Introduction to the Sdlc

Welcome to the

Introduction to the

SDLC

Training Course

Course Information:

• The top banner of the course contains information to help determine course progression.

• There are 4 Knowledge Checks inserted into the course. They can be used to help

determine if the student is grasping key concepts along the way. A final assessment is

at the end of the course.

• The course will take about 1 hour to complete.

1 Version: 8.0 Last Updated: 17-Feb-2011

The goal of this course is to provide an introduction to the Software Development Life

Cycle (SDLC) process framework.

Upon completing of this course, the student will be able to:

• Recognize that the SDLC framework is required for all software-impacting projects in

Dell IT*

• Explain the story of the SDLC against the context of industry best practices

• Describe the 5-phase Microsoft® Solutions Framework

(MSF) and mapping of the SDLC

against that framework

• Recall how the SDLC helps fulfill corporate policies and standards

• Describe the SDLC’s process architecture and all the elements that comprise the SDLC

• Recommend a suggestion to improve the SDLC with an understanding of the SDLC

governance model

The course does not cover details about specific deliverables or activities. That information

is available on the SDLC site and would be made available via other training materials.

Course Goals and Objectives

* Other organizations outside of Dell IT have adopted, or plan to adopt, the SDLC as their standard set of development processes. This

training is applicable to those organizations with some subtle differences that would be addressed in different training formats or forums.

2

The Story of the SDLC

The Process Architecture

Compliance and Corporate Governance

Continuous Improvement

Course Outline

Module 1

Module 2

Module 3

Module 4

3

• SDLC is a generic, industry term which is used to refer to a collection of

software process assets (or a process asset library) that together form a

framework which can be used to execute a software development project.

• We’ve taken the generic “SDLC” term and practically applied it to refer to

the Dell IT Software Development Process. The SDLC website houses

the process asset library.

Software Development Life Cycle

Introduction – Characteristics – Foundation – Value – Boundaries

http://intranet.dell.com/dept/sdlc



Compliance and Corporate

Governance


4



The SDLC…

Is the standard set of development processes that enables compliance with company policies and other business and legal requirements.

Is organized in a user-friendly framework for use by all segments, regions, and business partners.

Is a continuous process improvement initiative and is continually refined based on feedback received from project teams, management, and business partners.

Is a library of resources and tools that enables delivery of software development projects which comprises:

– Activities – Roles – Deliverables

– Standards – Work Aids – Training Materials


5




Governance


• The SDLC has evolved from previous internal process improvement

initiatives (i.e., Horizon).

• The SDLC is based primarily on the best practices of the CMMI® for

Development (CMMI-DEV), as published and maintained by the Software

Engineering Institute at Carnegie Mellon University. The CMMI-DEV is the

industry standard process improvement maturity model for the development

of products and services.

• The SDLC also incorporates best practices from other process models to

help ensure a complete set of industry-tested processes is available for the

development of software solutions.


6




Governance


http://www.itil-officialsite.com/home/home.asp

http://www.pmi.org/


Studies have shown that the following benefits can be gained from the consistent use of standard processes:

• Increased Productivity/Reduced Duplication: Project teams that cross segments and regions don’t have to waste precious project time reconciling and negotiating through process, template, and tool differences.

• Best Practice Sharing: A single process architecture and team focused on keeping the content fresh and updated allows us to quickly and more efficiently take advantage of best practices discovered both internally and externally, in the software engineering industry.

• Reduce Effort Associated with Reacting to Audit or Regulatory Issues: A single process architecture used worldwide reduces the amount of effort needed for us to react to audit and regulatory issues.


7




Governance


Below are some benefits that other companies experienced as a result of standardizing its IT processes.

Category Benefits Company

Cost 33% decrease in the average cost to fix a defect Boeing, Australia

15% decrease in defect find and fix cost Lockheed Martin Management and Data Systems

Increased accuracy in cost estimation Raytheon North Texas Software Engineering

Schedule 50% reduction in release turn around time Boeing, Australia

Improved and stabilized Schedule Performance Index Northrop Grumman Defense Enterprise Systems

Met every milestone (25 in a row) on time, with high quality

and customer satisfaction

Northrop Grumman Defense Enterprise Systems

Quality Improved defect removal before test from 50% to 70%,

leaving 0.35 post release defects per KLOC

Siemens Information Systems Ltd, India

Reduced software-defect-per-million-delivered-SLOC by

over 50%

Lockheed Martin Systems Integration

Only 2% of all defects found in the fielded system Northrop Grumman Defense Enterprise Systems

Source: Why Make the Switch? Evidence about the Benefits of CMMI®, March 2004


8




Governance


http://www.sei.cmu.edu/library/assets/evidence.pdf

http://www.sei.cmu.edu/library/assets/evidence.pdf

Portfolio Management

Enterprise Architecture SDLC

Production Support

The IT Portfolio Management processes are used to manage business requests and fund IT projects.

The IT Production Support activities start once the post-launch warranty period ends.

1

4

Enterprise Architecture processes define enterprise standards and solutions that need to be fulfilled for projects with enterprise strategic focus.

2 The processes in the SDLC are executed to develop solutions to funded projects. These projects may include enterprise architecture components. The SDLC’s processes end once the project’s solution is deployed into the production environment and the post-launch warranty period end.

3

The SDLC is required for all IT software development projects. However, it does not

contain all the IT processes needed to fund and support software systems. Below is

a diagram describing the other IT processes that support our software development

efforts.


9




Governance


Indicate which of the following statements about the SDLC is TRUE:

a. The SDLC is required for all IT software development projects, irrespective

of project size, type, or effort.

b. The SDLC is based on the CMMI for Development.

c. The SDLC does not contain all the IT processes needed to fund, build, and

support software systems because portfolio management, enterprise

architecture, and production support processes exist to support the software

development processes.

d. The SDLC has incorporated best practices from many industry-proven

models and frameworks, including ITIL, PMI, and CoBIT.

e. All of the above statements are true.

Knowledge Check

10




Governance


See the next slide for the answer.

Indicate which of the following statements about the SDLC is TRUE:

a. The SDLC is required for all IT software development projects, irrespective

of project size, type, or effort.

b. The SDLC is based on the CMMI for Development.

c. The SDLC does not contain all the IT processes needed to fund, build, and

support software systems because portfolio management, enterprise

architecture, and production support processes exist to support the software

development processes.

d. The SDLC has incorporated best practices from many industry-proven

models and frameworks, including ITIL, PMI, and CoBIT.

e. All of the above statements are true.

Knowledge Check

11




Governance






Module 1

Module 2

Module 3

Module 4

12

Course Outline

The SDLC’s Process Architecture shows the relationship between the activities and other resources and tools required to deliver a Dell IT project, thus it is the largest module in this training course.

The first part of the module covers the primary elements of the Process Architecture:

• Project Phases, Activities, and Deliverables

• Process Areas

• Tasks and Roles

We will walk through each Project Phase, Process Area, and the Role definitions.

In the second part of the module, we illustrate how the primary elements are combined to create Development Methods, based on Project Types and Life Cycle Models.

Finally, in the last part of the module, we will look at the other resources and tools (i.e., Work Aids) that are available to help ensure consistent and efficient execution of the SDLC.

Introduction – Project Phases, Activities and Deliverables – Process Areas – Tasks and Roles –

Development Methods – Resources and Tools




Governance


13

This diagram depicts the primary elements of the SDLC’s Process Architecture.

• A Project Phase consists of several Activities.

• An Activity is a collection of Tasks, that require one or more Roles and the use of

Work Aids, performed to complete a project Deliverable (or accomplish a project

milestone).

• An Activity is also aligned with (usually just one) Process Area.



14

Project Phase Consists of Produces

Contains

Supported by

Process Area

Role Work Aid

Standards, Training, Tools, How-To’s, etc.

Task

Activity Deliverable




Governance


Let’s first focus on the Project Phases, Activities, and Deliverables of the

SDLC.



15




Governance



Contains

Supported by

Process Area

Role Work Aid


Task


These phases are defined by the Microsoft® Solutions

Framework (MSF) and originally adopted by Dell IT in

1999.

Over the past several years, Dell IT has matured its

development process, but the foundation continues to

be the MSF.

A Project Phase is a collection of logically related project activities, culminating in

the completion of one of more major deliverables or milestones. The SDLC is

organized into 5 Phases: Envisioning, Planning, Developing, Stabilizing, and

Deploying.

In the next few slides, we will look at each of the 5 Project Phases and some of

the activities and deliverables in the phases.

Note: In the SDLC, deliverables appear in the phase where the deliverable is

initiated or started. The deliverable may be completed or updated in a

subsequent phase as dictated by the project and its dependencies.



16




Governance


During the Envisioning phase,

the high-level requirements and

business goals for the project

are identified. Using this

information, the Business

Requirements are documented.

This phase ends when the Business

Requirements are approved, defining the

scope of the project.

Other activities include: Developing a project

plan and other planning documents,

estimating, selecting the set of the SDLC

processes to be used by the project, and

setting up the systems and processes for on-

going project monitoring and controlling.

Envisioning – Planning – Developing – Stabilizing – Deploying

Deliverables

Activities



17




Governance


• Plan Project

• Establish Estimates and Schedules

• Identify and Manage Process Exceptions

• Refine Business Requirements

• Conduct Peer Review (Requirements)

• Comply with TAGS

• Project Kick-off Presentation

• Project Management Plan (PMP)

• Software Configuration Management

(SCM) Plan

• Project Schedule

• Process Exception Form

• Business Requirements Document (BRD)

• Peer Review Form (Requirements)

• TAGS Request Form

During the Planning phase, the

team identifies the technical

and infrastructure requirements

that it will implement and

decides how to implement

them. In addition, the project

schedule is finalized.

This phase ends when the project plan

(which includes all project milestones) is

approved.

Other activities include: Test planning,

deployment planning, estimating, and other

compliance and policy-related activities (i.e.,

records management, disaster recovery

planning, security planning).




18




Governance


Deliverables

Activities

• Define System Requirements

• Define Infrastructure Requirements

• Conduct Peer Review (Requirements)

• Establish Estimates & Schedules

• Plan Testing

• Create Change Ticket

• Create Launch Orchestration Plan (LOP)

• Perform Security Risk Assessment &

Analysis

• Manage Records Retention Data

• Perform Disaster Recovery Tasks

• System Requirements Specification

• Infrastructure Documentation

• Peer Review Forms (Requirements)

• Project Schedule

• Change Ticket

• Test Specification

• Launch Orchestration Plan (LOP)

• Global Security Risk Assessment

• Records Retention & Legal Hold

Questionnaire

• DARP Handbook

This phase ends when all of the code

components are complete. The testing

done in this phase is development-centric,

normally referred to as unit test and

development integration test (DIT).

Other activities include: Creating test cases

for the independent testing cycles,

preparing for deployment with

implementation and back-out instructions,

and classifying data per Dell policies.

During the Developing phase, the

appropriate teams design, develop

and test the code, infrastructure,

and deployment documentation.




19




Governance


Deliverables

Activities

• Design

• Conduct Peer Review (Design)

• Code and Unit Test

• Conduct Peer Review (Code)

• Conduct Development Integration Test

(DIT)

• Perform Data Classification Tasks

• Create Test Cases

• Create Implementation and Back-out

Instructions

• Technical Design Specification

• Peer Review Form (Design)

• Source Code

• Peer Review Form (Code)

• Data Classification

• Test Cases (Unit Test & DIT)

• Test Cases (SIT)

• Test Cases (UAT)

• Implementation and Back-out Instructions

The testing done in this phase is

independent testing, what is often referred to

as System Integration Test (SIT) and User

Acceptance Test (UAT).

This phase ends when the product is

approved for release.

Other activities include managing testing

defects and preparing the documentation

needed to support the system once

deployed into the production environment.

During the Stabilizing phase, the appropriate teams test,

stabilize the product, and prepare the software for release into

the production environment.




20




Governance


Deliverables

Activities

• Conduct SIT and UAT

• Prepare for Application Support and

Training

• Manage Testing Defects

• Application Support Package

• Database Maintenance and Support

Package

The application support organization and the

end users are trained prior to deployment.

The post-deployment warranty period

(usually 30 days) goes into effect during this

Deploying phase.

This phase ends when the project’s

acceptance criteria have been met, formally

closing the project.

During the Deploying phase, the release team deploys the product

into the production environment.




21




Governance


Deliverables

Activities

• Train Application Support and End Users

• Deploy System to Production

• Monitor System

• Close Project

No new Deliverables are initiated during the

Deploying Phase.

These activities include:

• Identifying and managing risks

and issues

• Managing change to the project

(i.e., scope change)

• Monitoring the project’s

performance data

• Attending project status meetings

• Reporting project status

• Conducting phase exit reviews

Finally, some activities occur in ALL PHASES, throughout the

development life cycle. They are on-going and are referred

to as the Project Monitoring and Control activities.




22




Governance


Deliverables

Activities

• Identify and Manage Risks

• Control Change

• Manage Project Performance Data

• Report Project Status

• Conduct Phase Exit Reviews

• Risks

• Change Request Form and Log

• Project Status Report

• Phase Exit Review Presentation

The conclusion of a Project Phase is marked by a

review of both key deliverables and project

performance in order to determine if the project

should:

• Continue into its next phase as defined,

• Continue into its next phase with modifications, or

• Be terminated

Formal sign-off is obtained at each phase exit to certify that:

• Required phase deliverables have been reviewed, completed and approved.

• Any relevant issues are closed or are not significant enough to hold up the

phase exit.

• The project is appropriately resourced for the next phase.

• Remaining project schedule is realistic and achievable.

The Phase Exit Review and other interim reviews, like peer reviews and code

reviews, are also used to detect and correct errors in a cost effective manner.



23




Governance


Match the project phases with the primary deliverables that are produced by

that phase.

Project Phases

1. Envisioning

2. Planning

3. Developing

4. Stabilizing

5. Deploying

Deliverables

a. System deployed to production

b. Business (or High Level) Requirements

c. Design

d. Functional Requirements

e. Code

f. System Integration Test

g. Project Management Plan

Knowledge Check

24




Governance


See the next slide for the answer.

Match the project phases with the primary deliverables that are produced by

that phase.

Project Phases

1. Envisioning

2. Planning

3. Developing

4. Stabilizing

5. Deploying

Deliverables

a. System deployed to production

b. Business (or High Level) Requirements

c. Design

d. Functional Requirements

e. Code

f. System Integration Test

g. Project Management Plan

Knowledge Check

25




Governance


Next, we will look at Process Areas and describe how they are aligned with

Activities.



26




Governance



Contains

Supported by

Process Area

Role Work Aid


Task


Architecture Design Development Testing Deployment

Process Areas are logical groupings of related activities that have particular

relevance to one or more project roles. The SDLC is organized into 7 Process

Areas:

The Process Area pages in the SDLC contain:

– Links to SDLC Activities and Roles that are pertinent to the process area

– A Library that provides access to internal and external material

– The Meet the Community list of people who have volunteered to be

identified as SMEs in the process area and are willing to help improve the

process content and mentor other in the process area.

In the next few slides, we will look at each of the 7 Process Areas of the SDLC.



27




Governance


Project Management

Requirements Management

Project Management is responsible for

ensuring that the project successfully delivers

the agreed upon scope of work as outlined by

the project’s goals and objectives.

The Project Management discipline plans,

organizes, and manages resources within

project time, schedule, and budget constraints,

while monitoring the dependencies of other

projects and initiatives.

Project Management – Requirements Management – Architecture – Design – Development – Testing – Deployment



28




Governance


http://images.google.com/imgres?imgurl=http://www.businesstrainingworks.com/images/Course Outline/28-Time-Management.gif&imgrefurl=http://ltc.umanitoba.ca/wiki/Special:Random&usg=__mfhWNzu3ibLsd3NyZ2XEQYeTBkY=&h=299&w=448&sz=43&hl=en&start=6&um=1&tbnid=ixvxhVMZKLoAPM:&tbnh=85&tbnw=127&prev=/images?q=TIME&hl=en&um=1

Requirements Management is tasked to:

• Produce and analyze customer, product,

and product component requirements,

• Manage the requirements of the project's

products and product components, and

• Identify inconsistencies between those

requirements and the project's plans and

work products.




29




Governance


Architecture serves as the blueprint for the IT

solution and defines technical constraints and

parameters that must be considered by design

and implementation teams. The architecture

specifies system qualities, such as performance,

stability, and security, none of which can be

achieved without a unifying architectural vision.




30




Governance


Unlike low-level design, architecture is concerned with global design

constraints. As systems become larger and more complex, so do the

design problems. Thus, Dell IT’s Enterprise Architecture Framework (EAF)

provides a standard framework from which complex IT solutions can be

architected. The EAF offers a methodology to help ensure that complex

solutions are architected in a manner consistent with the goals of the

enterprise.

The Design process area addresses the

conceptual, logical, and physical components

using design concepts, constraints, modeling

languages, and design patterns to aid in the

development of the solution.

The SDLC offers guidance on design

techniques that could be used on your project.




31




Governance


Development is where software developers

construct the solution by implementing the design

to meet the project's functional and non-functional

requirements.

This area includes coding, code review, unit test,

and development integration test, commonly

referred to as DIT.




32




Governance


The purpose of the Testing process area is to

demonstrate that a product or product

component satisfies requirements and fulfills its

intended use when deployed to the target

environment(s).

Testing, in the Dell IT environment, may include:

• System Integration Test (SIT)

• User Acceptance Test (UAT)

• Regression Test

• Performance Test




33




Governance


The Deployment process area

focuses on the act of identifying, assembling, and

deploying one or more approved changes to IT

services.

Hardware, software, documentation, processes

and other required components are put together

to create a Release Package.

The contents of each Release Package are

managed, tested, and deployed into production

environment as a single entity.




34




Governance


As stated before, Activities are mapped to Process Areas. Below is a

view of some Activities and their Process Area alignment.

Architecture Design Development Testing Deployment

Notes: The above is not a complete list of SDLC activities and their alignment to process areas. Consult the SDLC for comprehensive

information.



35




Governance


Project Management


•Develop

Architecture

and High Level

Design

•Design •Refine

Business

Requirements

•Define System

Requirements

•Define

Infrastructure

Requirements

•Plan Project

•Establish

Estimates and

Schedules

• Identify and

Manage

Process

Exceptions

• Identify and

Manage Risks

•Conduct Phase

Exit Reviews

•Code and Unit

Test

•Conduct DIT

•Perform

Disaster

Recovery

Tasks

•Perform

Security Risk

Assessment

and Analysis

•Plan Testing

•Create Test

Cases

•Conduct SIT

and UAT

•Manage

Testing Defects

•Create Launch

Orchestrate

Plan (LOP)

•Create Change

Ticket

•Create

Implementation

and Back-out

Instructions

•Prepare for

Application

Support and

User Training

•Deploy System

to Production

We have discussed Project Phases, Activities, Deliverables, and

Process Areas. Next, we will talk about Tasks and Roles.



36




Governance



Contains

Supported by

Process Area

Role Work Aid


Task


A Task is an instruction for the specific step that is performed as part of

executing an Activity. A Task is performed by one or many Roles.

In the SDLC, tasks are embedded in the Activity definitions and include swim

lane diagrams with detailed explanation of what each Role must do to

accomplish the task. Below is an snapshot of some Roles and Tasks from the

“Code and Unit Test” activity:

Developer

Develop Unit Test

Code Components

Conduct Unit Test

Conduct Code Peer

Review

Cleanup Code

Plan Unit Test and DIT

Development

Lead



37




Governance


A Role is an individual or group participating in the project. Roles have

responsibilities to complete tasks or deliverables as described by the RACI

notation: Responsible, Accountable, Consulted, and Informed.

The SDLC recognizes 9 primary project roles. In the next several slides, each

of these Roles is described.

Business

Business Analyst

Development Lead

Project Manager

Developer Tester

Solution Architect

Database Administrator

Support Lead

Project

Team



38




Governance


The Business refers to the customer roles that enable the project

and for whom the project will produce the agreed-upon benefit(s),

which justify its production. Additionally, the Business:

• Is ultimately responsible for securing funding and resources for

the project.

• Acts as a vocal and visible champion.

• Legitimizes the project’s goals and objectives.

• Keeps abreast of major project activities.

• Is the ultimate decision-maker for the project, having final

approval of all scope changes, and signs off on approvals to

proceed to each succeeding project phase.

Business – Business Analyst – Project Manager – Development Lead – Developer – Tester – Solution Architect –

Database Administrator – Support Lead



39




Governance


The Business Analyst has primary responsibility for requirements

management for the project. Specifically, the Business Analyst:

• Leads requirements analysis and verification, ensuring that

requirement statements are correct, unambiguous, complete,

consistent, prioritized, testable, understandable, and that they

conform to standards.

• Helps negotiate priorities and resolve conflicts among project

stakeholders.

• Manages requirements traceability information and track

requirements status throughout the project.

• Acts as the key interface between business and technology

teams in defining and influencing business requirements and

assists in developing the appropriate system solutions.





40




Governance


The Project Manager drives the overall process and is

responsible for delivering the right product at the right time.

He/she owns the project schedule, reports project status,

manages resource allocation, enabling the rest of the team to

meet their goals. Additionally, the Project Manager:

• Manages the product scope and specification: This involves

facilitating team communication and negotiation and driving

overall critical tradeoff decisions.

• Manages team "health" and roles: Keeping the team

spirited and engaged and maintaining role clarity is critical

to success throughout the project.

• Manages project risks and issues, by maintaining a risk

management plan, assigning mitigating actions to

individuals, and reporting regularly on the impact of

outstanding issues and risks.





41




Governance


The Development Lead, along with the Developer, is responsible

for building the product the customer wants. The Development

Lead, however, serves as the development team's central point of

contact to the Project Manager, leading and communicating on

behalf of other developers. Additionally, the Development Lead:

• Serves the team as a technology consultant: Early in the

development process, the Development Lead provide input into

high-level designs, evaluate technologies, and help to validate

potential solutions and mitigate risks as technology consultants.

• Estimates time and effort to complete the product: The result of

this estimate will determine the team's overall product schedule.

• Carries responsibility for design, design reviews, code reviews,

and unit testing coverage, ensuring that all Developers have a

complete understanding of product specifications and customer

expectations.

• Supports product installation and deployment: The Development

Lead may be required to write project-specific scripts and develop

code that will aid the team in installing and deploying the product.





42




Governance


The Developer, along with the Development Lead, is

responsible for building the product the customer wants. In

many cases, there are many developers on a project team.

The Developers:

• Help specify requirements and architecture: During the early

stages of a project, developers may be expected to help

specify product requirements not included in the customer

requirements and to work on analysis and architecture

activities as part of a multi-disciplinary team.

• Estimate time and effort to complete the product, the result

of which will determine the team's overall product schedule.

• Develop, configure, and customize the product, writing all

the core code for the project and create the design for the

project.

• Support product installation and deployment, writing project-

specific scripts and code that will aid the team in installing

and deploying the product.





43




Governance


The Tester (or Test Analyst) is able to accurately portray the

status of the product at any time by clearly stating what is

currently wrong and what is currently right with the product or

product deployment. Specifically, the Tester:

• Develops test specification, plans, and scripts: The testing

role should have a good understanding of user needs and of

how the product will meet those needs.

• Conducts tests: The testing role conducts tests to accurately

determine the status of product development or deployment.





44




Governance


For projects with enterprise strategic focus, the Solution

Architect is the person responsible to analyze the customer and

product needs and specify an acceptable solution that

addresses enterprise architecture goals.

The Solution Architect supports the Development Lead and

Developers in developing the product, participating in design and

code Reviews as needed.





45




Governance


The Database Administrator (DBA) manages technical

assessment and design activities as they relate to enterprise

databases and contributions to project development efforts

include providing guidance toward project architecture, design

and modeling principles, standards, and configuration as a

project core team member. Specifically, the DBA:

• Corroborates in the development or modification of the

enterprise logical data model by reviewing for architectural

soundness, data integrity assurance, high availability and

optimal performance considerations, scalability and

maintainability.

• Actively participates in code, architecture, and mapping

reviews with application team and with DBA counterparts in

other regions.

• Participates in unit tests to provide validation and avoid

potential impact to the production database environment.

• Ensures the database meets all SOX and Dell Compliance

security requirements.





46




Governance


The Support Lead represents the organization that will support

the product once it has been migrated to the production

environment.

The Support Lead is responsible for understanding the needs of

operations and support personnel and representing those needs

to the team to ensure that the product is deployable,

manageable, and supportable.

The Support Lead also helps ensure that the support

organization is ready to accept the product.





47




Governance


Business

Business Analyst

Development Lead

Project Manager

Developer Tester

Solution Architect

Database Administrator

Support Lead

Project

Team

There may be other roles required to help make a project successful, but the

primary IT functions are represented by these 9 roles. Other functional roles

may be added to the project team based on the needs of the project.



48




Governance


The SDLC defines a RACI responsibility matrix to describe the participation by

various roles in completing deliverables. RACI is an acronym derived from the

four key responsibilities most typically used:

R

Responsible: The person or people responsible for writing, revising, and delivering the work product, and which is reflected as an assigned task.

A

Accountable: The person who is ultimately answerable for the correct and thorough completion of the deliverable and the one to whom R is accountable. There can only be one Accountable role for a deliverable.

C

Consulted: The key resources who are consulted and whose opinions are sought to help complete a work product. These people are considered Subject Matter Experts in the area of the deliverable or task and its content.

I

Informed: Though all project team members should be informed on the status of work products, the people with the Informed designation must be kept up-to-date because of a vested interest or dependency.



49




Governance


Indicate what roles would most likely be “Accountable” for a deliverable. The Accountable role is ultimately answerable for the correct and thorough completion of the deliverable, and there can only be one person Accountable for each deliverable.

Knowledge Check

Role

1. Business

2. Business Analyst

3. Project Manager

4. Development Lead

5. Developer

6. Tester

7. Solution Architect

8. Database Administrator

9. Support Lead

Deliverables

a. Business (or High Level) Requirements

b. Database Maintenance & Support

Package

c. Design

d. Architectural Constraints

e. Source Code

f. System Integration Test Cases

g. Project Schedule and Milestones

h. Project Funding

i. Application Support Documentation

50




Governance


See the next slide for the answers.

Indicate what roles would most likely be “Accountable” for a deliverable. The Accountable role is ultimately answerable for the correct and thorough completion of the deliverable, and there can only be one person Accountable for each deliverable.

Knowledge Check - Answers

Role

1. Business

2. Business Analyst

3. Project Manager

4. Development Lead

5. Developer

6. Tester

7. Solution Architect

8. Database Administrator

9. Support Lead

Deliverables

a. Business (or High Level) Requirements

b. Database Maintenance & Support

Package

c. Design

d. Architectural Constraints

e. Source Code

f. System Integration Test Cases

g. Project Schedule and Milestones

h. Project Funding

i. Application Support Documentation

51




Governance


We’ve covered most all of the primary

process elements of the SDLC.

These elements are combined to create

Development Methods.

A Development Method describes the

full set of activities and process elements

that a project can use, considering the

Project Type and the Life Cycle Model

being used by the project.

Development Method

Project Type

Life Cycle Model



52




Governance


Project Phase

Process Area

Role Work Aid Task


Each Development Method contains

elements from all the 7 Process Areas,

and the activities and deliverables are

mapped to the 5 Project Phases.



Project Types

Life Cycle Models

Project Phase

Project Phase

Project Phase

Development Methods

53




Governance


Project Phase

Process Area

Role Work Aid Task




Project Phase

Project Phase

Project Phase

Development Methods

Project Types

The SDLC recognizes 4 Project Types: • Custom Software Development: The in-house design and development of software

solutions. • Oracle Development: The development and enhancement of Oracle applications. • Data Warehouse Development: Solutions for data warehousing and business intelligence

projects that support decision making through the collection, storage, delivery, presentation, and analysis of data.

• COTS/Package Integration: The integration of Commercial-Off-The-Shelf (COTS) solutions, with or without custom developed code.

A Project Type takes

into consideration the

different characteristics

or traits of the software

development project.

54




Governance


Project Phase

Process Area

Role Work Aid Task




Life Cycle Models

Project Phase

Project Phase

Project Phase

Development Methods A Life Cycle Model describes the relative sequence in which activities are performed. The SDLC supports 3 Life Cycle Models: • Traditional: Sometimes referred to as

“Waterfall”, progress is seen as flowing steadily downwards through the project phases. However, project phases can slightly overlap.

• Agile: Based on iterative development, where requirements and solutions are allowed to evolve throughout the project.

• Maintenance: A slimmed down version of the Traditional life cycle model for projects that are short in duration consisting of minor enhancements and bug fixes to existing software products.

55




Governance


Project Phase

Process Area

Role Work Aid Task


Development Method

Project Type

Life Cycle Model

The Development Methods are defined when we

put the Project Types and Life Cycle Models in a

matrix. Currently, 5 Development Methods are

defined, with others being created or planned (see

table below).

Project Types

Life Cycle Models

Traditional Agile Maintenance

Custom Software

Development

Oracle

Development

To Be Determined Data Warehouse

Development

COTS/Package

Integration Planned

At the beginning of a project, the team must select the Development Method that

will be used, thus dictating the activities and deliverables that are required.



56




Governance


An interactive Development Method Selector Guide

is available on the home page of the SDLC site to help

teams determine which Development Method should

be used based upon attributes of the system that is to

be developed or enhanced.



57




Governance


Lastly, in this module, we will talk about the other Resources and

Tools that are available in the SDLC. We refer to them as Work Aids.



58




Governance



Contains

Supported by

Process Area

Role Work Aid


Task


The SDLC is filled with Work Aids that are available to help perform the

activities in the framework. These Work Aids are categorized as

follows:

Dell Policies and Standards References to the core set of Dell policies and

standards that affect software development projects.

Checklists Includes things like:

• Code Review Checklists, to be used during

peer/code review for the coding languages used in IT

• Phase Entry and Exit Criteria Checklists, to help the

team determine readiness for moving into or out of a

project phase.

• SDLC Self-Assessment Checklist, to help teams self-

check compliance to the standard processes

Coding and Testing Standards Different from Dell Standards, these documents are

available to help bring consistency in coding and

testing practices.

Procedures These documents describe step-by-step actions

needed to accomplish a task. They are often too

detailed to be included in the Activity and Task

descriptions, thus they are documented separately.

Training References training material that is available.

Guidelines The broad category of Work Aid and How-To

documents that include things like:

• Characteristics of Excellent Requirements

• Defining As-Is and To-Be Business Processes

• Creating the Project Status Report

• List of Common Risks

• Production Trouble Ticket Severity Definitions

• Design Techniques



59




Governance


The processes in the SDLC are also aligned with the standard set of IT

project management and development tools. This integration helps the

organization to become more efficient and effective.

Project and Portfolio Management


Source and Configuration Management

Build Management

Defect Management

Test Management

Asset Management Change and Release Management

Project Management



60




Governance



http://images.google.com/imgres?imgurl=http://www.goadsi.com/solutions/images/ms-project-logo.jpg&imgrefurl=http://www.goadsi.com/solutions/index.cfm&usg=___pSQ7U1wJnRdM1vTBLkpQwLFVPQ=&h=181&w=500&sz=33&hl=en&start=26&tbnid=pa3CdEfl44jCtM:&tbnh=47&tbnw=130&prev=/images?q=microsoft+project+2007&gbv=2&ndsp=21&hl=en&sa=N&start=21

Term Definition

Process Area Describes the full set of activities and process elements that a project can use, considering

the Project Type and the Life Cycle Model being used by the project.

Project Phase A collection of logically related project activities, culminating in the completion of one of more

major deliverables or milestones.

Development Method An individual or group participating in the project.

Role Logical groupings of related activities that have particular relevance to one or more project

roles.

Project Type Resources and tools that are available to help perform the activities in the SDLC.

Activity Describes the different characteristics or traits of the software development project.

Task An instruction for the specific step that must be performed as part of executing an Activity.

Life Cycle Model A collection of tasks, that require one or more Roles and the use of Work Aids, performed to

complete a project Deliverable (or accomplish a project milestone).

Work Aid Describes the relative sequence in which activities are performed.

Match the terms with their definitions.

Knowledge Check

61




Governance


See the next slide for the answers.

Term Definition

Process Area Describes the full set of activities and process elements that a project can use, considering

the Project Type and the Life Cycle Model being used by the project.

Project Phase A collection of logically related project activities, culminating in the completion of one of more

major deliverables or milestones.

Development Method An individual or group participating in the project.

Role Logical groupings of related activities that have particular relevance to one or more project

roles.

Project Type Resources and tools that are available to help perform the activities in the SDLC.

Activity Describes the different characteristics or traits of the software development project.

Task An instruction for the specific step that must be performed as part of executing an Activity.

Life Cycle Model A collection of tasks, that require one or more Roles and the use of Work Aids, performed to

complete a project Deliverable (or accomplish a project milestone).

Work Aid Describes the relative sequence in which activities are performed.

Match the terms with their definitions.

Knowledge Check - Answers

62




Governance






Module 1

Module 2

Module 3

Module 4

Module 2

63

Course Outline

In Module 1, The Story of the SDLC, we made this

statement about the SDLC:

“It defines the standard set of development processes enabling compliance

with company policies and other business and legal requirements.”

Internal Application

Development Policy

Legal Requirements

Dell Business Processes and

Standards

In this module, we will explore the


aspects of the SDLC, revealing how the

SDLC enables project teams to comply

with:

• The Internal Application Development

Policy

• The SDLC Standard

• Legal Requirements

• Dell Business Processes and Standards.




Governance


64

SDLC Standard

Purpose Statement

“Ensuring that software development activities are seamlessly planned and efficiently executed, regardless of organizational structures or geographies, is vital to drive and support Dell’s growth plans. This policy defines the means by which internal application development can attain consistency of approach and the ability to continuously improve processes and performance.”

Seamlessly Planned

Efficiently Executed Globally Consistent Supports Dell’s

Growth Plans

• The Internal Application

Development Policy applies to

software development activities

conducted in support of internal Dell

business functions.

• It is owned by the CIO and is regularly

reviewed and updated. See the

Safe@Dell website to review the

policy in its entirety.

Internal Application Development Policy – SDLC Standard – Legal Requirements – Dell Business Processes and Standards




Governance


65

http://intranet.dell.com/dept/SAFE/policy/default.aspx

http://intranet.dell.com/dept/SAFE/policy/Shared Documents/IT Development Policy.aspx?PageView=Shared

• The SDLC Standard exists to enable compliance with the Internal Application

Development Policy.

• It requires that the SDLC framework be used on software development and

maintenance projects to ensure that the minimum software engineering and project

management practices are executed.

• It organizes the minimum practices by process area and indicates which practices

are required, recommended, or not applicable based on software release type.

• See the Safe@Dell website to review this standard in its entirety.





Governance


66

Software Release Type

# Practice Major Minor / Service Pack

Hot Fix


1 Business requirements are documented, reviewed, and approved. Required Recommended N/A

2 Technical requirements are documented, reviewed, and approved. Required Required N/A

3 Infrastructure requirements are documented, reviewed, and approved. Required N/A N/A

4 Security requirements are documented, reviewed, and approved, per Dell’s Secure Application Development Standard.

Required Required N/A

5 Requirements traceability matrices are documented and used to ensure all needs are being addressed.

Recommended Recommended N/A

6 Change control procedures are documented and used to manage and communicate changes to approved requirements.

Required Required Required

Development

7 Technical designs are documented. Required Required N/A

8 Design reviews are conducted for new or significantly modified functions. Required Recommended N/A

http://intranet.dell.com/dept/SAFE/policy/default.aspx

http://intranet.dell.com/dept/SAFE/policy/Shared Documents/SDLC Standard.aspx



As a major corporation, Dell must comply with relevant

laws, regulations and policies, including:

• Sarbanes-Oxley Act of 2002 (SOX)

Describes specific mandates and requirements for financial

reporting

• Payment Card Industry (PCI) Data Security

Standards (DSS)

Multifaceted security standard that includes requirements for

security management, policies, procedures, network

architecture, software design and other critical protective

measures, intended to help organizations proactively protect

customer account data

• SOP 98-1

Requires entities to capitalize certain internal-use software

costs once certain criteria are met.





Governance


67

http://images.google.com/imgres?imgurl=http://ceoworld.biz/ceo/wp-content/uploads/2008/12/us-securities-and-exchange-commission.png&imgrefurl=http://ceoworld.biz/ceo/2008/12/20/what-is-ex-willbros-james-k-tillery-us-bribery-conspiracy/&usg=__7PAWfMLA5-zPYX4BQdwUHfAnH0g=&h=600&w=600&sz=209&hl=en&start=1&tbnid=w0Q_AS-gZj602M:&tbnh=135&tbnw=135&prev=/images?q=security+and+exchange+commission&gbv=2&hl=en

http://images.google.com/imgres?imgurl=http://www.cloudave.com/getImage.act?id=50000000204729&imgrefurl=http://www.cloudave.com/link/the-future-of-accounting&usg=__ODDa1AB6n89IaiFIdqmG0EeesmY=&h=363&w=445&sz=22&hl=en&start=17&tbnid=tdZF7p5O2_S0gM:&tbnh=104&tbnw=127&prev=/images?q=accounting&gbv=2&hl=en

http://images.google.com/imgres?imgurl=http://www.gleni.it/blog/wp-content/uploads/2009/05/credit-card-security.jpg&imgrefurl=http://www.gleni.it/blog/payment-online-by-credit-card-part-1/&usg=__cccVy31NI1PRVAgM_6Y_AG9w2ic=&h=282&w=425&sz=21&hl=en&start=42&tbnid=AyKTqxt_GtiQLM:&tbnh=84&tbnw=126&prev=/images?q=credit+card+security&gbv=2&ndsp=21&hl=en&sa=N&start=21

Finally, Dell has internal processes and standards that enable us to protect,

store, and recover the data entrusted to us, while using the technologies that

support the long-term strategy of the company.

Secure Application

Development Standard Establishes requirements that are

intended to ensure stability, reliability

and security of Dell’s critical

computing resources

Click here to access.

Disaster Recovery Policy Outlines requirements of Dell IT to

establish standards, processes and

controls for the timely recoverability of

business critical data and information

processing systems.


Data Classification

Standard Protects the confidentiality of Dell

electronic information worldwide,

including actual, potential and former

Dell customer, employee, and

business partner information


Global Records

Management Policy Sets forth principles which address

the management of Dell’s records. It

applies to company records produced

and maintained in all media formats


Technology & Architectural

Global Standards (TAGS)

Enables appropriate infrastructure,

application development, and security

capabilities are implemented


IT Control Self-

Assessment (CSA) Examines internal control

effectiveness with the objective of

providing reasonable assurance that

all business objectives are met






Governance


68

http://intranet.dell.com/dept/SAFE/policy/Shared Documents/Secure Application Development.aspx

http://intranet.dell.com/dept/SAFE/policy/Shared Documents/systems.aspx

http://intranet.dell.com/dept/SAFE/policy/Shared Documents/Data Classification Standard.aspx

http://inside.dell.com/ethics/records/policies/GRM_Policy.asp

http://intranet.dell.com/dept/SAFE/policy/Shared Documents/TAGS Stnd.aspx?PageView=Shared

http://intranet.dell.com/dept/CPR/CSA/default.aspx

http://images.google.com/imgres?imgurl=http://dmiessler.com/wp-content/uploaded_content/2008/09/security-lock.jpg&imgrefurl=http://danielmiessler.com/blog/my-preferred-definition-of-security&usg=__sUw56JhwKyylGuxr9sLhEUQxPN4=&h=388&w=336&sz=16&hl=en&start=11&tbnid=JegWxOvajCpV3M:&tbnh=123&tbnw=107&prev=/images?q=security&gbv=2&hl=en

http://images.google.com/imgres?imgurl=http://datalib.ed.ac.uk/GRAPHICS/blue_data.gif&imgrefurl=http://datalib.ed.ac.uk/&usg=__lK2I_NdUbavnb2VtrSGzMiFj36c=&h=521&w=350&sz=74&hl=en&start=1&tbnid=O2Iu_VUnYlQj7M:&tbnh=131&tbnw=88&prev=/images?q=data&gbv=2&hl=en

http://images.google.com/imgres?imgurl=http://www.itonecall.co.uk/Disaster_Recovery.jpg&imgrefurl=http://www.itonecall.co.uk/protection.htm&usg=__e6k5k96RvsiqtK6nWWILqqKAOXs=&h=726&w=1105&sz=71&hl=en&start=20&tbnid=WYIRGLWaUeOt4M:&tbnh=99&tbnw=150&prev=/images?q=disaster+recovery&gbv=2&hl=en

http://images.google.com/imgres?imgurl=http://www.digitalarchives.wa.gov/include/images/eRecords/records_mgmnt.jpg&imgrefurl=http://www.digitalarchives.wa.gov/Content.aspx?txt=records_mgmt&usg=__4GtyBKBYYsLdTumExjvSb9iFwdM=&h=250&w=260&sz=20&hl=en&start=17&tbnid=kXNG9vTyeTZbQM:&tbnh=108&tbnw=112&prev=/images?q=records+management&gbv=2&hl=en

http://images.google.com/imgres?imgurl=http://dandelionsummers.com/assets/images/advanced_blocks.jpeg&imgrefurl=http://dandelionsummers.com/html/building_block.html&usg=__fixoGLhp4C0B0eXfUD-fBSw9pUM=&h=293&w=450&sz=28&hl=en&start=2&tbnid=5xLSUXCqIo9mZM:&tbnh=83&tbnw=127&prev=/images?q=building+blocks&gbv=2&hl=en

http://images.google.com/imgres?imgurl=http://www.mcevoyandassociates.ie/images/audit.jpg&imgrefurl=http://www.mcevoyandassociates.ie/services/audit.php&usg=__7l_nFdvfhIWhbgnj6CwHwNf4brA=&h=348&w=540&sz=25&hl=en&start=7&tbnid=QZXE47leF08qZM:&tbnh=85&tbnw=132&prev=/images?q=audit&gbv=2&hl=en

• We take policies and standards very

seriously.

• Violation of policy can cost Dell money

and possibly cost you your job.

• The SDLC is available to help project

teams comply, in the most efficient

manner possible.

Internal Application Development Policy




Governance


69

SDLC Standard

Legal Requirements

Dell Business Processes and Standards





Module 1

Module 2

Module 4

Module 2

Module 3

70

Course Outline

In Module 1, we stated that the SDLC is

a Continuous Improvement initiative

that is refined based on feedback

received from project teams,

management, and business partners.

The ability to revise SDLC assets over

time ensures that the framework evolves

in a controlled manner to best address

the needs of the changing business and

IT environments, while improving the

effectiveness of our process and the

quality of our deliverables.




Governance


71

An SDLC Governance Model exists to guide the

Continuous Improvement initiative. Some key

features of the model include:

• Anyone can submit a Process Change Request (PCR).

• The PCR submitter provides a detailed description and

proposed solutions for the proposed change.

• The SDLC Process Review Board (PRB), with

representatives from the IT segments and functional

groups, reviews and approves changes before they are

made in the SDLC.




Governance


72

Below are additional resources:

• The SDLC Change Control Process: How to Submit a Request to

Change the Dell IT Standard Development Process

• The SDLC Process Governance Site

http://intranet.dell.com/dept/sdlc/ProcessGovernance/Process Governance Document Library/The SDLC Change Control Process.pptx

http://intranet.dell.com/dept/sdlc/ProcessGovernance/Pages/default.aspx

This concludes the Introduction to the SDLC Training Course




Governance


The Key Concepts that were covered are as follows:

• The SDLC is the process framework that is required for all software-impacting

projects in Dell IT.

• The SDLC is based on the CMMI for Development and the 5-phase Microsoft®

Solutions Framework (MSF). It also includes concepts from other industry

recognized best practice models (ITIL, PMI, etc.).

• The SDLC helps fulfill corporate policies and standards.

• The SDLC’s process architecture is comprise of project phases, activities, tasks,

roles, process areas, and development methods.

• Work aids (i.e., resources and tools) are available to enable efficient execution

of the SDLC.

• Users can submit requests to improve the SDLC, keeping it evergreen as the

organization changes and as industry best practices are revealed.

73

Final Assessment

• The next few slide contain 10 questions to

help test your knowledge of the key

concepts from this course.

• Good Luck!

74




Governance


Final Assessment 1. The SDLC is required only for large software development projects in IT.

True

False

2. The SDLC is based primarily on the CMMI for Development and the 5-phase

Microsoft® Solutions Framework.

True

False

3. The SDLC does not contain all the IT processes needed to fund and support

software systems. Other processes exist to address portfolio management,

enterprise architecture, and production support needs, all of which complement the

SDLC.

True

False

75 See the next slide for the answers.

Final Assessment 1. The SDLC is required only for large software development projects in IT.

True

False

2. The SDLC is based primarily on the CMMI for Development and the 5-phase

Microsoft® Solutions Framework.

True

False

3. The SDLC does not contain all the IT processes needed to fund and support

software systems. Other processes exist to address portfolio management,

enterprise architecture, and production support needs, all of which complement the

SDLC.

True

False

76

The software development processes represented in the SDLC are required for

all software-impacting projects in Dell IT, irrespective of project size, type, or

effort.

The SDLC is based primarily on the CMMI and MSF. The SDLC also

incorporates best practices from other industry-proven models and frameworks,

including ITIL, PMI, and CoBIT.

The focus of the SDLC is the software engineering processes used to develop

software products. However, other processes exist to complement this product

development.

Final Assessment 4. The SDLC is organized into the following 5 phases: Envisioning, Planning, Design,

Developing, and Stabilizing.

True

False

5. In the SDLC, the primary deliverables of the Planning Phase are the project

management plan, functional requirements, and the design.

True

False

6. There are 9 primary roles represented in the SDLC, and project teams are not

allowed to add or modify project roles.

True

False


Final Assessment 4. The SDLC is organized into the following 5 phases: Envisioning, Planning, Design,

Developing, and Stabilizing.

True

False

5. In the SDLC, the primary deliverables of the Planning Phase are the project

management plan, functional requirements, and the design.

True

False

6. There are 9 primary roles represented in the SDLC, and project teams are not

allowed to add or modify project roles.

True

False

78

Design IS NOT a phase in the SDLC. The 5 phases are Envisioning, Planning,

Developing, Stabilizing, and Deploying.

In the SDLC, the Design is not a deliverable of the Planning Phase. The

Design is a deliverable of the Developing Phase.

The primary IT functions are represented by 9 roles. However, there may be

other roles required to help make a project successful. Other functions may be

added to the project team based on the needs of the project.

Final Assessment 7. At the start of an IT project, the team must determine which SDLC development

method will be used, based on the project types and the life cycle models defined in

the SDLC.

True

False

8. At the highest level, the SDLC’s process architecture is comprised of project

phases, activities, tasks, roles, process areas, and development methods.

True

False

9. The SDLC contains elements and references to the legal and business

requirements for which project teams must comply.

True

False


Final Assessment 7. At the start of an IT project, the team must determine which SDLC development

method will be used, based on the project types and the life cycle models defined in

the SDLC.

True

False

8. At the highest level, the SDLC’s process architecture is comprised of project

phases, activities, tasks, roles, process areas, and development methods.

True

False

9. The SDLC contains elements and references to the legal and business

requirements for which project teams must comply.

True

False

80

The project’s set of standard projects is defined once the project chooses a

development method. This activity must occur at the start of the project.

The SDLC helps project teams comply with regulatory and legal requirements

(i.e., SOX, PCI, and SOP 98-1), as well as internal Dell policies and standards.

The SDLC architecture is comprised of project phases, activities, tasks, roles,

process areas, and development methods. Additionally, work aids (i.e.,

resources and tools) are available to enable efficient execution of the SDLC.

Final Assessment 10. The SDLC is perfect; no additional refinement is necessary.

True

False


Final Assessment 10. The SDLC is perfect; no additional refinement is necessary.

True

False

82

The SDLC is a continuous improvement initiative. It will evolve as the

organization matures and as industry best practices are revealed. Anyone can

submit a request to enhance the SDLC, and a governance model is used to

evaluate and manage changes to the SDLC.

Additional questions can be directed to the

SDLC Team at

[email protected]




Governance


83

mailto:[email protected]
