Project Brief ENT041
Revision History
|
Version |
Author |
Summary of Changes |
Date |
|
V0.1 |
Ross Marrins |
Initial Draft |
15/10/2018 |
|
V0.2 |
Ross Marrins |
Minor changes following internal review |
23/10/2018 |
|
V0.3 |
Ross Marrins |
Further changes following internal review |
06/11/2018 |
|
V1.0d |
Ross Marrins |
First external draft |
14/11/2018 |
|
V1.0 |
Ross Marrins |
Final Issue |
06/12/2018 |
Approvals
|
Name |
Role |
Position |
Date |
|
Alistair Fenemore |
Project Sponsor |
CISO, Information Security |
07/12/18 |
|
Graeme Wood |
Service Owner |
Head, ITI Enterprise Services |
16/11/18 |
|
Kenny MacDonald |
Senior Supplier |
Team Leader UNIX Services ITI Enterprise |
07/12/18 |
|
Murray Dippie |
Senior Supplier |
Team Leader Windows Systems ITI Enterprise |
07/12/18 |
|
Stratos Filalithis |
Senior User |
Head of Website & Communication Technologies, LTW |
|
|
Alex Carter |
Senior User |
Head of Service Management, Service Management |
|
|
Neil Bruce |
Senior User |
Head of Operational Services, USD |
|
|
Karen Wilson |
Programme Manager |
Programme Manager, ENT |
|
Distribution
|
Name |
Role |
Position |
|
Geoff Lee |
Senior User |
ECA Learning and IT Services Manager, representing CAHSS |
|
Victoria Dishon |
Senior User |
IT Liaison Officer (College of Science and Engineering), USD Directors Office |
|
David Perry |
Senior User |
Head of Scientific Computing, IGMM, representing CMVM |
|
Mark Lang |
Senior User |
Development Team Manager, IS Applications |
|
Stephen Quinney |
Senior User |
Senior Computing Officer, School of Informatics |
Background
The project brief describes the objectives, scope, timeline, deliverables and acceptance criteria for the ‘Authentication Improvements and Evaluation of Cosign Replacement’ (ENT041) project. The project has been initiated to work on a number of the recommendations from the Authentication and Authorisation report (Author: Graeme Wood, Version 1.1).
Scope
The scope of the project covers the existing EASE web application, implementation of a revised password policy and undertaking of a ‘Preliminary Market Consultation’ of single sign-on products with the view to replacing the current solution, Cosign.
The current EASE web application will be redesigned having a more effective design, adhering to University brand guidelines and web standards (EdGEL). These improvements will ensure a better and more streamlined user experience, and the application being less prone to being faked via phishing attempts. The password policy will be upgraded to make it stronger and the user experience will be improved by providing visual feedback when users are updating their password credentials. In addition, alternatives to the current Single sign-on (SSO) solution will be reviewed with the view to providing a recommendation for a long-term replacement.
Out of Scope
A number of the objectives identified from the wider Authentication and Authorisation review are not being included in the scope of this project, primarily:-
- Multi-factor authentication – not to be confused with multi-step authentication which is in scope. The use of multi-factor authentication is being reviewed as part of another project as a pilot initiative and the results from that will likely feed into the Cosign replacement project (that will follow on from this project). Note – multi-factor authentication in and of itself won’t cut down on compromised accounts. It will however prevent a compromised account being used to access University services that are protected by that control and this will remove a threat vector as that account won’t be able to send out further phishing emails that appear to come from legitimate users (those whose account was initially compromised).
- GDPR compliance – other projects and initiatives are already underway to ensure the correct level of data is retained and secured as required
- Extending Active Directory and EASE to the cloud to support services in the cloud in the instance of a complete failure of local (on premise) IT services
- Adoption of OAUTH2 as a common authorisation framework for service-to-service access control (already underway elsewhere)
- Audit and clean-up of Active Directory groups and integration of Active Directory with Identity Management (IDM) service group management tool – Grouper
- Provision of a mechanism to support document email singing and encryption
- Alignment of Active Directory and Central Authorisation service information release policies
- Replacement of Central Authorisation service with Active Directory
- Reviewing or updating any of the authentication/authorisation policies, that reside in the wider Information Security Policy Framework
- Hooking into the Notifications service (subject to a future phase)
- Procurement, Implementation or Migration of Services as part of the larger project to replace Cosign – this project is only concerned with the initial Evaluation stage.
Objectives and Deliverables and Success Criteria
The objectives and deliverables for this project have been split into three primary work streams:-
- EASE Redesign (W1)
- Security and Password Policy Enhancements (W2)
- Cosign Replacement – Evaluation (W3)
|
Objective |
Deliverable(s) |
Acceptance Criteria |
|
W1 - Improved Design and Functionality of the EASE application |
|
|
|
W1 - Strengthen Protection against Phishing |
|
|
|
W1 – Improved Operational Processes for Management of Authentication Services |
|
|
|
W2 -Improved Security across EASE/AD services |
|
|
|
W2 - Simplified Password and Account Management |
|
|
|
W3 - Evaluate Potential Cosign Replacements |
|
|
This table can be used through Business and Technical Analysis, Design, Build, and Testing/UAT as a Traceability Matrix to ensure the project brief project objectives and deliverables are followed through.
Requirements
The key requirements, aligned with the objectives and deliverables above, and the associated priorities and benefits are outlined below.
|
Ref |
Requirement |
MoSCoW |
Requester |
|
1.1 |
The EASE web application needs to be re-designed to adhere to current University web design standards (EdGEL) |
M |
Graeme Wood |
|
1.2 |
The existing EASE registration database must be encrypted to reduce the risk of data loss |
M |
Graeme Wood |
|
1.3 |
The EASE login page should be upgraded to utilise two-step authentication, by way of showing a pre-submitted artefact (e.g. image or text) to the user following username submission. |
S |
Graeme Wood |
|
1.4 |
Reduce the number of compromised EASE accounts |
C |
Graeme Wood |
|
1.5 |
EASE branding should be removed and replaced by generic University of Edinburgh branding on the sign-on website |
S |
Graeme Wood |
|
1.6 |
Provide functionality to allow the operational services teams to manage EASE passwords |
M |
Kenny MacDonald |
|
1.7 |
Delete obsolete EASE website/management source code |
M |
Kenny MacDonald |
|
1.8 |
Remove EASE printing infrastructure |
M |
Kenny MacDonald |
|
1.9 |
Use Second Challenge for EASE reset password web page |
M |
Kenny MacDonald |
|
1.10 |
Host the EASE application behind the existing Citrix Application Delivery Controller (ADC) aka Netscaler |
S |
Kenny MacDonald |
|
1.11 |
Improve EASE application authorisation settings (fixes and anti-phishing) |
M |
Kenny MacDonald |
|
1.12 |
Provide functionality to allow alumni passwords to be reset via self-service |
M |
Graeme Wood |
|
1.13 |
Add an arbitration node to the Galera Database DEV tier. |
M |
Kenny MacDonald |
|
1.14 |
Automate creation of EASE Friends Certificate file (.pem) |
S |
Kenny MacDonald |
|
1.15 |
A detailed technical specification (or updates to existing documentation) must be applied to the deliverables under this work stream |
M |
Ross Marrins |
|
2.1 |
Remove the option to opt-out of password syncing between Active Directory and EASE accounts |
S |
Graeme Wood |
|
2.2 |
Implement the revised password policy into the EASE and AD single sign-on services |
M |
Graeme Wood |
|
2.3 |
Create Active Directory accounts for applicants on application and not at unconditional final offer |
S |
Gavin McLachlan |
|
2.4 |
Provide visual feedback to users on password strength when users are setting/re-setting passwords |
M |
Graeme Wood |
|
2.5 |
Remove the ‘Secret Answers’ option from the EASE password reset function and replace with password reset email link to alternate email address |
S |
Neil Bruce |
|
2.6 |
Upgrade EASE Key Distribution Centres (KDCs) to SL7 on virtual machines from SL6 physical hosts. |
M |
Kenny MacDonald |
|
2.7 |
Remove Kerberos Single-DES Encryption and all legacy encryption standards from the EASE-AD trust link |
M |
Kenny MacDonald/Murray Dippie |
|
2.8 |
Implement intrusion prevention functionality (Fail2Ban) into the EASE service |
M |
Kenny MacDonald |
|
2.9 |
Remove Cosign v2 service registrations |
S |
Kenny MacDonald |
|
2.10 |
Remove cleartext data from EASE database |
M |
Graeme Wood |
|
2.11 |
Perform security testing using Nessus scan |
M |
Graeme Wood |
|
2.12 |
Ensure all authentication and personal data held by authentication services must be encrypted at rest |
M |
Graeme Wood |
|
2.13 |
Current management policy of encryption keys needs to be documented and improvements considered as required |
M |
Alistair Fenemore |
|
2.14 |
Ensure all communication between systems and users with authentication services is encrypted |
M |
Graeme Wood |
|
2.15 |
A detailed technical specification (or updates to existing documentation) must be applied to the deliverables under this work stream |
M |
Ross Marrins |
|
3.1 |
Formalise detailed requirements for single sign-on replacement service and perform assessment of the market |
M |
Graeme Wood |
|
3.2 |
Create a report detailing possible options for new SSO solution following undertaking of Preliminary Market Consultation exercise |
M |
Graeme Wood |
Benefits
The successful delivery of this project is expected to provide the following benefits -
- A more streamlined and user friendly single sign-on authentication service
- A more secure authentication service, underpinned by a strong password policy
- Reduced number of incidents of successfully phished user accounts
- Contribution to the ITI Enterprise Services roadmap through the evaluation of potential replacements for Cosign
Governance
Portfolio Governance
The following stakeholders are responsible for the overall governance of the ITI Enterprise Services portfolio.
|
Role |
Name |
Position/Team |
|
Programme Owner |
Graeme Wood |
Section Head, ITI Enterprise Services |
|
Service Owner |
Graeme Wood |
Section Head, ITI Enterprise Services |
|
Programme Manager |
Karen Wilson |
ENT Programme Manager, ISG |
|
Portfolio Manager |
Maurice Franceschi |
ITI Portfolio Manager, ISG |
Project Board
The following stakeholders constitute the Project Board for the project.
|
Role |
Name |
Position/Team |
|
Project Sponsor |
Alistair Fenemore |
Chief Information Security Officer, CISO Office |
|
Service Owner |
Graeme Wood |
Section Head, ITI Enterprise Services |
|
Senior User |
Alex Carter |
Head of Service Management, IS Apps |
|
Senior User |
Stratos Filathisis |
Head of Website & Communication Technologies, LTW |
|
Senior User |
Neil Bruce |
Head of Operational Services, USD |
|
Senior User |
Stephen Quinney |
Senior Computing Officer, representing School of Informatics |
|
Senior User |
Geoff Lee |
ECA Learning and IT Services Manager, representing CAHSS |
|
Senior User |
Victoria Dishon |
IT Liaison Officer (College of Science and Engineering), USD Directors Office |
|
Senior User |
David Perry |
Head of Scientific Computing, IGMM, representing CMVM |
|
Programme Manager |
Karen Wilson |
Programme Manager, ITI Enterprise Services |
|
Project Manager |
Ross Marrins |
Project Manager, Project Services |
Tolerances
The following project tolerances will be applied and these are outline below. Any deviation outside these tolerances must be reported for review and resolution to the Project Board.
- Cost – over +/- 10% of original budget
- Plan – slippage of over 4 weeks to current plan
- Scope – extensive addition or reduction from current scope
- Quality – refusal to approve a key project deliverable
Resources Skills and Cost
Budget
There is no capital budget allocated for this project.
The following allocations, in total days, have been estimated for the project team, in a project running from November 2018 to January 2020.
ITI, Project Services - 80 days - exact days will reflect development days below
ITI, Enterprise Services - 370 days - exact days for this project TBC by team leads
Applications, Service Management - tbc days
Applications, Development Services - tbc days – effort will be required to make changes to IDM
USD, section TBC - tbc days
LTW, section TBC - tbc days
Information Security - tbc days
Priority and Funding
This work has been identified as a priority 1 project within the ITI Enterprise Services programme for the 2018/19 session. Funding has already been outlined as per the sections above.
Project Team
Project Organisation
|
Role |
Name |
Position/Team |
|
Project Manager |
Ross Marrins |
Project Manager, Project Services |
|
Senior Supplier |
Graeme Wood |
Section Head, ITI Enterprise Services |
|
Senior Supplier |
Murray Dippie |
Windows Team Lead, ITI Enterprise Services |
|
Senior Supplier |
Kenny MacDonald |
Unix Services Team Lead, ITI Enterprise Services |
|
Solutions Development |
Martin Cassels |
Senior Computing Officer, ITI Enterprise Services |
|
Solutions Development |
Neil Cooper |
Senior Computing Officer, ITI Enterprise Services |
|
Solutions Development |
Scott Larnach |
Senior Computing Officer, ITI Enterprise Services |
|
Solutions Development |
Gavin Gray |
Senior Computing Officer, ITI Enterprise Services |
Key Project Milestones
|
Milestone |
Sign-Off means |
Date of Milestone |
Who signs-off (Accountability) |
|
Start of Project |
Project can begin, is in line with Programme and Portfolio priority, has resource |
15/10/2018 |
Project Sponsor, Programme Manager |
|
End of Planning |
Project Brief, High level timescales, Estimated Budget, Risks, Issues, Communication Plan - all approved. Project has resource approved by section head for the estimated effort. Project has funding for effort for other costs. |
21/12/2018 |
Project Sponsor, Programme Manager |
|
TBC |
|
|
|
|
TBC |
|
|
|
|
TBC |
|
|
|
|
Closure |
Project closure and lessons learnt |
TBC |
Project Sponsor, Programme Manager |
Assumptions
The following assumptions have been identified during the project initiation phase and are subject to change following the initial set of project meetings:-
- Adequate resources and skills will be assigned to the project to ensure work packages can be agreed and delivered to plan, to ensure the key milestones are met
- Every effort will be made to prioritise key technical resources to this project above other in-flight projects, excluding unscheduled BAU demand
- Suitable environments will be available for use for the duration of the project and no additional infrastructure is required to support this project
- The alternative email address will be known to (and recorded) in EASE to stop a random alternative address being entered
- For the security testing, Nessus scan is sufficient for the purpose of this project
- If the security testing requires external specialist support, ISG/InfoSec will have a framework in place that can be used to approach approved suppliers to provide this
Constraints
The following constraints have been identified during the project initiation phase and are subject to change following the initial set of project meetings:-
- Team members are not fully assigned and are working on other projects and BAU activities in parallel. This can be translated into a high-probability risk where priority of resources may go to BAU or higher-priority project work.
Risks
A risk log will be maintained to record and track all risks to resolution (via the projects website). Risk severity and impact, risk owner and planned mitigation date will be assigned by the project team. Major risks with close proximity need to be escalated to the project board via the project sponsor. The following risks have been identified during the project initiation phase and are subject to change following the initial set of project meetings:-
- The project deadlines cannot be met due to the volume or work and/or lack of skilled or available resources that need to be assigned
- Due to insufficient support from third-party teams, there is a risk this may impact on the work that can be achieved by the core project team, which would result in delays to the project milestones
- Due to insufficient funding beyond the 370 days allocated from the ITI Enterprise Services Section project budget, there is a risk that no additional budget will be found which could result in the project not being able to complete.
Issues
If and when they arise, issues will be recorded and tracked throughout the project (via the projects website). Issues that are not outside agreed tolerances should be resolved with the project team. Major issues need to be escalated to the project board for review and advice on resolution. Issue resolution that requires a major change to the project in terms of time, quality or cost needs to be approved under formal change management by the project board.
All project changes outside tolerances must be reviewed and approved by the project board. Project changes within tolerances can be managed with the project team.
Project work that impacts production systems or networks, as well as key implementation milestones, must be communicated with the requisite lead time to the ISG CAB for review and approval.
Previous Lessons Learned
A log will be maintained to record lessons learned throughout the project. This will be reviewed at the project closure meeting and passed to the PMO for review by future projects.
- No lessons learned from previous projects need to be taken into consideration for this project
Dependencies
The current key dependency for the project is the availability of resources from non-ITI teams to contribute to the project against the scheduled timescales. The availability of non-ITI team members will be reviewed and monitored throughout and appropriate risks/issues raised as required.
Communication
The following meetings and communication channels will be established to support the effective communication of project progress, risk management and escalations:-
|
Forum |
Frequency |
Participants |
Methods |
|
Project Meeting |
Fortnightly |
Project Team |
Meeting minutes, project plan, risks and issues log |
|
Project Board |
Monthly |
Sponsor, Senior Users, Project Manager, Programme Manager |
Meeting minutes, progress report, project plan, escalations |
|
Interim report |
Fortnightly |
All stakeholders |
Progress report – gap between project boards |
|
Project Report |
Monthly |
All stakeholders |
Projects website |
|
Ad-Hoc Project Updates |
As required |
As required |
|
|
ISG CAB |
As required |
Senior Supplier, CAB |
CAB requests |
Run / Grow / Transform
This has been designated as a Growth project.
Strategic Alignment
Student Experience
|
Student Experience |
Commentary |
|
Student experience and the unique Edinburgh offer |
Will benefit from improved password security features |
|
Online and distance learning leaders |
N/A |
|
Library national and international leadership |
N/A |
|
Research and Innovation |
|
|
Research IT and Data Sciences |
N/A |
|
Innovation |
N/A |
|
Collaborative leadership and social responsibility |
N/A |
|
Service Excellence |
|
|
Process improvement, efficiency, quality and best practice |
A more streamlined SSO process will be established; Enhanced password policies will be implemented, providing a more secure offering to students |
|
Long-term IS strategic planning and linked professional services |
Reduces confusion by de-branding EASE as a unique service; AD and EASE accounts will be linked providing a more seamless service to students; |
|
Information Security |
Provides increased password security and reduced number of successful phishing attempts |
Strategic Vision
University's Strategic Vision for 2025 the main elements of the vision that this project’s contributes have a commentary.
|
Vision Themes |
Commentary |
|
A unique Edinburgh offer for all of our students |
N/A |
|
All of our undergraduates developed as student/ researchers with clear, supported pathways through to Masters and PhD |
N/A |
|
All our students offered the opportunity to draw from deep expertise outside their core discipline |
N/A |
|
A highly satisfied student body with a strong sense of community. |
Support reliable and robust IT services |
|
Strong and vibrant communities within and beyond the University – making the most of our unique offer of world-leading thinking and learning within one of the world’s most attractive cities |
The authentication service supports multiple diverse communities including alumni, members of other institutions and the public |
|
A larger, more international staff who feel valued and supported in a University that is a great and collegial place to work, develop and progress |
N/A |
|
More postgraduate students – underpinned by the best support in the sector to ensure we attract the brightest and best regardless of ability to pay |
N/A |
|
A strong culture of philanthropic support focussed especially on our students and on outstanding research capabilities. |
N/A |
|
Many more students benefiting from the Edinburgh experience (largely or entirely) in their own country – supported by deep international partnerships and world- leading online distance learning |
N/A |
|
Sustained world leading reputation for the breadth, depth and interdisciplinary of our research supported by strong growth in research funding and strong international partnerships – drawing from well-established and less well developed sources An estate that matches expectations, responds flexibly to changing student and staff needs, and showcases the University |
The authentication service supports multiple diverse communities including alumni, members of other institutions and the public. |
|
A deeper and earlier collaboration with industry, the public sector and the third sector – in terms of research; knowledge exchange; and in giving our students the best possible set of skills for their future |
N/A |
IS Change Programme - How will this project's Deliverables and Benefits promote the Themes
|
IS Change Programme Theme |
Commentary |
|
Project Management |
Formal project management techniques applied |
|
Working Together |
Collaborative project between ITI, IS Applications, Information Security, LTW, USD and the three colleges |
|
Standards and Technical Leadership |
Process improvement, efficiency, quality and best practice |
|
Staff Learning and Development |
Exposure to modern web development techniques to ITI staff |
|
Service Based Culture |
Provision of more secure and user friendly services |
|
Equality and Diversity |
EASE web application will adhere to legislative accessibility standards |
|
Partnerships and Philanthropy |
N/A |
|
Flexible Resourcing |
Improved skills across the technical teams |
|
Communication and Branding |
Improved communications from ITI and consistent branding by removing EASE references |
Service Excellence - Information and Security
This project will contribute to improved security by implementing a strengthened password policy and introducing functionality to reduce the number of security incidents in relation to phishing and compromised accounts.
Service Excellence - Process Improvement, efficiency, quality and best practice (Social Responsibility and Sustainability)
The project will deliver…
Members of the ITI Enterprise Services team will retain ownership and ongoing support of the EASE infrastructure until a replacement is in place.
Digital Transformation
|
IS Change Programme Theme |
Commentary |
|
Digital Transformation |
N/A |
IS Change Programme - How will the execution of this project promote the Themes
|
IS Change Programme Theme |
Commentary |
|
Project Management |
Formal project management techniques applied |
|
Working Together |
Collaborative project between ITI, IS Applications, Information Security, LTW, USD and the three colleges |
|
Standards and Technical Leadership |
Process improvement, efficiency, quality and best practice |
|
Staff Learning and Development |
Exposure to modern web development techniques to ITI staff |
|
Service Based Culture |
Provision of more secure and user friendly services |
|
Equality and Diversity |
EASE web application will adhere to legislative accessibility standards |
|
Partnerships and Philanthropy |
N/A |
|
Flexible Resourcing |
Improved skills across the technical teams |
|
Communication and Branding |
Improved communications from ITI and consistent branding by removing EASE references |
Project Responsibilities
Project Sponsor
The project sponsor defines the overall objectives of the project and provides resources and budget to support project delivery. The project sponsor chairs the project board where project status is reviewed and escalations (risk and issues) are evaluated and remedial action initiated. The project sponsor communicates major issues such as a significant delay to planned project milestones to senior members of the user community.
Senior User
The senior user(s) is the recipient of the project deliverables and uses them on an ongoing basis. In this case, the senior users will be those teams and individuals that benefit from the deliverables listed earlier in this document.
Where required, the senior user(s) will provide resources to the evaluate, test and approve project deliverables
Senior Supplier
The senior supplier is responsible for providing the specialist resources to develop the products and services for the project within an agreed timescale to agreed quality and cost levels. They also identify key work packages that need to be developed to meet the project goals, providing time estimates for delivery and assigning the technical resources for this work. The senior supplier is responsible for communicating any risks or issues that arise during the development of work packages and works with the rest of the project team to mitigate these.
Project Manager
The project manager develops and maintains the project documentation, such as this project brief, and develops and tracks the project plan based on estimates and updates provided by the project team. Project risks and issues are managed by the project manager. Low and medium risks should be resolved within the project team. High risks need to be escalated to the project sponsor for review and remediation by the project board.
The project manager is responsible for ensuring communications on the project are sent out on time to ensure the user community and other stakeholders are kept up to date with progress on the project. Finally the project manager schedules project team and project board meeting at intervals agreed with members of the project team.
Project Initiation
The following activities, with responsibilities, need to be completed at project initiation.
|
Activity |
Responsibility |
|
Initiates project |
Project Sponsor |
|
Negotiates and confirms funding for the project |
Project Sponsor |
|
Ensures the project is in line with organisational strategy and priorities |
Project Sponsor |
|
Chairs the project board, appoints its members and ensures they are effective |
Project Sponsor |
|
Advises the project manager of protocols, political risks, issues and sensitivities |
Project Board |
|
Makes the project visible within the organisation |
Project Sponsor |
Planning
The following activities, with responsibilities, need to be completed at the project planning stage.
|
Activity |
Responsibility |
|
Works with the project manager to develop the Project Brief |
Project Board |
|
Ensures a realistic project plan is produced |
Senior User |
|
Sets tolerance levels for escalation to themselves and to the project board |
Project Sponsor |
|
Ensures project team has representation and engagement from users/suppliers |
Project Board |
|
Helps identify stakeholders |
Project Board |
|
Approves Communication Plan |
Project Sponsor |
|
Agrees on frequency of meetings with Project Manager |
Project Sponsor |
|
Agrees of frequency of meetings with Project Team |
Senior Supplier |
|
Agrees milestones and approvals |
Project Sponsor |
Execution
The following activities, with responsibilities, need to be completed during the project execution stage.
|
Activity |
Responsibility |
|
Provides strategic direction and guidance to the project manager |
Project Board |
|
Approves major changes to plans, priorities, deliverables, schedule |
Project Board |
|
Encourages stakeholder involvement and maintains ongoing commitment |
Project Board |
|
Assesses and provides resolution on major risks and issues |
Project Board |
|
Makes go/no-go decisions |
Project Sponsor |
|
Communicates change in organisation, priorities, benefits or funding |
Project Sponsor |
|
Helps the project manager in conflict resolution |
Project Sponsor |
|
Helps resolve inter project boundary issues |
Project Board |
|
Gains agreement among stakeholders when differences of opinion occur |
Project Manager |
|
Assists the project by exerting organisational authority and influence |
Project Board |
Delivery
The following activity needs to be completed at the project delivery stage.
|
Activity |
Responsibility |
|
Ensures that service is ready for production |
Senior User |
Closure
The following activities need to be completed at the project closure stage.
|
Activity |
Responsibility |
|
Helps to publicise the service delivered |
Project Board |
|
Ensures that benefits will be managed, measured and realised post-project |
Project Sponsor |
|
Evaluates the project performance upon completion |
Project Board |
| Attachment | Size |
|---|---|
 some_expectations_and_suggestions_from_isg_directors.pdf | 341.89 KB |
 project_planning_-_project_brief_template.docx | 35.44 KB |