Business Analysis Guidebook/Requirements Templates
Different Documents/Customer Preferences
editBusiness Requirements Documents
editSDLC Deliverables
editSystem Initiation Phase
edit| Processes | Techniques | Process Deliverables |
|---|---|---|
| Prepare for System Initiation | Interviews
Document Gathering and Reviews Define Security Roles and Responsibilities* Orient Staff on the SDLC Security Tasks* Establish a System Criticality Level* |
Establish Team and Environment for System Initiation |
| Verify Proposed Solution | Brainstorming
Research Classify Information (preliminary)* Establish System Security Profile Objectives (preliminary)* Create a System Profile (preliminary)* |
Verified Proposed Solution |
| Assist in Developing System Schedule | Brainstorming
Research Estimating |
Work Breakdown Structure (WBS),
High level estimates using predefined Estimation Models |
System Requirements Analysis Phase
edit| Processes | Techniques | Process Deliverables |
|---|---|---|
| Prepare for System Requirements Analysis | Site Walk-through
Project Origination and Business Case Reviews Team Skills Assessment Technology Needs Assessment Tool Needs Assessment Stakeholder Analysis (though done as a part of Project Management (PM) activity, the project PM and business analyst (BA) must ensure that the stakeholders identified are still current and correct.) |
Established Team and Environment for Requirements Analysis
Stakeholder Map (Initiated as a PM activity but must be correct and up to date during this phase) System Context Diagram
[[1]] |
| Determine Functional and Non-Functional Requirements | Establish an Information Profile (iterative)*
Establish System Security Profile Objectives (iterative)* Decompose the System (preliminary)* Organizational Modeling Scope Modeling Functional Decomposition Interviews Observation (Job Shadowing) Focus Groups Acceptance and Evaluation Criteria Scenarios and Use Cases Sequence Diagrams User Stories JAD Sessions Brainstorming Storyboarding Prototyping Structured Walk-through Event Analysis Business Rule analysis Requirements Workshops Risk Analysis Root Cause Analysis |
Business Requirements Document
Templates: All-encompassing: Business Requirements Document Subset of comprehensive version: Requirements Document Template Sequence Diagrams User Stories |
| Define Process Model | Work Flow Diagrams
Flow Chart Diagrams Business Process Models Use Case Diagrams Decision Analysis Prototyping |
Process Model
Templates: Business Process Models |
| Define Logical Data Model | Classify Information (iterative)* | Logical Data Model
Requirements Data Model Data Dictionary Existing File Descriptions Data Conversion Requirements Archiving and Retention Requirements |
| Reconcile Functional and Non -Functional Requirements with Models | Current State Gap Analysis
Scenarios and Use Case Modeling Data Modeling |
Current Assessment Document
Validated Functional and Non-Functional Requirements and Models Use Cases ER Diagrams Class Diagrams |
System Design Phase
edit| Processes | Techniques | Process Deliverables |
|---|---|---|
| Prepare for System Design | Interviews
Site Walk-throughs Create a System Profile (iterative)* Decompose the System (iterative)* Assess Vulnerabilities and Threats (preliminary)* Assess Risks (preliminary)* |
Established Team and Environment for System Design |
| Define Technical Architecture | Interviews
Document Gathering and Reviews Role/Authorization Analysis Select and Document Security Controls (preliminary)* |
Technical Architecture |
| Define System Standards | Interviews
Brainstorming Policy and Standards Reviews |
System Standards |
| Create Physical Database | Formal Walk-throughs
Standard Data Definition Languages Data Administration Techniques (Data Normalization, De-Normalization) |
Databases and System Files |
| Prototype System Components | Iterative Prototypes/Reviews
Presentations GUI/Report Development Tools |
Prototype and Proof of Concept Results |
| Produce Technical Specifications | Function Decomposition
Expressing Logic: Pseudo Code, Structured English, Object Oriented Logic Operational Requirements Assessment System Load Analysis Business Impact Analysis Potential Problem Analysis Training Needs Decomposition |
Technical Specifications
Template: Technical Specifications
|
System Construction Phase
edit| Processes | Techniques | Process Deliverables |
|---|---|---|
| Prepare for System Construction | Interviews
Site Walk-throughs Environmental Assessments |
Established Team and Environment for System Construction |
| Refine System Standards | Brainstorming
Policy and Standards Reviews Best Practice Assessments Lessons Learned Reviews Prototyping Assess Vulnerabilities and Threats (iterative)* Assess Risks (iterative)* Select and Document Security Controls (iterative)* |
Refined System Standards |
| Build, Test, and Validate (BTV) | Coding
Create test data* Manual Testing Automated Testing Defect Tracking |
Unit Test Results
Unit Tested System Components Unit Tested System Utilities Data Conversion Utilities
|
| Conduct Integration and System Testing | Manual Testing
Automated Testing Defect Tracking Regression Testing Test Security Controls* |
Integration and System Test Results
Validated System Validated System Utilities
|
| Produce User and Training Materials | Technical Writing
Illustration On-line Content Development JAD Sessions Prototypes/Content Review Current State Gap Analysis Scenarios and Use Case Modeling Data Modeling |
User Manual
Training Materials
|
| Produce Technical Documentation | Technical Writing
Illustration On-line Content Develop Security Documentation Prototypes/Content Review |
Technical Documentation |
System Acceptance Phase
edit| Processes | Techniques | Process Deliverables |
|---|---|---|
| Prepare for System Acceptance | Interviews
Site Walk-throughs Environmental Assessments Acceptance Test Plan Review |
Established Team and Environment for System Acceptance |
| Validate Data Initialization and Conversion | Manual Testing
Automated Testing Defect Tracking Regression Testing |
Data Validation Test Results
Validated Data Initialization and Conversion Software |
| Test, identify, Evaluate, React (TIER) | Manual Testing
Automated Testing Measure security compliance* Document System Security Profile* Document Security Requirements and Controls* Defect Tracking Regression Testing |
Acceptance Test Results
Validated System Validated System Utilities |
| Refine Supporting Materials | Technical Writing/ Illustration
On-line Content Development/Content Review |
Revised User/Training Materials
Revised Technical Documentation |
System Implementation Phase
edit| Processes | Techniques | Process Deliverables |
|---|---|---|
| Prepare for System Implementation | Interviews
Distribution of Materials Coordination of Training Logistics |
Established Team and Environment for System Implementation |
| Deploy System | Training Sessions
Manual Business Operations Parallel Operation Perform System Certification and Accreditation * |
Migrated and Initialized Data
Operational System |
| Transition to Performing Organization | Training Sessions
Phased Ownership |
Ownership of System by Performing Organization |
- Security Activities within Enterprise SSDLC Phases (ITS-S13-001)
links to pb.works.com templates