Business Analysis Guidebook/Requirements Templates

Different Documents/Customer Preferences edit

Business Requirements Documents edit

SDLC Deliverables edit

System Initiation Phase edit

Processes Techniques Process Deliverables
Prepare for System Initiation Interviews

Document Gathering and Reviews

Define Security Roles and Responsibilities*

Orient Staff on the SDLC Security Tasks*

Establish a System Criticality Level*

Establish Team and Environment for System Initiation
Verify Proposed Solution Brainstorming

Research

Classify Information (preliminary)*

Establish System Security Profile Objectives (preliminary)*

Create a System Profile (preliminary)*

Verified Proposed Solution
Assist in Developing System Schedule Brainstorming

Research

Estimating

Work Breakdown Structure (WBS),

High level estimates using predefined Estimation Models

System Requirements Analysis Phase edit

Processes Techniques Process Deliverables
Prepare for System Requirements Analysis Site Walk-through

Project Origination and Business Case Reviews

Team Skills Assessment

Technology Needs Assessment

Tool Needs Assessment

Stakeholder Analysis (though done as a part of Project Management (PM) activity, the project PM and business analyst (BA) must ensure that the stakeholders identified are still current and correct.)

Established Team and Environment for Requirements Analysis

Stakeholder Map (Initiated as a PM activity but must be correct and up to date during this phase)

System Context Diagram

  1. link to pb.works.com System Context Diagram template
[[1]] 

Determine Functional and Non-Functional Requirements Establish an Information Profile (iterative)*

Establish System Security Profile Objectives (iterative)*

Decompose the System (preliminary)*

Organizational Modeling

Scope Modeling

Functional Decomposition

Interviews

Observation (Job Shadowing)

Focus Groups

Acceptance and Evaluation Criteria

Scenarios and Use Cases

Sequence Diagrams

User Stories

JAD Sessions

Brainstorming

Storyboarding

Prototyping

Structured Walk-through

Event Analysis

Business Rule analysis

Requirements Workshops

Risk Analysis

Root Cause Analysis

Business Requirements Document
  • Business and Functional Requirements
  • Non-Functional Requirements
  • Business Rules
  • Requirements Traceability Matrix

Templates:

All-encompassing:

Business Requirements Document Subset of comprehensive version:

Requirements Document Template

Use Cases

Sequence Diagrams

User Stories


Define Process Model Work Flow Diagrams

Flow Chart Diagrams

Business Process Models

Use Case Diagrams

Decision Analysis

Prototyping

Process Model

Templates:

Business Process Models


Define Logical Data Model Classify Information (iterative)* Logical Data Model

Requirements Data Model

Data Dictionary

Existing File Descriptions

Data Conversion Requirements

Archiving and Retention Requirements


Reconcile Functional and Non -Functional Requirements with Models Current State Gap Analysis

Scenarios and Use Case Modeling

Data Modeling

Current Assessment Document

Validated Functional and Non-Functional Requirements and Models

Use Cases

ER Diagrams

Class Diagrams


System Design Phase edit

Processes Techniques Process Deliverables
Prepare for System Design Interviews

Site Walk-throughs

Create a System Profile (iterative)*

Decompose the System (iterative)*

Assess Vulnerabilities and Threats (preliminary)*

Assess Risks (preliminary)*

Established Team and Environment for System Design
Define Technical Architecture Interviews

Document Gathering and Reviews

Role/Authorization Analysis Select and Document Security Controls (preliminary)*

Technical Architecture
Define System Standards Interviews

Brainstorming

Policy and Standards Reviews

System Standards
Create Physical Database Formal Walk-throughs

Standard Data Definition

Languages

Data Administration Techniques

(Data Normalization, De-Normalization)

Databases and System Files
Prototype System Components Iterative Prototypes/Reviews

Presentations

GUI/Report Development Tools

Prototype and Proof of Concept Results
Produce Technical Specifications Function Decomposition

Expressing Logic: Pseudo Code, Structured English, Object Oriented Logic

Operational Requirements

Assessment System Load Analysis

Business Impact Analysis

Potential Problem Analysis

Training Needs Decomposition

Technical Specifications
  • Module Specifications
  • Security, Database, Network, Application Architectures
  • Test Plans/Test Cases
  • Deployment/ Transition Plans

Template:

Technical Specifications

System Construction Phase edit

Processes Techniques Process Deliverables
Prepare for System Construction Interviews

Site Walk-throughs

Environmental Assessments

Established Team and Environment for System Construction
Refine System Standards Brainstorming

Policy and Standards Reviews

Best Practice Assessments

Lessons Learned Reviews

Prototyping Assess Vulnerabilities and Threats (iterative)*

Assess Risks (iterative)*

Select and Document Security Controls (iterative)*

Refined System Standards
Build, Test, and Validate (BTV) Coding

Create test data*

Manual Testing

Automated Testing

Defect Tracking

Unit Test Results

Unit Tested System Components

Unit Tested System Utilities

Data Conversion Utilities

Conduct Integration and System Testing Manual Testing

Automated Testing

Defect Tracking

Regression Testing

Test Security Controls*

Integration and System Test Results

Validated System

Validated System Utilities

Produce User and Training Materials Technical Writing

Illustration

On-line Content Development JAD Sessions

Prototypes/Content Review

Current State Gap Analysis

Scenarios and Use Case Modeling

Data Modeling

User Manual

Training Materials

Produce Technical Documentation Technical Writing

Illustration

On-line Content Develop Security Documentation

Prototypes/Content Review

Technical Documentation

System Acceptance Phase edit

Processes Techniques Process Deliverables
Prepare for System Acceptance Interviews

Site Walk-throughs

Environmental Assessments

Acceptance Test Plan Review

Established Team and Environment for System Acceptance
Validate Data Initialization and Conversion Manual Testing

Automated Testing

Defect Tracking

Regression Testing

Data Validation Test Results

Validated Data Initialization and Conversion Software

Test, identify, Evaluate, React (TIER) Manual Testing

Automated Testing

Measure security compliance*

Document System Security Profile*

Document Security Requirements and Controls*

Defect Tracking

Regression Testing

Acceptance Test Results

Validated System

Validated System Utilities

Refine Supporting Materials Technical Writing/ Illustration

On-line Content Development/Content Review

Revised User/Training Materials

Revised Technical Documentation

System Implementation Phase edit

Processes Techniques Process Deliverables
Prepare for System Implementation Interviews

Distribution of Materials

Coordination of Training Logistics

Established Team and Environment for System Implementation
Deploy System Training Sessions

Manual Business Operations

Parallel Operation

Perform System Certification and Accreditation *

Migrated and Initialized Data

Operational System

Transition to Performing Organization Training Sessions

Phased Ownership

Ownership of System by Performing Organization

links to pb.works.com templates

SDLC Process Deliverable Definitions edit

Description of SDLC Security Activities edit