For guidance on how to complete the closure report template, please click here.
For staff in Information Services Group (ISG), please click here for guidance on how to complete the Closure Report following ISG guidelines.
The project was initiated to cover the existing EASE web application, implementation of a revised password policy and undertaking of a ‘Preliminary Market Consultation’ of single sign-on products with the view to replacing the current solution, Cosign.
The EASE web application was to be redesigned to adhere to University brand guidelines and web standards (EdGEL).enabling a more effective design. The improvements were to ensure a better and more streamlined user experience, and ensure the application was less prone to being faked via phishing attempts. Utilising the upgraded password policy to make it stronger and the user experience improved by providing visual feedback when users are update their password credentials. Alternatives to the current Single sign-on (SSO) solution were to be reviewed with the view to providing a recommendation for a long-term replacement.
During implementation of the project the new password policy had not been finalised and it was not possible to confirm compliance, however, EASE is fully compliant with the changes that were drafted for this policy. Due to a larger project run by the Chief Information Security Officer, Cosign was removed from the scope of this project and for technical reasons, it was not possible to provide visual feedback as part of the delivered solution, so this was also removed from the project scope. The addition of Google Analytics was agreed by the project board to enable data gathering on the authentication page.
The project suffered delays at various points due to staff availability, prioritization of project work and availability of other areas within the University to complete UAT. The project was stopped on several occasions to enable other areas of the university to schedule in tasks and testing to enable the sign-off of UAT and enable the go live deployment. This resulted in considerable slippage and this is reflected in the need to continually re-plan the delivery date which moved from August 2019, to delivery of the EASE web page changes in November 2019 to a final go live deployment in March 2020.
Problems were encountered in relation to the email provisioning system run by IS-Apps in that they relied on the Active Directory(AD) account creation date to determine which welcome emails to send to new students, By populating Applicants to AD for the password synchronisation this upset the system. Changes were required to the Email Provisioner and the Active Directory provisioner. This resulted in a 4 month delay. Strike Action also impacted on the delivery timescale.
Analysis of Variance
The estimate of internal project resources drawn from Enterprise team to be used on the project was 370 days. The staff effort recorded against the project was 200 days.
The estimate of internal project resource from the Application Services was 5 days and the staff effort recorded was 4 days.
The estimate of internal project resource from the Application Development Services budget was 3 days and the staff effort recorded was 1 days.
Project manager estimate was 80 days and effort recorded against the project was 56 days, this reflects the items moved out of scope for the project
Explanation for Variance
The reason for this variance was due to the elongated timeline for the delivery of the service and the reduction in scope of the project that required less Enterprise team commitment.
The current authentication web application has a more effective design, that adheres to University brand guidelines and web standards (EdGEL). Improvements made during the project will ensure a better and more streamlined user experience, and the application being less prone to being faked via phishing attempts.
Improved operational processes and security for better management and simplified password and Account management
Key Learning Points
- Issue: Project team did not fully understand the project processes
- Learning Point: Further project management training for teams involved in projects to enable better planning
- Issue: Changes to email provisioner were underestimated by ITI
- Learning Point: Better analysis of processes should be carried out in conjunction with the affected area
- Issue: Email Provisioner had no test site meaning changes were required in live and this impacted on delivery timescales
- Learning Point: Impact of deliverables should be discussed in detail so they are fully understood with system owners to understand their requirements
- Issue: Impact of changes to Admin tools workflows underestimated for EASE and AD Webtools
- Learning Point: UAT should be fully planned out for all components not just user facing areas.
- Project team were knowledgeable and worked well together to resolve issues that arose
- As a result of this project, the project planning process is better understood.
- A very successful secondment of a subject expert from elsewhere in the University.
- Knowledge capture - the EASE service is understood by more people at a greater depth, and is documented.
- Cosign v2 registrations is currently being driven by IS Apps Application Management liaising with us via service requests and will be completed under operational work