4-8.3 Roles and Responsibilities

 

Roles

Responsibilities

Executive sponsor and Business Relationship Management portfolio manager as agents of the VP functional business area and VP IT, respectively

Jointly review C&A and business documentation and make the decision to return the information resource to the applicable C&A phase for rework or to deploy it into the production environment by preparing and signing a deployment letter.

Project manager

Deploys the information resource and files the C&A documentation package.

With DRS, ensures that the contingency plans are tested periodically and the test results and lessons learned documented.

Ensures that the contingency planning documents are updated and maintained current.

Ensures that C&A documentation package is kept current.

Ensures the secure operations and maintenance of the information resource.

Ensures that the existing security controls are periodically reviewed to determine whether they are still sufficient and implements additional security controls or modifies existing security controls as required.

Executive sponsor

Determines whether changes are significant and ensures that the C&A process is reinitiated as required.

Business Relationship Management portfolio manager

Provides guidance and assistance.

ISSR

Supports executive sponsor and Business Relationship Management portfolio manager as requested.

ISSO

Provides guidance and consulting support.

DRS

Reviews contingency planning documents and accepts them as complete or returns them to the executive sponsor for rework.

Stores the contingency planning documents.

With the project manager, tests the contingency plans.