Business Systems Design Report Template 1 PDF

Preview

Summary

Very crucial document for course. need...

Description

For instructions on using this template, please see Notes to Author/Template Instructions on page 11.

He a l t h yBodyWe l l ne s sCe nt e r( HBWC) Hi gh Le v e l T e c h ni c a l De s i g n Ve r s i o nX. X

Updated 2/21/2020

HBWC

Bu s i n e s sSy s t e msDe s i g nRe p o r t T e mp l a t e

T a b l eo fCo n t e nt s High-Level Technical Design

1

1.

Introduction (Not required for performance assessment)

3

2.

Current Systems

3

3.

Goals, Objectives, and Rationale for New or Significantly Modified System

4

4.

5.

3.1

Project Purpose

4

3.2

System Goals and Objectives

4

3.3

Proposed System

4

3.3.1

System Scope

4

3.3.2

Processes Supported

5

3.3.3

High-Level Functional Requirements

5

3.3.4

Summary of Changes

6

Factors Influencing Technical Design 4.1

Relevant Standards

7

4.2

Assumptions and Dependencies

7

4.3

Constraints

7

4.4

Design Goals

7

Proposed System 5.1

8

High-Level Operational Requirements and Characteristics

8

5.1.1

User Community Description

8

5.1.2

Nonfunctional Requirements

9

5.2

High-Level Architecture

9

5.2.1

Application Architecture

10

5.2.2

Information Architecture

10

5.2.3

Interface Architecture (not required for performance assessment)

11

5.2.4

Technology Architecture

13

5.2.4.1

Platform

13

5.2.4.2

System Hosting

13

5.2.4.3

Connectivity Requirements

13

5.2.4.4

Modes of Operation

14

5.2.5

6.

7

Security and Privacy Architecture

14

5.2.5.1

Authentication

14

5.2.5.2

Authorization

14

5.2.5.3

Encryption

15

Analysis of the Proposed System 6.1

V e r s i o nX. X

16

Risks

17

2

HBWC

Bu s i n e s sSy s t e msDe s i g nRe p o r t T e mp l a t e

1 . I n t r o d uc t i o n Not required for performance assessment.

2 . Cu r r e n t Sy s t e ms Instructions: Summarize the current systems in use at the Healthy Body Wellness Center (HBWC) using details from HBWC’s case study and assessment report. See section 4.1 of your “Business Requirements Document Template” from Task 1.

Currently there are two business processes that urgently need to be replaced to accommodate company growth and to better align it with business need. The Payroll system is ancient and needs to be replaced with some other options that are more moderate and provide much better functionality. The company currently using QuickBooks and runs paper checks, and simple feature such as direct deposit are not an option currently. This needs to be changed by adapting a new technology that can be more accurate, scalable, and meets business needs as it grows. ADP is a solution proposed for the variety of features that it provides. Having ADP as a payroll system will allow employee to log their working hours remotely or through the app and management will be able to approve the hours and submit them to the payroll department. Employees can now get paid much quicker by implementing a direct deposit capability. Secondly, patient and research data are kept in Excel spreadsheets and can only be accessed on the local network via computers connected to that network. Research data is simply saved to a file share drive on the server. This makes it difficult for potential principal investigators to retrieve data for information that could possibly be used in future research. It is important to keep the research reports accessible to be retrieved and communicated with NIH as needed. The integrity of research must be paramount because changes or loss of data will affect the results of the data. Along with that, research reports should be kept away from public access thus the confidentiality of the reports is important. Having access control in place will ensure that this company is meeting the CIA triad. Moving to MS-SQL will be a fit solution since the company prefers to maintain the relationship with Microsoft. Moving data to MS-SQL will help the company to retain information in a very secure manner and deploy access control with multiple different privilege levels among other benefits.

V e r s i o nX. X

3

HBWC

Bu s i n e s sSy s t e msDe s i g nRe p o r t T e mp l a t e

3 . Goa l s ,Obj e c t i v e s ,a n d Ra t i on a l ef orNe wo rSi g n i fic a n t l y Mo d i fie d Sy s t e m Use the following sections to describe why a new system is being developed or why an existing system is undergoing a significant modification. Identify the goals, and objectives of the new system.

3 . 1

Pr oj e c tPu r pos e

Instructions: Identify the fundamental purpose of this project (e.g., create a brand-new system, replace an existing system, or significantly alter an existing system).

The main reason behind proposing this project is to elevate the overall quality of work and processes of the Healthy Body Wellness Center. HBWC mission is to help their patients and educate the community on practicing good wellness. HBWC will need to make serious changes to meet business requirements and regulations.

3 . 2

Sy s t e mGoa l sa ndOb j e c t i v e s

Instructions: Briefly describe the goals and objectives of the new or modified system. Clearly state the problem that will be solved. There are many goals that the HBWC is trying to achieve by changing the current system and upgrading to a different one that can better serve company’s objectives. A- Upgrade from windows server2008R2 that is no longer supported by Microsoft. B- Upgrade from MS-Access that soon will no longer be supported by Microsoft. C- Have a new database that can keep all patient information secure with the ability to control access. D- Utilize a database that can host all research data and reports with the ability to implrment access and privilege management.

3 . 3

Pr op os e dSy s t e m

Provide a succinct description of the proposed system. Sections 5 and 6 will describe the proposed system in more detail.

The new proposed system will better align with the business’ goals and mission. A- They will be utilizing a new Windows server 2019 that is fully supported by the vendors. B- Fully supported database using MS-SQL. C- User access and privilege management on a unified database that is capable of hosting all research and reports in addition to patient information.

3 . 3 . 1

Sy s t e mSc ope

Instructions: Describe the scope of the proposed system. This subsection should clearly identify the boundaries of the proposed system.

This project will be focused on how to improve the operational processes by implementing a new payroll system that enables a variety of features that are not currently available. The Database

V e r s i o nX. X

4

HBWC

Bu s i n e s sSy s t e msDe s i g nRe p o r t T e mp l a t e

will be completely redone using MS-SQL to enable a group of possibilities that are missing with the current MS-access system. Some of the in-scope functionalities will include: abcd-

Configuring a new 2019 windows server. Creating MS-SQL database. Migrate all reports from MS-access to MS-SQL Implement access management and group policies

3 . 3 . 2

Pr oc e s s e sSuppo r t e d

Instructions: Briefly identify and describe the processes that the proposed system will support. Please note that this section should not describe the processes in extreme detail.

The new payroll system processes using ADP are as follows: 1234-

Moving the data base from Access 2010 to MS-SQL Employees will be able to put in their hours from anywhere. Management can approve hours from anywhere. Payroll department can process payments easily and utilize the direct deposit feature

The new database and research processes are as follows: 1234-

A new structured database will be created using MS-SQL. Different groups will be created and assigned the appropriate privileges. Reports will be entered by the appropriate entities directly into the database After the retention period -one year- all reports will automatically become the property of NIH. 5- All data will be accessible in the future as needed depending on privilege level.

3 . 3 . 3

Hi ghLe v e l F unc t i ona l Re qui r e me nt s

Instructions: Briefly describe the high-level business and user requirements for the system. The purpose of this subsection is to provide enough requirements information to inform the proposed technical design. Detailed requirements should be in the “Business Requirements Document Template” from Task 1 instead of this document. Req#

Priority

Description

Rationale

Use Case Reference

Impacted Stakeholders

General / Base Functionality

FR-G001

V e r s i o nX. X

1

A new MS-SQL should be configured

A new database by Microsoft that can offer multiple/remote access and management

5

Database administrator

HBWC

FR-G002

FR-G003

Bu s i n e s sSy s t e msDe s i g nRe p o r t T e mp l a t e

1

A new Windows Server 2019

Fully supported system by Microsoft for added security

System administrators infrastructure team

2

Migrating to ADP as a new payroll system

APD adds a new feature that are important to improve operational process

Accounting department / Employees

Segregation between data owned by the organization and NIH

Researchers / NIH

New ADP payroll system should provide reports detailing employees’ hours twice a month.

Accounting and payroll personnel

Availabilit y agreement

System should be available and responsive to the users

Organization employees

System should be available for auditing minimum twice a

System should be accurate and ready to be audited

Organization employees

Security Requirements

FR-S001

2

Classify research data and reports

Reporting Requirements

FR-R001

3

Bi-weekly reports are submitted to accounting department .

Usability Requirements

FR-U001

3

Audit Requirements

FR-A001

V e r s i o nX. X

4

6

HBWC

Bu s i n e s sSy s t e msDe s i g nRe p o r t T e mp l a t e

year

4 . F a c t o r sI n fl ue nc i n gT e c h n i c a l De s i g n Use the following sections to describe the standards, assumptions, constraints, and design goals that influence the technical design of the proposed system.

4 . 1

Re l e v a ntSt a nda r ds

Instructions: Explain the relevant content management system (CMS), government, and industry standards that govern the technical design.

a. There is no attached database. Rather, each grant is processed as a text file, saved on a network share that is then delivered to NIH via built-in polling software looking for hard drive changes. This is unsuited to the current grant process developed by the U.S. federal government and must be updated. b. Switching the database to MS0-SQL is a major change that requires a security assessment to make sure OMB guidelines are followed which ensures that information is protected from loss, misuse, or unauthorized access. c. Since the organization is operating in health industry, they are required to follow HIPAA regulations that mandates privacy of patient’s information. Entities involved should be able to deploy a solution that ensures that all information are secure and protected from any unauthorized access.

4 . 2

As s umpt i on sa ndDe pe nde nc i e s

Instructions: Describe any assumptions or dependencies regarding the system and its use.

a- Financial allocation to new licensing for MS-SQL, Server 2019, and ADP as a new payroll system b- Budgeting for extended hours to the engineering personnel to aid in the migration process. c- Dissatisfaction from the current system and processes. d- Urgent need to change and improve.

4 . 3

Cons t r a i nt s

Instructions: Describe any limitations or constraints that have a significant impact on the design of the system.

a- Added security overhead with the new ADP mobile application. b- Increasing security awareness after implying the BYOD. c- Modification to the overall security policies and procedures.

V e r s i o nX. X

7

HBWC

4 . 4

Bu s i n e s sSy s t e msDe s i g nRe p o r t T e mp l a t e

De s i gnGoa l s

Instructions: Describe any goals, guidelines, principles, or priorities that guide the technical design.

Security of the entire system is an important goal for the company. New MS-SQL database will be able to provide sufficient data security and access management. This is an important aspect to follow PII and HIPAA regulations. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that requires protections to sensitive information that is related to patients from inappropriate disclosure without the consent or knowledge of the patients. Changing the payroll system and process will improve accuracy and productivity. ADP will offer remote access and time management. Further, the direct deposit feature will be utilized which will relieve strain on the budget and expenses.

5 . Pr op os e dSy s t e m 5 . 1

Hi ghLe v e l Ope r a t i ona l Re qui r e me nt sa ndCha r a c t e r i s t i c s

Use the following sections to describe the operational requirements and technical design of the proposed system.

5 . 1 . 1

Us e rCommun i t yDe s c r i pt i on

Instructions: Using the table below, identify the user community for the proposed system and the key characteristics that will influence the technical design. T a b l e1 : Us e rCommun i t yDe s c r i p t i on Type User Group

Description/Expected Use of System

Geographic Location

(Federal Employee, Contractor)

Network Profile

Total Users

(LAN, WAN, External)

Concurrent Users

Administra tor

Employees access management

Employee

Local

LAN

4

2

Corporate employees

Daily data entry and maintenance

Employees

Local / remote

LAN / External

50

30

Contractor

Database access

Federal Contractor

Remote

External

10

5

V e r s i o nX. X

8

HBWC

Bu s i n e s sSy s t e msDe s i g nRe p o r t T e mp l a t e

5 . 1 . 2

Non f un c t i o na l Re qui r e me nt s

Instructions: Include the complete table of nonfunctional requirements from Section 5.2 of the “Business Requirements Document Template” from Task 1.

ID

Requirements

NFR-001

New payroll system should be accessible remotely to all users

NFR-002

New payroll system should be compatible with different mobile OS

NFR-003

New system will provide simple and friendly GUI to all users

5 . 2

Hi ghLe v e l Ar c hi t e c t ur e

Instructions: Provide a high-level overview of how system functionality will be allocated to logical subsystems or components. This section should identify the logical user groups, application components, data components, and interfacing systems. Using the information in Section 4.2 of the “Business Requirements Document Template” from Task 1, create a diagram that illustrates the collaboration and interaction between the major components. Identify any relevant design patterns or reuse relevant to the design, then insert diagram here:

The new payroll system processes using ADP are as follows: 1234-

Moving the data base from Access 2010 to MS-SQL Employees will be able to put in their hours from anywhere. Management can approve hours from anywhere. Payroll department can process payments easier and utilize direct deposit feature.

V e r s i o nX. X

9

HBWC

Bu s i n e s sSy s t e msDe s i g nRe p o r t T e mp l a t e

In the table below, identify the alternatives considered for the overall architecture. For example, discuss any decision-making around building a brand-new system versus enhancing an existing system. This alternatives discussion is intended to differentiate between the fundamental options for designing a technical solution. If more detailed alternatives analysis was completed for specific architectural layers, discuss those in one of the following subsections. T a bl e2 :Al t e r na t i v e sCon s i de r e df ort heOv e r a l l Ar c hi t e c t ur e Alternative

Description

Pros

Cons

Preferr ed Alterna tive?

Rationale

Keep server2008R2

Continue using windows server 2008R2

No additional cost

Not secure

No

This is not acceptable as the vender will no longer support this version.

QuickBooks

Current payroll system

No additional

No Direct Deposit / No

No

This will not optimize the operational processes and not

V e r s i o nX. X

1 0

HBWC

Database

5 . 2 . 1

Bu s i n e s sSy s t e msDe s i g nRe p o r t T e mp l a t e

MY-SQL

cost / familiarity

remote access

Scalable / flexible

Not an MS product

provide direct deposit nor the remote access capability No

Not supported by Microsoft, thus not a preferred option to implement

Appl i c a t i onAr c hi t e c t ur e

Instructions: Using the table below, describe the application components in the architecture diagram above. If you considered alternatives around a particular application component, discuss them in this subsection.

T a bl e3 :De s c r i pt i o no fApp l i c a t i o nCo mp one nt s...