Management information system

Choice of IT

Information Technology Implementation Plan

September, 1997 Page E – 1

INFORMATION TECHNOLOGY IMPLEMENTATION PLAN

The final chapter details an implementation plan that lays out the initial actions needed to
realize the strategic IT direction recommended in the previous chapter. These are actions
to be taken over the next year. We will organize these actions in three sections that
coincide with those in the strategic direction chapter. The first actions are related to data
management, the second to applications development and management, and the third to
network support. Various IT support function recommendations are included where
appropriate in each of these sections.

Data Architecture

To effectively identify and manage priority data such that it can be easily accessed and
shared, distributed and presented with in and across organizational boundaries requires a
coordinated set of actions. A series of actions must be undertaken both to establish a data
management infrastructure and then to develop the corporate data warehouse. These
actions are listed below:

• Establish a data management team (DMT).

Membership/tenure: The team would be composed of seven members including a

representative from the IRMB and representatives from each of the program
areas, and would be staffed by the departmental data administrator. The IRMB
representative would chair the Team and provide regular updates to the IRMB.
Members would rotate on an off the team in a staggered manner. The initial
members would remain on the Board for a year. Two members would step down
after the initial year, two more after a year and a half, and the remainder would
step down after two years. The staggered departure is intended to encourage
continuity which would be very important for a team with the responsibilities of
the data management team.

Key responsibility: The principle responsibility of this Team would be to

establish a departmental data management strategy. This strategy would include
the prioritization of shared data needs, the identification, high-level design, and
oversight of data-related projects, and the development of data-related policy
recommendations for review by the IRMB.

• Hire a departmental database administrator.

Page | 119
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

This position would staff the Data Management Team, oversee the detailed
specification and implementation of data-related projects, and would recommend
departmental, data-related policy for review by the Data Management Team and
by the IRMB. It would be located in ITS and would provide data modeling
services to major applications development teams. This position would

Information Technology Implementation Plan

September, 1997 Page E – 2

coordinate data modeling for and overall construction of the corporate data
warehouse. Finally this function would furnish technical assistance for divisional
database developers to assure secure, well-designed databases.

• Select data management tools

In conjunction with representatives from the Systems Development Team, the

Database Administrator would review and recommend enterprise and desktop
databases or database standards, data clean-up tools, data extraction tools, and
data repository tools to be reviewed and approved by the IRMB and adopted by
the entire department. (The front-end development tools selection is included as a
step in the “Applications Architecture” section.) This selection of common tools
is an essential component of the overall migration to an N-tier application
development environment.

• Establish departmental data-related policy

The DMT should develop recommendations for review and approval of the IRMB
regarding the following data-related policy areas: 1) user access - who is granted
what kind of access to which data; 2) security – what tools and procedures should
the department and divisions adopt to adequately secure data; 3) data
accountability – who is responsible for updating data, assuring its integrity, and
promoting the consistent interpretation of data, and 4) design reviews - design
reviews evaluate the data requirements of an application development project and
identify whether a data requirement in the proposed application can be satisfied
using existing data warehouse data. They determine whether data collected in the
proposed application should be supplemented and/or included as part of an
evolving data warehouse. Finally, design reviews are also intended to ensure that
shared data is defined consistently across applications.

• Develop the initial iteration of the corporate data warehouse data model and
Page | 120
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

design and implement a database repository.

The database administrator would design and develop a data repository. This
repository is a database documenting metadata for the data warehouse. It is the
principle enterprise data administration tool. Storing shared enterprise data in a
central repository incrementally builds the enterprise data model and helps
promote data reusability, reliability, and sharing across the enterprise. The
repository must be actively maintained (e.g. changes to metadata occur in the
repository before the changes occur in operational application systems). (One
possible repository solution is to augment the existing Catalogue of Electronic
Databases.)

• The Data Management Team would immediately initiate three phases of the
departmental data management strategy.

Information Technology Implementation Plan

September, 1997 Page E - 3
All of these phases focus on the data needs of the regulatory divisions (i.e. those
divisions that issue and monitor regulatory permits like the divisions of Air and
Water Quality). The first phase is the definition of a primary key or development
of a “cross-walk” table that enables the common location of pollution discharge
sources across divisions. As an example, this identifier would be used to identify
an incinerator for both the Division of Waste Management and for the Division of
Air Quality. This phase should begin with a comprehensive review of similar
efforts conducted by the EPA. The second, parallel phase would be the
identification of priority data needs to model and to populate the first iteration of
the corporate data warehouse. The final phase would be the designation of
“systems of record” which are the systems from which the corporate data
warehouse data would be pulled. A system of record is an authoritative source for
data. Data in a system of record is trusted to be accurate and up-to-date. All other
data stores should synchronize to the system of record. All of these phases would
require substantial, systematic input from the departmental user community, and
the final solution will require solid, sustained senior management support.

• “Clean” and extract data to populate the corporate data warehouse

First, the “owners” of the systems of record would review and clean data that is to
be held in the corporate database. (It should be noted that this is often a lengthy
and tedious task that will often require a material dedication of resources.)
Second, the database administrator would coordinate the development of data
extraction/population applications by members of the SDT staff. Finally, the
Page | 119
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

database administrator would test the quality and performance of the applications.

• Design and build user interfaces and query features for the corporate data
warehouse

An SDT project manager would direct the design and development effort. This
effort would include significant participation by senior and divisional
management as well as participation by SDT programmer/analysts and by the
database administrator.

• Pilot the data warehouse application then establish and implement a distribution
plan for the data warehouse application

The DMT would select a small number of departmental end users to test and
make recommendations regarding the data warehouse application. These
recommendations would be documented and incorporated into application
revisions by the SDT project manager. In parallel, the database administrator
would monitor use by the pilot group, and in conjunction with Network
Engineering representatives devise use projections and platform
recommendations. The DMT would then develop a deployment strategy for the
application.

Information Technology Implementation Plan

September, 1997 Page E - 4
These steps are intended to establish and distribute the initial iteration of the corporate
data warehouse. The warehouse itself will be an evolving store of information with
subsequent phases that will extend the database and its user community.

• Systematically review current data gathering forms and practices for possible
redesign

Each Division Director would assign staff to a review current data collection
procedures and forms requesting recommendations on ways to accelerate, more
effectively target, and more appropriately assign resources to data entry.

• Require the regular use of the Catalog of Electronic Databases

The Catalog of Electronic Databases provides information about the departmental

applications and databases. It is an extensive compendium of metadata about the
department’s electronic databases that complies with the Public Records Law.
Page | 119
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

This compendium, if used regularly by the divisions to describe their databases

would be an excellent resource for staff and for external customers to know what
information the department currently holds. Widespread, regular use will require
strong, consistent senior management support.

Applications Architecture

The application architecture sections delineate actions that refer to the selection and
adoption of departmental development tools, the resolution of the Year 2000 problem,
and recommendations regarding the development of priority applications.

• Systematically review and select departmental development tools

The Systems Development Team in ITS (SDT) should establish a tools selection
group (TOOLs) to evaluate alternative tool sets and to make recommendations to
the IRMB. The IRMB would then establish tool standards for the department as a
whole. The team should consist of SDT staff, IT professionals in the divisions,
and divisional power end users. To position the department for an eventual
migration to an N-tiered architecture, this group should select tools, (i.e. interface
tools, business rule tools, data access tools) that are portable across platforms.
Any of the following approaches can be adopted:
Best of breed. Separate, specialized tools are used for each tier of an
application. Middleware must be used to support communications between
the different tiers.

Front end/back end. Two different tools are used: a specialized user
interface development tool and an integrated tool set that also provides
middleware for the business rule and data access tiers. Middleware must

Information Technology Implementation Plan

September, 1997 Page E - 5
be used to support communications between the user interface and other
two tiers.
Integrated. Integrated tool sets, or CASE tools, are used that generate code
for all tiers of the application. These tools provide the middleware
necessary to support communications between all tiers of the application.

• Systematically review and select departmental systems management software

The TOOLs group should add representatives from the Network Engineering
Team, and as an expanded group, it should identify and consider alternative runtime
software management tools. (In a networked environment, these tools are
Page | 119
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

many of the same tools used to monitor network activities.) It should select and
evaluate this software through literature searches and the review of assessments.
For final selection, evaluation copies should be obtained and tested for expected
functionality. These evaluations would then be passed and reviewed for adoption
by the IRMB.

• Establish system design standards and fold them into the departmental
methodology
As a final assignment, the TOOLs group should specify design standards that
would be reviewed and adopted by the IRMB. These standards would revolve
around ease of use, the evolution of the department application architecture to an
N-tier architecture and related flexibility in application development and
maintenance, and the timeliness and functionality of applications. Once these
standards have been adopted by the IRMB, they should be included as part of the
department’s application development methodology.

• Provide training in the use of new software tools

As the tools are adopted, the SDT and Network Engineering section chief s should
coordinate with the training section of the HR/P division to identify vendors, to
select and schedule courses for ITS staff, and to arrange any necessary contract
relationships to provide required training to divisional IT personnel.

• Hire a systems integrator.

This position would be located in ITS and play a key role in the development and
maintenance of a coherent, supportable distributed computing environment. To
expedite and simplify the implementation of the distributed computer
environment, this position would work with the TOOLs group to recommend
policies and tools that would address such things as client to server
interoperability, server to server interoperability, task partitioning and allocation,
and service brokerage guidelines. This position would also provide guidance on
the selection of middleware. In addition to the systems integrator’s role in

Information Technology Implementation Plan

September, 1997 Page E - 6
developing and recommending standards, this position would provide expert
assistance to developers, helping them implement selected standards, interface
hardware and software components, and effectively use development tools.

Page | 119
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

• Establish Year 2000 conversion/test environment and adopt rigorous testing

practices

Before the conversion of any application can start, there are certain "one-time"
tasks that need to be accomplished as part of the baselining effort. These tasks
should be undertaken by both ITS for departmental, cross-divisional, and small
division applications and by larger divisions for their applications. These tasks
are: 1) acquisition, installation, and training on the appropriate testing tools and
repositories (e.g. defect trackers, module trackers, testing trackers, automated
testing tools, data extraction tools, etc.), and 2) capacity planning to ensure
enough CPU horsepower as well as adequate storage capabilities for the setup of
the year 2000 conversion regions.
Testing regions include the: alpha region where unit testing will be conducted, the
beta region where subsystem, module integration, system, and regression testing
are conducted, and the production-like region which mimics that of the "real"
production region. This is where the initial acceptance testing is conducted. Each
Year 2000 region should be set up with its own sets of test data (using possibly a
data extracting tool). A baseline snapshot of the originally extracted test bed is
kept aside to be used to periodically refresh the test data which may be corrupted
during the testing.

For each noncompliant application, document the application's current functional

behavior. To do this, create test scripts capturing the functionality of the
application. The scripts should be designed with the users’ and developers'
assistance. These scripts are documented, run, and captured (using possibly an
automated testing tool) against the actual current production release. Special
consideration is given to those test scenarios that are date sensitive.
The different steps in the testing lifecycle include: 1) unit testing that applies to
one application module at a time and is performed by the developer who
converted the application module, 2) module integration testing to measure the
level of correctness of these related modules as they interact with each other, also
the sole responsibility of the developer, 3) subsystem testing, performed by a team
of testers who have an understanding of the workings of the subsystems
(examples of subsystems: all on-line screens, all reports, all database-stored
procedures), 4) system testing is also performed by a team of testers and is
administered in the beta region using the regression test scripts that were captured
during the baselining process. The system is judged to be tested successfully
when all of its regression test scripts are run successfully, and 5) acceptance
testing demonstrates the accuracy of the conversion of the entire system. User
representatives are responsible for conducting this testing in the production

Page | 119
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

Information Technology Implementation Plan

September, 1997 Page E - 7
region. Once satisfied with the behavior of the application, the conversion team
can safely conclude that the year 2000 conversion did not adversely affect the
application for current business processing. User sign-off is required at this stage.
Finally, record completed conversions, and make regular reports to the
departmental Year 2000 project manager.

• Identify, evaluate, convert, test and deploy non-Year 2000 compliant crossdivisional
and enterprise applications.
Once non-compliant applications have been identified, dedicate an ITS project
manager to the Year 2000 project for the noncompliant applications that do not
“belong” to individual programmatic divisions, determine and assign staff
resources that can either be pulled from lower priority projects or can be
contracted, assign priorities to non-compliant applications, determine appropriate
fixes for each application given such things as the age and “repair” of the
applications, the relative resources required for replacement and other fixes, and
the anticipated time requirements and constraints associated with alternative fixes.
Develop conversion plans for each application, convert applications, and test
conversions. Finally, record completed conversions, and make regular reports to
the ITS director and to senior DENR management.

• Provide support services for departmental divisions as they address the Year 2000
compliance issue.

Select an SDT staff member or contract an individual: 1) to develop and conduct

training for divisional IT professionals based on Year 2000 standards and
procedures approved by the IRMB and 2) to provide technical assistance to
divisions who are converting noncompliant applications. This individual would
assist divisions in designing their conversion/test environment, in developing
procedures to evaluate and assign priorities and fixes to a division’s applications,
and in designing a full set of tests.

• Hire project managers and initiate feasibility studies for two mission-critical,
highly visible divisional applications
Two highly visible, mission critical applications that are essential and have not
yet been initiated include the Division of Environmental Health (DEH) drinking
water revolving loan fund project, and the Division of Soil and Water
Conservation (DSWC) cost-share program project. Given the size and
complexity of these projects and their overall visibility, project managers should

Page | 119
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

be hired to initiate the feasibility study and the high-level design for each of these
projects. It is important that the project managers are hired as soon as possible.

• Develop high-level functionality descriptions, rationales, and develop funding

mechanisms for “possible” applications

Information Technology Implementation Plan

September, 1997 Page E - 8
These descriptions and rationales would be developed by those divisions that have
an interest in the possible applications presented in the previous chapter. Funding
may result from collaborative development efforts. Four “possible” applications
that are responsive to important information requirements identified in the
Business Case chapter are the decision-tree application permitting system, the
complaints database, the part-time employee tracking application, and the
coordinated divisional rules migration to a single site on the Internet.

Networking Architecture

The final set of implementation recommendations refer to networking activities and

infrastructure. These tasks are intended to position the department to bolster its current
networking infrastructure and support services to accommodate the more demanding
needs of a truly distributed computing environment.

• Evaluate current configuration of servers and if necessary, develop a migration

plan to relocate server software such that different server functions reside on
different computers.

These evaluations would be conducted by ITS and by divisional network

engineers and are intended to avoid potential performance and reliability
problems.

• Evaluatetheir current computer configurations and upgrade servers where

appropriate

These evaluation would be conducted by ITS and divisional network engineers.

Guidelines that can be used to benchmark the existing configuration are included
in the previous chapter. In many cases these upgrades will be relatively
inexpensive but would provide significant improvements in performance and
reliability.
• Invest in technologies that enable 100mbps data transmission speeds

Page | 119
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

Network engineers in those divisions with category 3 cable should develop

migration plans to move to category 5 lines where feasible and should coordinate
with divisional management to replace lower capacity cable when office
renovations permit. Fast network interface cards should be included with the
purchase of any new computers, and where appropriate, should be purchased for
existing computers. Those divisions with token-ring protocols should develop
migration plans to switch to Ethernet. Finally, divisional network engineers
should consult with ITS network engineering and SIPS to evaluate the benefits of
introducing fast Ethernet switches.

• Establishan ad hoc team to evaluate, prioritize and select network management

tool standards for the department

Information Technology Implementation Plan

September, 1997 Page E - 9
ITS Network Engineering would establish the network management team and
coordinate its activities. This team which would include divisional network
engineers, a networking expert from SIPS, and ITS representatives. The
evaluation and selection effort should be closely coordinated with the selection of
software management tools. Initial evaluations may rely on industry reviews in
trade magazines, and final evaluations should include acquisition of evaluation
copies and on-site testing of expected functionality. Recommendations should be
developed and passed to the IRMB for review and adoption as departmental
standards.

• Determine which organizations should purchase and use which tools and locate
responsibility for various monitoring activities.
At one end of the spectrum, a single set of tools could be purchased and used to
monitor all networks in the department. At the other, each division could
purchase and use its own set of tools. The network management team should
consider the location of tools and monitoring activities and make
recommendations to the IRMB for review and adoption.

• Install
network management tools and provide necessary training to use the tools
Network Engineering should assist divisional LAN managers with the installation
of network management tools where necessary. As the tools are adopted, the
Network Engineering section chief should coordinate with the training section of
the HR/P division to identify vendors, to select and schedule courses for ITS staff,
and to arrange any necessary contract relationships to provide required training to
divisional IT personnel.

Page | 119
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

• For divisions that practice continuous monitoring, evaluate the use of electronic
data capture devices

Staff assigned by the Division Director would select a pilot monitoring site and
test electronic capture devices. Use the site to test: 1) termination systems that
read monitor sensors, 2) data acquisition systems that interface with the
termination system and transfer the data to a host, perhaps to a database and 3)
I/O software to process, analyze and display the data acquired remotely by the
data acquisition system. The preferred solution should acquire and transmit data
over any Ethernet or Internet network using built-in industry-standard TCP/IP
protocol. This feature would provide a non-proprietary interface to virtually any
host enabling integration of acquired data with the division’s networked resources
(e.g. PC’s, databases). Based on positive findings, phase in remote data capture
for division monitoring sites. This could be a collaborative effort across divisons.

• Install
a centrally located application server for administrative and small division
applications

Information Technology Implementation Plan

September, 1997 Page E - 10
During the planning process, it became apparent that a large number of small but
helpful applications have been identified by management in the smaller divisions
and in administrative divisions. A consistent roadblock to the implementation of
these applications is the lack of an available application platform. To address this
need, ITS should secure and maintain an application platform. The platform
would include a high-powered Pentium II processor(s), adequate RAM, harddisk,
and high capacity storage, and use Windows NT as the operating system. This
application server may be used initially to provide a conversion/testing
environment for Year 2000 application conversions.

• Adopt and distribute the SIPS guidelines for data/network security

The IRMB should review the SIPS guidelines for data/network security, make any
necessary revisions, and adopt these guidelines for all departmental divisions.

• Establish and distribute disaster recovery plan guidelines

The IRMB should establish guidelines for divisional disaster recovery plans and
require that such plans be documented for each of the department’s networks.
Below are a draft set of guidelines that should be considered when developing or
refining these plans:

Page | 120
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

Make a list of potential disasters that could affect the network (e.g. disk
crashes, physical component failure, computer viruses, hackers, physical
destruction from disaster or disgruntled employees), consider the kinds of
responses necessary to address these disasters, and estimate the maximum
amount of downtime that each could cause.

Prioritize automated applications. The network engineer in conjunction

with division/departmental management must determine which system
functions must be up and running immediately after a disaster and which
can wait. Where possible, use the Year 2000 inventory as a catalog of
applications. Otherwise interview managers and ask them to describe
exactly what their departments do and what applications they use. Before
doing so, develop categories of criticality that can then be used to assign to
each application (e.g. essential, full-time function, vital part-time
functions, routine operational tasks, development functions).
Identify and implement preventive measures. At a minimum, familiarity
with and implementation of data protection measures is necessary. Data
should be backed up regularly, organized properly, and stored securely.
Second, to avoid downtime, upgrade to Redundant Arrays of Inexpensive
Disks, or RAID, which is a specification for clustering multiple disk
drives. (These drives share data and enable a server to continue operating
even if one of the drives malfunctions.) Third, inventory or have quick
access to important network components. Forth, ensure that automatic
virus scanning is in place for each workstation as well as for each server.

Information Technology Implementation Plan

September, 1997 Page E - 11
Fifth, provide UPSs that provide power backup to a system (e.g. servers,
routers, peripherals) for hours during a power failure. Finally, explore
contracting with an alternative data center, ensuring that space and
equipment are available if a disaster renders the current site unusable.
Disaster recovery service vendors can provide this service in the form of a
hot site or cold site.

Document recovery instructions. Prepare detailed instructions explaining

exactly what to do when any system needs to be recovered. Be sure to
include information about the following:
Whom to call within the division, in ITS, in other divisions, and in
external agencies. When developing this list remember that certain critical
Page | 120
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

personnel may not be available and make contingencies.

How to retrieve backup tapes and copies of other needed media. These
instructions are particularly important when storing data offsite. The DR
plan should include a list of all the details about offsite storage, including
whether the storage vendor separates clients' materials into specific bins or
lockers, and what containers or tape sets are associated with each platform
or server.

Names and contact information for vendors who can supply new
computers with information about level of service. Names and contact
information for vendors who can supply consultants to perform recovery
operations.

Test recovery plan periodically (e.g. every six months). At a minimum practice
backup/restore drills.

• Maintain the departmental Internet presence and establish a departmental intranet

To create and manage these Internet and intranet services requires a series of
coordinated activities: 1) enforcement of web policy, 2) maintenance of
DENR/divisional homepages, 3) creation and maintenance of other constituent
web pages, 4) installation and maintenance of a web server(s), and 5)
administration of the intranets.

The following units or teams should perform these functions respectively. Public
Affairs would be responsible for monitoring and, in conjunction with the IRMB,
enforcing departmental Web policy. Public Affairs would also be responsible for
maintaining the department’s home page, establishing and maintaining a coherent
directory of pages, and selecting and introducing search engines.

Members from throughout the department would have authority to author web
pages subject to departmental policy. As noted in the existing policy, authors are
responsible for maintaining information in the pages. Should the policy be

Information Technology Implementation Plan

September, 1997 Page E - 12
ignored, sanctions including dissolution of the page should be implemented by
Public Affairs.

ITS Network Engineering would be responsible for installing and maintaining the
Page | 119
MIT- Maharaja Institute of Technology
Management information system
Choice of IT

departmental web server(s) for both the Internet site and for the intranets. If
possible the department’s intranets and Internet site should reside on the same
platform (though perhaps on different machines), and they should use the same
development tools. Given that the department is moving toward a Windows NT
applications development environment, and given the increasingly prominent role
that Internet application solutions will play with the emergence of the intranet, it
is recommended that a Windows NT server be the web server of choice for the
department.

Finally, the administrative intranet would be administered by ITS SDT and

systems integration staff. Intranet administration would include the selection,
installation, and upkeep of the intranet management software, the structuring and
management of intranet information, intranet security, and expert assistance to
developers of Internet/intranet based applications.

Conclusion

The department is well-positioned to undertake many of the proposed data management,

application development and maintenance, and networking initiatives. While incremental
resources will be necessary to undertake these initiatives, the benefits that would derive
from these investments would be considerable and would represent a moderate though
material step toward the proposed state information technology architecture. If these
initiatives are undertaken, the department can anticipate dramatic improvements in the
rate of information exchange across the divisions, in access to information by
departmental staff and by external constituents, and in the time required to develop
distributed applications

Page | 119
MIT- Maharaja Institute of Technology