Software Change Request Process Document

Department of Information Technology

Software Change Request Process Document

Version 0.01 The purpose of this document is to describe Software change request process workflow which will be required by the Change Initiators in support of the Request for Software Changes. This document is designed to ensure that all Software Change Initiators have the same level of awareness and knowledge regarding the process flow that is followed and required to be adhered within the Al Shirawi Group. Jaspreet Sahmey Mr.M.N.Chaturvedi ( IT Director ) 14th March 2013 Version 0.01

Abstract:

Author: Approved by : Effective Date: Issue:

Oasis Investments LLC All Rights Reserved Printed copies of this document are for reference only

Oasis Investments Private

Software Change Request Process Document

Department of Information Technology

Purpose
The purpose of this document is to define the process of planning, scheduling, communicating, and executing software change requests successfully. The main focus is to establish a clear understanding with the procedures that promote the successful introduction of a software change, while minimizing negative impact and maximizing the productivity to the existing business. This procedure is supplemental to the Software Change Request Process that is required to be adhered within the respective organization. Refer to the process documentation for detail process flows and information.

Roles and Responsibilities

This section identifies additional participants and/or responsibilities involved in the software change request process. Role Description
A person submitting the Software Change Request is the Change Initiator and is therefore responsible for managing the change in the Initiate Phase:Providing high-quality information in the change

Responsibilities
Business Justification All supporting information and a reference ticket raised with helpdesk Initial risk assessment Engaging all affected parties prior to the change being raised Ensuring approvals are achieved in a timely manner The reference ticket raised with helpdesk should be closed once change is implemented. Sign off with a conformation on the software change request once implemented successfully.

Change Initiator

Oasis Investments LLC All Rights Reserved Printed copies of this document are for reference only

Oasis Investments Private

Software Change Request Process Document

Department of Information Technology

Role

Description

Responsibilities
The IT Security Officer must consider : Is there a valid case for change? Are the proposed Impact, Risk and Schedule acceptable? Do we have the capacity? Security review and approval The Units HOD must consider : If the Change proceeds, will it satisfy the stated need? Is the proposed schedule correct? If the Change doesnt proceed, will this damage the Business or the Network? Cost review and approval Change Implementation PVT tester(s) / Post Verification Testing UAT sign-off Test Plans for both Implementation and Back-Out Cost Estimation / Analysis

Units IT Security Officer

Reviews and approves the Software Change Request

Units HOD

Reviews and approves the Software Change Request

IT

Implements the proposed software change after approval

Oasis Investments LLC All Rights Reserved Printed copies of this document are for reference only

Oasis Investments Private

Software Change Request Process Document

Department of Information Technology

Role

Description

Responsibilities
Change Controller plays an additional key role in the software change requests to ensure that the correct approvals and information have been included and attained for each software change request. Ensure compliance with the process for the software change requests. Assign a unique ID to the software change requests after approval from HOD and IT Security Officer. Maintains a copy of the software change requests after it is approved from the Units IT Security Officer. Final Acceptance Sign Off.

Change Controller Software Change Requests

Reviews and maintains the

Internal Audit

Maintains the Software Change Requests

Step by step procedure for Software Change Request:

(Note: Software Change Request Form - Department on Information Technology is required to be referred for the details on Section A/B/C/D discussed in the process steps mentioned below)

Step 1: The change initiator initiates the Software Change Request with the valid business justification that is required to be filled in SECTION A: Description of Change/Cost and Justifications (where Cost is optional) and submit the details to the units HOD for approval.

Oasis Investments LLC All Rights Reserved Printed copies of this document are for reference only

Oasis Investments Private

Software Change Request Process Document

Department of Information Technology

Step 2: The Software Change Request is sent to IT to prepare the resolution details and cost estimation in SECTION B: Resolution Details once approved from HOD (In Step 1) and is forwarded back to units HOD and Units IT Security Officer for approval. (The change comes back to the initiator if rejected with a reason of rejection) Step 3: The Software Change Request is sent to IT for development once the Cost is approved by the Units HOD and Units IT Security Officer with a unique ID number that is assigned by the Change Controller. (Note: The same copy of Software Change Request is sent to the Internal Audit as a notification on the software change that is going to be implemented after approvals). Step 4: After the successful implementation of the software change request in development, PVT (Post Verification Testing) is done by IT and the same notification is sent to the Change Initiator and Units IT Security Officer. (SECTION C: Test Process and results confirmation) Step 5: Once PVT is confirmed correct then UAT (User Acceptance Testing) is performed and the Software Change Request module is moved to PRODUCTION after user signoff and the Change Ticket is marked CLOSED. (In any discrepancies with UAT, the request is sent back to the IT with the comments for any amendments) (SECTION D: Final Result and Acceptance)

Note: The helpdesk ticket is as well required to be closed immediately once the Software Change is implemented successfully as per request.

Oasis Investments LLC All Rights Reserved Printed copies of this document are for reference only

Oasis Investments Private

Software Change Request Process Document

Department of Information Technology

Process Workflow
Software Change Request Initiated
Once approved by HOD and Security Officer / Request sent back to IT for implementation in development

One copy of the change request is sent to Internal Audit at this phase

Unit HODs Approval

Approved and sent to IT Sent for cost approval to HOD (Including H/W and S/W: if any)

Unit IT Security Officers Approval

Sent for security review due to change to Unit IT Security Officer

Unique ID # is assigned by Change Controller at this phase

User is as well notified about PVT at this phase

Resolution Details and Cost Estimation by IT

Full Documentation and Change Implemented in Development by IT

PVT (Post Verification Testing)

PVT Once Confirmed Correct

UAT (User Acceptance Testing) / Sign Off with Internal Audit

DBA moves to PRODUCTION after checking ACCEPTANCE and DOCUMENTATION in this phase

All change related documentation is enclosed in a file and a change is closed.

Oasis Investments LLC All Rights Reserved Printed copies of this document are for reference only

Change CLOSED

Oasis Investments Private

Software Change Request Process Document

Department of Information Technology

IT Security Officers in Al Shirawi Group:

S.No. 1 2 3 4 5 6 7 8 9

Unit Name Head Office ASECO EPP / Lunad ASE / D&H GSL ESG Companies MPI / OWT AST / OMM Oasis Enterprises

IT Security Officer Mr. Asif Saifuddin Master Mr. Mahesh H Shah Mr. Abizar Z Motiwala Mr. Robinson Panicker Mr. Manish Kumar Bodiwala Mr. Saptharishi Rajagopalan Mr. Uday Chate Mr. Raymond Pineda Roy Not yet disclosed

Oasis Investments LLC All Rights Reserved Printed copies of this document are for reference only

Oasis Investments Private