms are

End Users will be provided the least technical documentation on the back end of operations with a focus on the appropriate uses and available functions of the systems applications. The emphasis is instead placed on the order of operations and the types of information the system can process. The help section should also be more robust with outside reference materials, training videos and help contacts.

Management will be able to manually submit requests for updated project information at any time. In addition, weekly scheduled project reports will be provided during the projects inception and monthly maintenance session reports to track scheduled or emergency changes made to the system by the NSA or IT support team. Once completed the updated version link will be sent to those with appropriate access for review and release. New additions to the hardcopy files should be added into the existing files by management and tagged to the applied version.

Network System Administration is responsible for assigning IT associates to the completion of the project reports required. Once completed, the documents will be reviewed for accuracy of information and conformation to the document control standards. This should include, associates name and title, a summary of the reported work, the information changed, the date and the version number. The associate will alert their admin by email when the work is completed to be complied into the new version.

End Users will be alerted by email or program startup when a new version of the help or instructional documents are changed or updated. The updates and changes to the User Documents will be scheduled for once every six months, to be made by the IT support team, following the procedures outlined above. The NSA will approve, or request changes then the contact will be put into place by the Management to ensure the security, availability and accuracy of the materials supplied.

From: Connie Farris and Development Team

Date: 12/02/2019

Subject: Design Plans

Table of Contents