Rough Draft Business Case For Investment Analysis
Rough Draft Business Case for Investment
CMGT 445
Rough Draft Business Case for Investment
McBride Financial Services plans to expand its mortgage loan business operations to eight locations. The home office is in Boise Idaho. Newly leased office space is now available in the Sioux Falls S.D. location. The CEO, Hugh McBride, requests the design, development and implementation of a secure, reliable and effective Local Area Network (LAN) for the Boise and Sioux Falls locations. This project will require satellite locations, like Sioux Falls, to be connected to the Boise Home Office LAN. The connection is done to facilitate accessing data and information by authorized personnel, including remote access privileges to Smith Systems Consulting; …show more content…
for purposes of maintaining McBride 's information systems hardware and software.
Available information to assist the Business Case Team in order to provide the best solution for McBride Financial Services: Smith Systems Consulting recently conducted an interview with Mr. Hugh McBride. He expressed the following: "Since we are dealing with personal financial information, I am quite concerned about security. I don 't want to face a lawsuit from a disgruntled client because the client 's identity was stolen or even get a letter from a couple telling us that their personal information was posted on the Internet. The technology to be implemented must be on the leading edge when it comes to security. We also want to implement an internal security system, which prevents all employees from accessing the company 's clients ' information. Security is imperative. We realize it will not be cheap to secure our information, but we can 't spend all our money on security and not have our other technological needs met. In addition to technical security, we are concerned with physical security of the computer systems, but I don 't understand how we can protect our information but still provide access to clients in the office. Each office will have a separate location to keep computers and other equipment. We are concerned about various security issues, because the success of the company will be based on the clients ' perception of privacy of their personal information; in addition to the level of service of their mortgage needs".
Prototyping Environments and Processes
In the prototyping process the prototype will be built, tested, and then reworked as many times necessary in order to develop the an acceptable prototype system that can be used to develop the final product. After the interviewing of user and everyone that will use the system, development of the first prototype, the evaluation phase, the final prototype development, and testing the advantages and disadvantages of the process are evaluated.
Some of the most notable advantages from using the prototyping process are the reduced time, cost, and improved user involvement. Time and cost reductions occur by helping the developers develop an improved and high-quality product that does not require any new changes. Changes later on in the development stage can cost much more than in the early stages. Improved user involvement benefits the development of the new system because it will allow the users to interact with the system and provide both negative and positive feedback. The feedback will give the developers an opportunity to make the necessary adjustments which will lead to a product that is more likely to satisfy the users and more effective. By properly following the prototyping process some of the benefits to look forward to are:
A better quality system
Clear identification of problems early in the development phase
User involvement, identify system requirements
The cost associated with the new development
The necessary training can be addressed
For example, there may be a time when the developer may not fully understand the needs of the user. Creating a prototype assists sorting out misunderstanding between users and the product. Having this early system in place, the identification of any issues will be addressed with time and before the final product. Once all the quirks have been addressed, getting the users involved will allow them to see the benefits of the new product, and they will eventually buy into it.
Testing Design to Include Procedures and Standards
Once the business analyst has met with the designer to review the specifications, the developers will start the coding that is outlined in the requirements document.
It is at this time that each unit of code must be reviewed to ensure the designer we are following the project standards. (Software Testing Procedures, 2009) If the designer raises a question concerning the functionality, it should be decided before the coding starts, that any late design standards, will become part of a second release; because additional functionality will put the project outside the expected delivery date.
The next step in the process is to create a test plan based on the requirements document. The business analyst will perform the procedure of code and then document the expected results and the actual results. It is very important that the documentation has enough detail, so if the test fails, the developer will know where the failure occurred. (Software Testing Procedures, 2009)
A modular approach seems to work best in this type of project. The developers can start with the basic design, test it, and proceed with more complex coding. The basic design can be used multiple times in a project, and can be expanded to follow each requirements …show more content…
document.
It will be the responsibility of the developer to implement the technical standards into the test data. The developer will locate the production databases that contain representative data for testing database tables. If none is available, then the developer will create database tables. Before creating the database tables, the business analyst needs to ensure the test data validates the module 's logic. Testing should adhere to the functional requirements and technical standards. Our business analyst will ensure that test data tests all module source code and each conditional logic branch. Each test will be fully documented. After the documentation is complete, the business analyst will schedule an internal code review with appropriate team members.
At this time, we will be creating the testing environment. The testing environment is where the business analyst and designer have a little bit of creative freedom in the visual look of the environment. Once the environment has been created, testing will begin. The test plan will be documented at each individual test case. The last test to be completed will be done by designated employees in the User Acceptance Testing environment.
Accessibility
An employee accessibility plan will include identifying what data and information employees must have access to, based on job position and need to know. Once this list is generated Mr. McBride along with the top level managers will review and approve. Once approved, appropriate permissions will be applied by the assigned network administrator and then reviewed by the approving authority assigned by Mr. McBride. The accessibility plan must coincide with the company 's current information system security policy. It is recommended the current security policy be amended to include strong criteria for usernames and passwords used to access any of the company 's hardware, software, network and intranet. An example of a username would be using 12 digits that do not relate to relatives, friends, birthdays, anniversaries, etc. A strong password would require a minimum of twelve digits and contain at least two small case letters, two capital letters, two numbers and two symbols.
Accessibility for customers will be much different. The McBride Web site must have a user- friendly access, integration and interaction. It is critical customers can view and conduct the following:
Make online mortgage payments and or payments to escrow accounts
View current mortgage application status
View current mortgage account information to include payment history, disbursement of payment amounts to interest, principal, escrow account disbursements to Mortgage insurance, Property Taxes, and Homeowners Insurance.
Sources used to access McBride 's Local Area Network (LAN) include computer workstations, any laptops, tablets and or smartphones issued to select staff assigned access permissions to certain data on the network. Another source is remote administrative privilege access by Smith Consulting, who is contracted to maintain the network 's hardware, software and functionality. Customers will be required to input an approved username and password and then be able to access only their specific account information stored in McBride 's database. The database is located on the network server storage via secure encryption from a secure link on McBride 's website host.
It is critical all electronic and digital information stored and used on McBride 's network is compliant with laws and rules governing the information systems controlled by McBride 's hardware and software. Such laws are: The Gramm-Leach-Bliley Act and the Sarbanes-Oxley Act. The effects of regulatory compliance on information systems can be complex, but cannot be ignored. As a financial institution, it is recommended McBride become familiar with the laws and hire specialists to work the confluence of regulatory compliance involving information security. Best business practices, along with regulatory compliance equates into better information security practices and assists in the protection and privacy of both customer and company sensitive information.
Integration
System integration is the process of implementing a new system to interface with an existing system (Legazpi, 2014). Integrating a new system is more complicated than just buying new products and plugging them in. Integration requires careful planning and strategy for it to be effective.
McBride Financial Services opened a new location in South Dakota.
McBride would like this location connected to the home base location in Boise, Idaho for ease of information sharing between the two locations. Security of client information is of top priority for this project.
The new location in South Dakota will need an Internet modem and wireless router. The modem will be used to connect the office to the Internet, and the router will be used to connect the workstations of the new locations together to create a LAN. A wireless router will allow authorized users to connect to the network from a wireless device. The settings in the router itself will be used to control what devices can connect to the network by using MAC filtering. User account controls will be set on all workstations to control which users have access to sensitive materials.
Security software will be required for the new location to create user authentication, virus protection, and data protection (Cooper, n.d.). User authentication will require users to provide a username and password to access accounts. This authentication prevents unauthorized use on an account, and records activity by users. Virus protection is necessary. The security software will guard against viruses, adware, or malware from stealing or destroying information. A firewall will block incoming connections to the network. Data protection involves encrypting data transferred between locations on a network
connection.
Network administrators, McBride 's CEOs, and affected stakeholders will need to decide which users will have access to what materials. Once a decision is made for user account access, network administrators configure settings in the router and user workstations. In addition, they will need to agree on a budget for the hardware, software, installations, and design of the new system.
After the network and security software are installed at the new location, the manager will need to monitor the new system. Success and areas of opportunity can be identified by analyzing the data record.
References
IT accessibility for business advantage. (2006). Datamonitor, Retrieved from http://www-03.ibm.com/able/dwnlds/Datamonitor_accessibility_white_paper.pdf
Valacich, J., & Schneider, C. (2012). Information systems today: Managing in the digital world (5th ed.). Upper Saddle River, NJ: Pearson Education.
Software Testing Procedures. (2009). Retrieved from David Bowman 's Information Management Checklist: http://www.information-management-architect.com/software-testing-procedures.html
Noblett, T., September 2006, Understanding Regulatory Compliance, New Laws and Regulations Affecting IT Pros, Retrieved from http://technet.microsoft.com/en-us/magazine/2006.09.businessofit.aspx
University of Phoenix. (© 2005, 2011 Apollo Group, Inc.). Transcript of conversation between Hugh McBride (HM), of McBride Financial Services and Abram LaBelle (AL) of Smith Systems Consulting discussing the computer network needed for McBride’s planned offices. Retrieved from University of Phoenix Virtual Organizations, https://ecampus.phoenix.edu/secure/aapd/CIST/VOP/Business/Smith/intranet/NetworkTranscript.pdf
CMGT 445
Rough Draft Business Case for Investment
McBride Financial Services plans to expand its mortgage loan business operations to eight locations. The home office is in Boise Idaho. Newly leased office space is now available in the Sioux Falls S.D. location. The CEO, Hugh McBride, requests the design, development and implementation of a secure, reliable and effective Local Area Network (LAN) for the Boise and Sioux Falls locations. This project will require satellite locations, like Sioux Falls, to be connected to the Boise Home Office LAN. The connection is done to facilitate accessing data and information by authorized personnel, including remote access privileges to Smith Systems Consulting; …show more content…
for purposes of maintaining McBride 's information systems hardware and software.
Available information to assist the Business Case Team in order to provide the best solution for McBride Financial Services: Smith Systems Consulting recently conducted an interview with Mr. Hugh McBride. He expressed the following: "Since we are dealing with personal financial information, I am quite concerned about security. I don 't want to face a lawsuit from a disgruntled client because the client 's identity was stolen or even get a letter from a couple telling us that their personal information was posted on the Internet. The technology to be implemented must be on the leading edge when it comes to security. We also want to implement an internal security system, which prevents all employees from accessing the company 's clients ' information. Security is imperative. We realize it will not be cheap to secure our information, but we can 't spend all our money on security and not have our other technological needs met. In addition to technical security, we are concerned with physical security of the computer systems, but I don 't understand how we can protect our information but still provide access to clients in the office. Each office will have a separate location to keep computers and other equipment. We are concerned about various security issues, because the success of the company will be based on the clients ' perception of privacy of their personal information; in addition to the level of service of their mortgage needs".
Prototyping Environments and Processes
In the prototyping process the prototype will be built, tested, and then reworked as many times necessary in order to develop the an acceptable prototype system that can be used to develop the final product. After the interviewing of user and everyone that will use the system, development of the first prototype, the evaluation phase, the final prototype development, and testing the advantages and disadvantages of the process are evaluated.
Some of the most notable advantages from using the prototyping process are the reduced time, cost, and improved user involvement. Time and cost reductions occur by helping the developers develop an improved and high-quality product that does not require any new changes. Changes later on in the development stage can cost much more than in the early stages. Improved user involvement benefits the development of the new system because it will allow the users to interact with the system and provide both negative and positive feedback. The feedback will give the developers an opportunity to make the necessary adjustments which will lead to a product that is more likely to satisfy the users and more effective. By properly following the prototyping process some of the benefits to look forward to are:
A better quality system
Clear identification of problems early in the development phase
User involvement, identify system requirements
The cost associated with the new development
The necessary training can be addressed
For example, there may be a time when the developer may not fully understand the needs of the user. Creating a prototype assists sorting out misunderstanding between users and the product. Having this early system in place, the identification of any issues will be addressed with time and before the final product. Once all the quirks have been addressed, getting the users involved will allow them to see the benefits of the new product, and they will eventually buy into it.
Testing Design to Include Procedures and Standards
Once the business analyst has met with the designer to review the specifications, the developers will start the coding that is outlined in the requirements document.
It is at this time that each unit of code must be reviewed to ensure the designer we are following the project standards. (Software Testing Procedures, 2009) If the designer raises a question concerning the functionality, it should be decided before the coding starts, that any late design standards, will become part of a second release; because additional functionality will put the project outside the expected delivery date.
The next step in the process is to create a test plan based on the requirements document. The business analyst will perform the procedure of code and then document the expected results and the actual results. It is very important that the documentation has enough detail, so if the test fails, the developer will know where the failure occurred. (Software Testing Procedures, 2009)
A modular approach seems to work best in this type of project. The developers can start with the basic design, test it, and proceed with more complex coding. The basic design can be used multiple times in a project, and can be expanded to follow each requirements …show more content…
document.
It will be the responsibility of the developer to implement the technical standards into the test data. The developer will locate the production databases that contain representative data for testing database tables. If none is available, then the developer will create database tables. Before creating the database tables, the business analyst needs to ensure the test data validates the module 's logic. Testing should adhere to the functional requirements and technical standards. Our business analyst will ensure that test data tests all module source code and each conditional logic branch. Each test will be fully documented. After the documentation is complete, the business analyst will schedule an internal code review with appropriate team members.
At this time, we will be creating the testing environment. The testing environment is where the business analyst and designer have a little bit of creative freedom in the visual look of the environment. Once the environment has been created, testing will begin. The test plan will be documented at each individual test case. The last test to be completed will be done by designated employees in the User Acceptance Testing environment.
Accessibility
An employee accessibility plan will include identifying what data and information employees must have access to, based on job position and need to know. Once this list is generated Mr. McBride along with the top level managers will review and approve. Once approved, appropriate permissions will be applied by the assigned network administrator and then reviewed by the approving authority assigned by Mr. McBride. The accessibility plan must coincide with the company 's current information system security policy. It is recommended the current security policy be amended to include strong criteria for usernames and passwords used to access any of the company 's hardware, software, network and intranet. An example of a username would be using 12 digits that do not relate to relatives, friends, birthdays, anniversaries, etc. A strong password would require a minimum of twelve digits and contain at least two small case letters, two capital letters, two numbers and two symbols.
Accessibility for customers will be much different. The McBride Web site must have a user- friendly access, integration and interaction. It is critical customers can view and conduct the following:
Make online mortgage payments and or payments to escrow accounts
View current mortgage application status
View current mortgage account information to include payment history, disbursement of payment amounts to interest, principal, escrow account disbursements to Mortgage insurance, Property Taxes, and Homeowners Insurance.
Sources used to access McBride 's Local Area Network (LAN) include computer workstations, any laptops, tablets and or smartphones issued to select staff assigned access permissions to certain data on the network. Another source is remote administrative privilege access by Smith Consulting, who is contracted to maintain the network 's hardware, software and functionality. Customers will be required to input an approved username and password and then be able to access only their specific account information stored in McBride 's database. The database is located on the network server storage via secure encryption from a secure link on McBride 's website host.
It is critical all electronic and digital information stored and used on McBride 's network is compliant with laws and rules governing the information systems controlled by McBride 's hardware and software. Such laws are: The Gramm-Leach-Bliley Act and the Sarbanes-Oxley Act. The effects of regulatory compliance on information systems can be complex, but cannot be ignored. As a financial institution, it is recommended McBride become familiar with the laws and hire specialists to work the confluence of regulatory compliance involving information security. Best business practices, along with regulatory compliance equates into better information security practices and assists in the protection and privacy of both customer and company sensitive information.
Integration
System integration is the process of implementing a new system to interface with an existing system (Legazpi, 2014). Integrating a new system is more complicated than just buying new products and plugging them in. Integration requires careful planning and strategy for it to be effective.
McBride Financial Services opened a new location in South Dakota.
McBride would like this location connected to the home base location in Boise, Idaho for ease of information sharing between the two locations. Security of client information is of top priority for this project.
The new location in South Dakota will need an Internet modem and wireless router. The modem will be used to connect the office to the Internet, and the router will be used to connect the workstations of the new locations together to create a LAN. A wireless router will allow authorized users to connect to the network from a wireless device. The settings in the router itself will be used to control what devices can connect to the network by using MAC filtering. User account controls will be set on all workstations to control which users have access to sensitive materials.
Security software will be required for the new location to create user authentication, virus protection, and data protection (Cooper, n.d.). User authentication will require users to provide a username and password to access accounts. This authentication prevents unauthorized use on an account, and records activity by users. Virus protection is necessary. The security software will guard against viruses, adware, or malware from stealing or destroying information. A firewall will block incoming connections to the network. Data protection involves encrypting data transferred between locations on a network
connection.
Network administrators, McBride 's CEOs, and affected stakeholders will need to decide which users will have access to what materials. Once a decision is made for user account access, network administrators configure settings in the router and user workstations. In addition, they will need to agree on a budget for the hardware, software, installations, and design of the new system.
After the network and security software are installed at the new location, the manager will need to monitor the new system. Success and areas of opportunity can be identified by analyzing the data record.
References
IT accessibility for business advantage. (2006). Datamonitor, Retrieved from http://www-03.ibm.com/able/dwnlds/Datamonitor_accessibility_white_paper.pdf
Valacich, J., & Schneider, C. (2012). Information systems today: Managing in the digital world (5th ed.). Upper Saddle River, NJ: Pearson Education.
Software Testing Procedures. (2009). Retrieved from David Bowman 's Information Management Checklist: http://www.information-management-architect.com/software-testing-procedures.html
Noblett, T., September 2006, Understanding Regulatory Compliance, New Laws and Regulations Affecting IT Pros, Retrieved from http://technet.microsoft.com/en-us/magazine/2006.09.businessofit.aspx
University of Phoenix. (© 2005, 2011 Apollo Group, Inc.). Transcript of conversation between Hugh McBride (HM), of McBride Financial Services and Abram LaBelle (AL) of Smith Systems Consulting discussing the computer network needed for McBride’s planned offices. Retrieved from University of Phoenix Virtual Organizations, https://ecampus.phoenix.edu/secure/aapd/CIST/VOP/Business/Smith/intranet/NetworkTranscript.pdf