Project Brief ENT041

 

Revision History

Version

Author

Summary of Changes

Date

V0.1

Ross Marrins

Initial Draft

15/10/2018

V0.2

Ross Marrins

Minor changes following internal review

23/10/2018

V0.3

Ross Marrins

Further changes following internal review

06/11/2018

V1.0d

Ross Marrins

First external draft

14/11/2018

V1.0

Ross Marrins

Final Issue

06/12/2018

 

Approvals

Name

Role

Position

Date

Alistair Fenemore

Project Sponsor               

CISO, Information Security

07/12/18

Graeme Wood

Service Owner

Head, ITI Enterprise Services

16/11/18

Kenny MacDonald

Senior Supplier

Team Leader UNIX Services ITI Enterprise

07/12/18

Murray Dippie

Senior Supplier

Team Leader Windows Systems ITI Enterprise

07/12/18

Stratos Filalithis

Senior User

Head of Website & Communication Technologies, LTW

 

Alex Carter

Senior User

Head of Service Management, Service Management

 

Neil Bruce

Senior User

Head of Operational Services, USD

 

Karen Wilson

Programme Manager

Programme Manager, ENT

 

 

Distribution

Name

Role

Position

Geoff Lee

Senior User

ECA Learning and IT Services Manager, representing CAHSS

Victoria Dishon

Senior User

IT Liaison Officer (College of Science and Engineering), USD Directors Office

David Perry

Senior User

Head of Scientific Computing, IGMM, representing CMVM

Mark Lang

Senior User

Development Team Manager, IS Applications

Stephen Quinney

Senior User

Senior Computing Officer, School of Informatics

 

Background

The project brief describes the objectives, scope, timeline, deliverables and acceptance criteria for the ‘Authentication Improvements and Evaluation of Cosign Replacement’ (ENT041) project. The project has been initiated to work on a number of the recommendations from the Authentication and Authorisation report (Author: Graeme Wood, Version 1.1).

Scope

The scope of the project covers the existing EASE web application, implementation of a revised password policy and undertaking of a ‘Preliminary Market Consultation’ of single sign-on products with the view to replacing the current solution, Cosign.

The current EASE web application will be redesigned having a more effective design, adhering to University brand guidelines and web standards (EdGEL). These improvements will ensure a better and more streamlined user experience, and the application being less prone to being faked via phishing attempts. The password policy will be upgraded to make it stronger and the user experience will be improved by providing visual feedback when users are updating their password credentials.  In addition, alternatives to the current Single sign-on (SSO) solution will be reviewed with the view to providing a recommendation for a long-term replacement.   

Out of Scope

A number of the objectives identified from the wider Authentication and Authorisation review are not being included in the scope of this project, primarily:-

  • Multi-factor authentication – not to be confused with multi-step authentication which is in scope. The use of multi-factor authentication is being reviewed as part of another project as a pilot initiative and the results from that will likely feed into the Cosign replacement project (that will follow on from this project). Note – multi-factor authentication in and of itself won’t cut down on compromised accounts.  It will however prevent a compromised account being used to access University services that are protected by that control and this will remove a threat vector as that account won’t be able to send out further phishing emails that appear to come from legitimate users (those whose account was initially compromised).
  • GDPR compliance – other projects and initiatives are already underway to ensure the correct level of data is retained and secured as required
  • Extending Active Directory and EASE to the cloud to support services in the cloud in the instance of a complete failure of local (on premise) IT services
  • Adoption of OAUTH2 as a common authorisation framework for service-to-service access control (already underway elsewhere)
  • Audit and clean-up of Active Directory groups and integration of Active Directory with Identity Management (IDM) service group management tool – Grouper
  • Provision of a mechanism to support document email singing and encryption
  • Alignment of Active Directory and Central Authorisation service information release policies
  • Replacement of Central Authorisation service with Active Directory
  • Reviewing or updating any of the authentication/authorisation policies, that reside in the wider Information Security Policy Framework
  • Hooking into the Notifications service (subject to a future phase)
  • Procurement, Implementation or Migration of Services as part of the larger project to replace Cosign – this project is only concerned with the initial Evaluation stage.

Objectives and Deliverables and Success Criteria

The objectives and deliverables for this project have been split into three primary work streams:-

  • EASE Redesign (W1)
  • Security and Password Policy Enhancements (W2)
  • Cosign Replacement – Evaluation (W3)

 

Objective

Deliverable(s)

Acceptance Criteria

W1 - Improved Design and Functionality of the EASE application

  • A modern, clean design that adheres to current web design standards

 

  • Application re-branded from EASE to generic University of Edinburgh branding

 

  • Self-service password reset functionality for alumni

 

  • Refactored code base
  • EASE single sign-on pages upgraded to modern standards (EdGEL)

 

  • Approval of design and end product by senior users

 

  • Operational password reset functionality validated

 

  • No degradation in service performance

 

W1 - Strengthen Protection against Phishing

  • Two-step login process integrated into the sign-on mechanism of the new EASE web application

 

  • A reduced number of compromised accounts

W1 – Improved Operational Processes for Management of Authentication Services

  • Functionality to allow operational services teams to manage EASE passwords

 

  • Decommissioned EASE printing infrastructure

 

  • Automated certificate generation functionality

 

  • Revised support model for encryption standards

 

  • Updated operational documentation for the overall Authentication services

 

  • Updated user documentation
  • Support for legacy encryption standards removed
  • Approval of all updated operational documentation by the project sponsor
  • Approval of all updated user documentation by the senior user(s) or designate
  • Support for all systems and services have been migrated to the operational support team and approved
  • Handover of the appropriate warranties and SLAs to the operational support team has been completed and acknowledged

W2 -Improved Security across EASE/AD services

  • Revised password policy implemented

 

  • Password Strength indicator implemented

 

  • Encrypted database(s) and encrypted communication between user and service

 

  • EASE service hosted behind the Netscaler

 

  • Implementation of intrusion prevention functionality

 

  • Hardened data storage (i.e. removal of cleartext data)

 

  • Comprehensive security testing
  • Passwords that do not meet the new standard are not accepted

 

  • Password strength feature tested and accepted by user groups

 

  • Approval of all testing phases of EASE and AD functions following changes

 

  • All evaluations completed effectively, reports produced and recommendations made on back of security testing

W2 - Simplified Password and Account Management

  • On boarding process updated to enforce users to password sync between AD and EASE accounts

 

  • On boarding process updated to create AD account at the same time EASE account is created

 

  • Implementation of single option password resetting function by email

 

  •  

 

  • Audit logs show all new users passwords are synced and users can access both accounts simultaneously from joining

W3 - Evaluate Potential Cosign Replacements

  • Documented detailed requirements for what a Cosign replacement must deliver

 

  • Evaluation report on viable solutions to replace Cosign
  • All evaluations completed effectively, reports produced and recommendation(s) made to allow for issuing as an ITT (if required) via procurement

 

This table can be used through Business and Technical Analysis, Design, Build, and Testing/UAT as a Traceability Matrix to ensure the project brief project objectives and deliverables are followed through.

 

 

 

 

Requirements

The key requirements, aligned with the objectives and deliverables above, and the associated priorities and benefits are outlined below.

Ref

Requirement

MoSCoW

Requester

1.1

The EASE web application needs to be re-designed to adhere to current University web design standards (EdGEL)

M

Graeme Wood

1.2

The existing EASE registration database must be encrypted to reduce the risk of data loss

M

Graeme Wood

1.3

The EASE login page should be upgraded to utilise two-step authentication, by way of showing a pre-submitted artefact (e.g. image or text) to the user following username submission.

S

Graeme Wood

1.4

Reduce the number of compromised EASE accounts

C

Graeme Wood

1.5

EASE branding should be removed and replaced by generic University of Edinburgh branding on the sign-on website

S

Graeme Wood

1.6

Provide functionality to allow the operational services teams to manage EASE passwords

M

Kenny MacDonald

1.7

Delete obsolete EASE website/management source code

M

Kenny MacDonald

1.8

Remove EASE printing infrastructure

M

Kenny MacDonald

1.9

Use Second Challenge for EASE reset password web page

M

Kenny MacDonald

1.10

Host the EASE application behind the existing Citrix Application Delivery Controller (ADC) aka Netscaler

S

Kenny MacDonald

1.11

Improve EASE application authorisation settings (fixes and anti-phishing)

M

Kenny MacDonald

1.12

Provide functionality to allow alumni passwords to be reset via self-service

M

Graeme Wood

1.13

Add an arbitration node to the Galera Database DEV tier.

M

Kenny MacDonald

1.14

Automate creation of EASE Friends Certificate file (.pem)

S

Kenny MacDonald

1.15

A detailed technical specification (or updates to existing documentation) must be applied to the deliverables under this work stream

M

Ross Marrins

2.1

Remove the option to opt-out of password syncing between Active Directory and EASE accounts

S

Graeme Wood

2.2

Implement the revised password policy into the EASE and AD single sign-on services

M

Graeme Wood

2.3

Create Active Directory accounts for applicants on application and not at unconditional final offer

S

Gavin McLachlan

2.4

Provide visual feedback to users on password strength when users are setting/re-setting passwords

M

Graeme Wood

2.5

Remove the ‘Secret Answers’ option from the EASE password reset function and replace with password reset email link to alternate email address

S

Neil Bruce

2.6

Upgrade EASE Key Distribution Centres (KDCs) to SL7 on virtual machines from SL6 physical hosts.

M

Kenny MacDonald

2.7

Remove Kerberos Single-DES Encryption and all legacy encryption standards from the EASE-AD trust link

M

Kenny MacDonald/Murray Dippie

2.8

Implement intrusion prevention functionality (Fail2Ban) into the EASE service

M

Kenny MacDonald

2.9

Remove Cosign v2 service registrations

S

Kenny MacDonald

2.10

Remove cleartext data from EASE database

M

Graeme Wood

2.11

Perform security testing using Nessus scan

M

Graeme Wood

2.12

Ensure all authentication and personal data held by authentication services must be encrypted at rest

M

Graeme Wood

2.13

Current management policy of encryption keys needs to be documented and improvements considered as required

M

Alistair Fenemore

2.14

Ensure all communication between systems and users with authentication services is encrypted

M

Graeme Wood

2.15

A detailed technical specification (or updates to existing documentation) must be applied to the deliverables under this work stream

M

Ross Marrins

3.1

Formalise detailed requirements for single sign-on replacement service and perform assessment of the market

M

Graeme Wood

3.2

Create a report detailing possible options for new SSO solution following undertaking of Preliminary Market Consultation exercise

M

Graeme Wood

Benefits

The successful delivery of this project is expected to provide the following benefits -

  • A more streamlined and user friendly single sign-on authentication service
  • A more secure authentication service, underpinned by a strong password policy
  • Reduced number of incidents of successfully phished user accounts
  • Contribution to the ITI Enterprise Services roadmap through the evaluation of potential replacements for Cosign

 

Governance

Portfolio Governance

The following stakeholders are responsible for the overall governance of the ITI Enterprise Services portfolio.

Role

Name

Position/Team

Programme Owner

Graeme Wood

Section Head, ITI Enterprise Services

Service Owner

Graeme Wood

Section Head, ITI Enterprise Services

Programme Manager

Karen Wilson

ENT Programme Manager, ISG

Portfolio Manager

Maurice Franceschi

ITI Portfolio Manager, ISG

 

Project Board

The following stakeholders constitute the Project Board for the project.

Role

Name

Position/Team

Project Sponsor

Alistair Fenemore

Chief Information Security Officer, CISO Office

Service Owner

Graeme Wood

Section Head, ITI Enterprise Services

Senior User

Alex Carter

Head of Service Management, IS Apps

Senior User

Stratos Filathisis

Head of Website & Communication Technologies, LTW

Senior User

Neil Bruce

Head of Operational Services, USD

Senior User

Stephen Quinney

Senior Computing Officer, representing School of Informatics

Senior User

Geoff Lee

ECA Learning and IT Services Manager, representing CAHSS

Senior User

Victoria Dishon

IT Liaison Officer (College of Science and Engineering), USD Directors Office

Senior User

David Perry

Head of Scientific Computing, IGMM, representing CMVM

Programme Manager

Karen Wilson

Programme Manager, ITI Enterprise Services

Project Manager

Ross Marrins

Project Manager, Project Services

 

Tolerances

The following project tolerances will be applied and these are outline below. Any deviation outside these tolerances must be reported for review and resolution to the Project Board.

  • Cost – over +/- 10% of original budget
  • Plan – slippage of over 4 weeks to current plan
  • Scope – extensive addition or reduction from current scope
  • Quality – refusal to approve a key project deliverable

 

Resources Skills and Cost

 

Budget

There is no capital budget allocated for this project.

The following allocations, in total days, have been estimated for the project team, in a project running from November 2018 to January 2020.  

ITI, Project Services                                          - 80 days - exact days will reflect development days below

ITI, Enterprise Services                                    - 370 days - exact days for this project TBC by team leads

Applications, Service Management            - tbc days

Applications, Development Services         - tbc days – effort will be required to make changes to IDM

USD, section TBC                                                - tbc days

LTW, section TBC                                                - tbc days

Information Security                                        - tbc days

 

Priority and Funding

This work has been identified as a priority 1 project within the ITI Enterprise Services programme for the 2018/19 session. Funding has already been outlined as per the sections above.

Project Team

Project Organisation

 

 Role

Name

Position/Team

Project Manager

Ross Marrins

Project Manager, Project Services

Senior Supplier

Graeme Wood

Section Head, ITI Enterprise Services

Senior Supplier

Murray Dippie

Windows Team Lead, ITI Enterprise Services

Senior Supplier

Kenny MacDonald

Unix Services Team Lead, ITI Enterprise Services

Solutions Development

Martin Cassels

Senior Computing Officer, ITI Enterprise Services

Solutions Development

Neil Cooper

Senior Computing Officer, ITI Enterprise Services

Solutions Development

Scott Larnach

Senior Computing Officer, ITI Enterprise Services

Solutions Development

Gavin Gray

Senior Computing Officer, ITI Enterprise Services

 

 

 

Key Project Milestones  

Milestone

Sign-Off means

Date of Milestone

Who signs-off (Accountability)

Start of Project

Project can begin, is in line with Programme and Portfolio priority, has resource

15/10/2018

Project Sponsor, Programme Manager

End of Planning

Project Brief, High level timescales, Estimated Budget, Risks, Issues, Communication Plan - all approved.

Project has resource approved by section head for the estimated effort.

Project has funding for effort for other costs.

21/12/2018

Project Sponsor, Programme Manager

TBC

 

 

 

TBC

 

 

 

TBC

 

 

 

Closure

Project closure and lessons learnt

TBC

Project Sponsor,

Programme Manager

 

Assumptions

The following assumptions have been identified during the project initiation phase and are subject to change following the initial set of project meetings:-

  • Adequate resources and skills will be assigned to the project to ensure work packages can be agreed and delivered to plan, to ensure the key milestones are met
  • Every effort will be made to prioritise key technical resources to this project above other in-flight projects, excluding unscheduled BAU demand
  • Suitable environments will be available for use for the duration of the project and no additional infrastructure is required to support this project
  • The alternative email address will be known to (and recorded) in EASE to stop a random alternative address being entered
  • For the security testing, Nessus scan is sufficient for the purpose of this project
  • If the security testing requires external specialist support, ISG/InfoSec will have a framework in place that can be used to approach approved suppliers to provide this

 

Constraints

The following constraints have been identified during the project initiation phase and are subject to change following the initial set of project meetings:-

  • Team members are not fully assigned and are working on other projects and BAU activities in parallel. This can be translated into a high-probability risk where priority of resources may go to BAU or higher-priority project work.

 

Risks

A risk log will be maintained to record and track all risks to resolution (via the projects website). Risk severity and impact, risk owner and planned mitigation date will be assigned by the project team. Major risks with close proximity need to be escalated to the project board via the project sponsor. The following risks have been identified during the project initiation phase and are subject to change following the initial set of project meetings:-

  • The project deadlines cannot be met due to the volume or work and/or lack of skilled or available resources that need to be assigned
  • Due to insufficient support from third-party teams, there is a risk this may impact on the work that can be achieved by the core project team, which would result in delays to the project milestones
  • Due to insufficient funding beyond the 370 days allocated from the ITI Enterprise Services Section project budget, there is a risk that no additional budget will be found which could result in the project not being able to complete.

 

Issues

If and when they arise, issues will be recorded and tracked throughout the project (via the projects website). Issues that are not outside agreed tolerances should be resolved with the project team. Major issues need to be escalated to the project board for review and advice on resolution. Issue resolution that requires a major change to the project in terms of time, quality or cost needs to be approved under formal change management by the project board.

All project changes outside tolerances must be reviewed and approved by the project board. Project changes within tolerances can be managed with the project team.

Project work that impacts production systems or networks, as well as key implementation milestones, must be communicated with the requisite lead time to the ISG CAB for review and approval.

 

Previous Lessons Learned

A log will be maintained to record lessons learned throughout the project. This will be reviewed at the project closure meeting and passed to the PMO for review by future projects.

  • No lessons learned from previous projects need to be taken into consideration for this project

 

Dependencies

The current key dependency for the project is the availability of resources from non-ITI teams to contribute to the project against the scheduled timescales. The availability of non-ITI team members will be reviewed and monitored throughout and appropriate risks/issues raised as required.

 

Communication

The following meetings and communication channels will be established to support the effective communication of project progress, risk management and escalations:-

Forum

Frequency

Participants

Methods

Project Meeting

Fortnightly

Project Team

Meeting minutes, project plan, risks and issues log

Project Board

Monthly

Sponsor, Senior Users, Project Manager, Programme Manager

Meeting minutes, progress report, project plan, escalations

Interim report

Fortnightly

All stakeholders

Progress report – gap between project boards

Project Report

Monthly

All stakeholders

Projects website

Ad-Hoc Project Updates

As required

As required

Email

ISG CAB

As required

Senior Supplier, CAB

CAB requests

 

Run / Grow / Transform

This has been designated as a Growth project.

Strategic Alignment

Student Experience

Student Experience

Commentary

Student experience and the unique Edinburgh offer

Will benefit from improved password security features

Online and distance learning leaders

N/A

Library national and international leadership

N/A

Research and Innovation

 

Research IT and Data Sciences

N/A

Innovation

N/A

Collaborative leadership and social responsibility

N/A

Service Excellence

 

Process improvement, efficiency, quality and best practice

A more streamlined SSO process will be established;

Enhanced password policies will be implemented, providing a more secure offering to students

Long-term IS strategic planning and linked professional services               

Reduces confusion by de-branding EASE as a unique service;

AD and EASE accounts will be linked providing a more seamless service to students;

Information Security

Provides increased password security and reduced number of successful phishing attempts

 

Strategic Vision

University's Strategic Vision for 2025 the main elements of the vision that this project’s contributes have a commentary.

Vision Themes

Commentary

A unique Edinburgh offer for all of our students               

N/A

All of our undergraduates developed as student/ researchers with clear, supported pathways through to Masters and PhD

N/A

All our students offered the opportunity to draw from deep expertise outside their core discipline

N/A

A highly satisfied student body with a strong sense of community.

Support reliable and robust IT services

Strong and vibrant communities within and beyond the University – making the most of our unique offer of world-leading thinking and learning within one of the world’s most attractive cities

The authentication service supports multiple diverse communities including alumni, members of other institutions and the public

A larger, more international staff who feel valued and supported in a University that is a great and collegial place to work, develop and progress 

N/A

More postgraduate students – underpinned by the best support in the sector to ensure we attract the brightest and best regardless of ability to pay

N/A

A strong culture of philanthropic support focussed especially on our students and on outstanding research capabilities.

N/A

Many more students benefiting from the Edinburgh experience (largely or entirely) in their own country – supported by deep international partnerships and world- leading online distance learning

N/A

Sustained world leading reputation for the breadth, depth and interdisciplinary of our research supported by strong growth in research funding and strong international partnerships – drawing from well-established and less well developed sources

An estate that matches expectations, responds flexibly to changing student and staff needs, and showcases the University

The authentication service supports multiple diverse communities including alumni, members of other institutions and the public.

A deeper and earlier collaboration with industry, the public sector and the third sector – in terms of research; knowledge exchange; and in giving our students the best possible set of skills for their future

N/A

 

 

IS Change Programme - How will this project's Deliverables and Benefits promote the Themes

IS Change Programme Theme

Commentary

Project Management

Formal project management techniques applied

Working Together

Collaborative project between ITI, IS Applications, Information Security, LTW, USD and the three colleges

Standards and Technical Leadership

Process improvement, efficiency,

quality and best practice

Staff Learning and Development             

Exposure to modern web development techniques to ITI staff

Service Based Culture

Provision of more secure and user friendly services

Equality and Diversity

EASE web application will adhere to legislative accessibility standards

Partnerships and Philanthropy

N/A

Flexible Resourcing

Improved skills across the technical teams

Communication and Branding

Improved communications from ITI and consistent branding by removing EASE references

 

Service Excellence - Information and Security

This project will contribute to improved security by implementing a strengthened password policy and introducing functionality to reduce the number of security incidents in relation to phishing and compromised accounts.

 

Service Excellence - Process Improvement, efficiency, quality and best practice (Social Responsibility and Sustainability)

The project will deliver…

 

Members of the ITI Enterprise Services team will retain ownership and ongoing support of the EASE infrastructure until a replacement is in place.

 

Digital Transformation

IS Change Programme Theme

Commentary

Digital Transformation

N/A

 

IS Change Programme - How will the execution of this project promote the Themes

IS Change Programme Theme

Commentary

Project Management

Formal project management techniques applied

Working Together

Collaborative project between ITI, IS Applications, Information Security, LTW, USD and the three colleges

Standards and Technical Leadership

Process improvement, efficiency,

quality and best practice

Staff Learning and Development             

Exposure to modern web development techniques to ITI staff

Service Based Culture

Provision of more secure and user friendly services

Equality and Diversity

EASE web application will adhere to legislative accessibility standards

Partnerships and Philanthropy

N/A

Flexible Resourcing

Improved skills across the technical teams

Communication and Branding

Improved communications from ITI and consistent branding by removing EASE references

 

 

 

Project Responsibilities

Project Sponsor

The project sponsor defines the overall objectives of the project and provides resources and budget to support project delivery. The project sponsor chairs the project board where project status is reviewed and escalations (risk and issues) are evaluated and remedial action initiated. The project sponsor communicates major issues such as a significant delay to planned project milestones to senior members of the user community.

Senior User

The senior user(s) is the recipient of the project deliverables and uses them on an ongoing basis. In this case, the senior users will be those teams and individuals that benefit from the deliverables listed earlier in this document.

Where required, the senior user(s) will provide resources to the evaluate, test and approve project deliverables

Senior Supplier

The senior supplier is responsible for providing the specialist resources to develop the products and services for the project within an agreed timescale to agreed quality and cost levels. They also identify key work packages that need to be developed to meet the project goals, providing time estimates for delivery and assigning the technical resources for this work.  The senior supplier is responsible for communicating any risks or issues that arise during the development of work packages and works with the rest of the project team to mitigate these.

Project Manager

The project manager develops and maintains the project documentation, such as this project brief, and develops and tracks the project plan based on estimates and updates provided by the project team. Project risks and issues are managed by the project manager. Low and medium risks should be resolved within the project team. High risks need to be escalated to the project sponsor for review and remediation by the project board.

The project manager is responsible for ensuring communications on the project are sent out on time to ensure the user community and other stakeholders are kept up to date with progress on the project. Finally the project manager schedules project team and project board meeting at intervals agreed with members of the project team.

Project Initiation

The following activities, with responsibilities, need to be completed at project initiation.

Activity

Responsibility

Initiates project

Project Sponsor

Negotiates and confirms funding for the project

Project Sponsor

Ensures the project is in line with organisational strategy and priorities

Project Sponsor

Chairs the project board, appoints its members and ensures they are effective

Project Sponsor

Advises the project manager of protocols, political risks, issues and sensitivities

Project Board

Makes the project visible within the organisation 

Project Sponsor

 

Planning

The following activities, with responsibilities, need to be completed at the project planning stage.

Activity

Responsibility

Works with the project manager to develop the Project Brief

Project Board

Ensures a realistic project plan is produced

Senior User

Sets tolerance levels for escalation to themselves and to the project board

Project Sponsor

Ensures project team has representation and engagement from users/suppliers

Project Board

Helps identify stakeholders

Project Board

Approves Communication Plan

Project Sponsor

Agrees on frequency of meetings with Project Manager

Project Sponsor

Agrees of frequency of meetings with Project Team

Senior Supplier

Agrees milestones and approvals

Project Sponsor

 

Execution

The following activities, with responsibilities, need to be completed during the project execution stage.

Activity

Responsibility

Provides strategic direction and guidance to the project manager

Project Board

Approves major changes to plans, priorities, deliverables, schedule

Project Board

Encourages stakeholder involvement and maintains ongoing commitment

Project Board

Assesses and provides resolution on major risks and issues

Project Board

Makes go/no-go decisions

Project Sponsor

Communicates change in organisation, priorities, benefits or funding

Project Sponsor

Helps the project manager in conflict resolution

Project Sponsor

Helps resolve inter project boundary issues

Project Board

Gains agreement among stakeholders when differences of opinion occur

Project Manager

Assists the project by exerting organisational authority and influence

Project Board

 

Delivery

The following activity needs to be completed at the project delivery stage.

Activity

Responsibility

Ensures that service is ready for production

Senior User

 

Closure

The following activities need to be completed at the project closure stage.

Activity

Responsibility

Helps to publicise the service delivered

Project Board

Ensures that benefits will be managed, measured and realised post-project

Project Sponsor

Evaluates the project performance upon completion

Project Board

 

Project Info

Project
Authentication Improvements
Code
ENT041
Programme
ITI - Enterprise Services (ENT)
Management Office
ISG PMO
Project Manager
Gail Devaney
Project Sponsor
Alistair Fenemore
Current Stage
Close
Status
Closed
Project Classification
Transform
Start Date
15-Oct-2018
Planning Date
12-Apr-2019
Delivery Date
25-Mar-2020
Close Date
30-Apr-2020
Overall Priority
Highest
Category
Compliance

Documentation

Plan