Network Project - Network Essay Example

This project is requirement of my course work for the subject so and so - Network Project introduction. This network project is essential to provide us the oversight we required in the field of networking. While doing this project we will learn how things shape from when we start the project and how they end. The Practical aspects of any networking models are aimed to achieve after writing this project report. In this project we are required to pass through the complete development life cycle from start to end. We will install the Windows servers 2003 and Active directory and will focus on exploring the options offered by both the software. We will try to implement these in an Enterprise environments and big networking organizations.

Project Overview

Need

essay sample on "Network Project"

? We will write a cheap essay sample on "Network Project" specifically for you for only $12 - "in interactive mode.90/page

More Network Essay Topics.

This system demonstrates the use of a speech-enabled Web application using Microsoft Visual Studio .NET and the Microsoft .NET Speech SDK Version 1.0 beta. The .NET Speech SDK is a useful tool for Web developers seeking to make their applications accessible to end users with telephone access only, or for those using mobile devices, such as GUI cell phones, wireless PDA’s or Tablet PCs, where traditional keyboard input is difficult.

Applications that support speech input and output only (no visual components), aimed at users calling in from telephones, are termed telephony applications. Applications that support both speech and visual input and output, aimed at people using Web browsers either on a PC or mobile device, are termed multimodal applications. We will create a multimodal application in this system.

Very little programming is necessary to create telephony and multimodal applications; most of the work involves creating grammars and prompts using the Grammar and Prompt Editors and setting properties in an easy-to-use QA control. The .NET Speech SDK makes it very simple, so that even a junior developer can create speech-enabled Web applications.

Objectives

The objective of making this hospital management system impaired with VXML is to enable users (Patients, Doctors and Administration) not only to enjoy the normal functionalities (stated above) over the intranet but also be able to avail these services from anywhere via the telephone. This would mean that if someone wants to know any status then they would not necessarily have to be at the hospital or get in touch with the administration of the hospital.

The interactive chat session provided through the site would enable users to avail an online consultation with the doctors and would save them from the hassle of visiting the hospital.

For security purposes sessions involving updates/cancellations (over the intranet or telephone) would be secured via a login and password to be supplied. However due to the limitation of the telephone key pad the password would only be in digits (like a pin code) that will be used for verification purposes.

Windows Server 2003

The development of this project is going to be done on Windows server 2003 © we have chosen this operating system because Windows Server 2003 is well-known for its stability, security and user friendliness. Even its predecessor Windows 2000 is not able to compete with the fame Windows server 2003 has gained. Microsoft claims that the windows 2003 perform remarkably by taking less time at set up and is a step ahead in providing ease to its customer when it comes to configure it. Windows Server 2003 simplifies branch server management, improves identity and access management, reduces storage management costs, provides a rich Web platform, and offers cost-effective server virtualization (Chellis, Perkins and Sterbe, 2005).

Active Directory

An active directory is a very common term these days but it can be different to many people. We will be implementing standard based directory sever, proprietary directory server & simple directory server. Our client’s requirement is to make everything standardization so we came up with a solution of implementing Active directory –standards based directory server. In this system, protocols like LDAP and Kerberos provide access to other network computers. These two protocols are good to provide vision of directory while internal database appears as a X.500 data model which is only exposed directly to the rest of the world via LDAP. Microsoft uses a technology for client server communication called RPC, which is an acronym for Remote. Active directory is an administration system and an implementation of LDAP directory services produced by Microsoft. A windows network can be administered using this simple and easy GUI interface. It allows the administrator to assign various policies, enable him to install programs to many computers on network and apply critical updates in very little time. It operates the information and settings from a single, central and organized database concerning an organization. It has ability to network large installations with millions of objects (Chellis at el., 2005).

Scope

This interim project focuses on planning and designing of the project on Windows 2003 Server using Active Directory. We will be implementing voice function and techniques over certain modules of the online hospital management whether over the Internet or Intranet.

Project initiatives to include a number of security and assurance related features and applications. The features described may be of general interest to the Hospital community, but are specifically aimed at the operability and integrity of the network. Firstly we would focus on making these functionalities available over the Intranet and then after that we could concentrate on covering these applications using VXML.

Implementation Idea

Hospital Management System has two ends to meet: Firstly the input would be provided through keypads. Secondly the output would be received through voice. In the speech application domain, the term “grammar” refers to a set of words or phrases that the application will accept, i.e., the input. The grammar is used by the speech recognition engine to narrow the possible user inputs and thereby increase speech recognition effectiveness. For example, a very simple grammar might contain the words “yes” and “no,” and a speech recognition engine would have little trouble distinguishing between those words. The .NET Speech SDK includes a Grammar Editor with a testing tool that the developer can use to make sure that grammars work correctly before integrating them into the application.

A “prompt” refers to a phrase or sentence that the application can play to the user. For example, the application might prompt the user with the phrase “Please press 1 for hearing doctors profile.” Prompts are especially important in telephony applications because they are the only way to communicate with the user. The .NET Speech SDK includes a Prompt Editor with a validation tool to confirm that the prompts are working correctly.

Aims and Objectives

The goal of this project is to develop and implement complementary systems providing the following services along with other services required by the project:

User and group account profiles
Disk management and fault tolerance strategies
Remote users
Backup and restore procedures
IIS
Active Directory architecture and design
Network services

 Target Audience

We are mainly targeting Hospitals. A target audience can be from small size clinics to large size Hospitals.

 Other potential customers

Other then hospitals, our applications other target audience could be any company, university or organization which has inclination of installing and configuring Windows 2003 server or an Active directory server or both. Typically following companies can benefit from our project:

Pharmaceutical labs
University Computer labs
Central Databases
Chemical labs to store data
Small and medium sized organizations
Engineering companies
Biological labs
Large sized organizations

The Main Focus Evolves

1. Conversion of speech to text.          (Input)

2. Conversion of text to speech.          (Output)

3. Taking in Data from the application     (Input)

4. Showing Data from the application       (Output)

5. The web based application is intended to be browser independent.

3.3. Customer Requirements

Our customer is a very big Hospital called Shriners Hospitals – USA. Shriners Hospitals – USA is operating globally. Company’s requirements are already mentioned in the PROJECT SCOPE section. This company desires to establish a secure network which has one central database at each branch. They also wish to take proper backups everyday and would like to replicate data to all the other network servers to avoid any risk, one more big & main functionality of the application is that they want to implement voice recognition technology through which doctors, management and patients can communicate and perform actions. Besides this, they also wish to run local networks which would connect to this vast network. However, it is not necessary that every node on the LAN would connect to this vast network. They want big user groups and strong policies to be enforced to avoid any unwanted access on the network.

Major Functionalities

Website Functionalities

Make appointments
Update appointments
Doctors Profile
Doctors Schedule
Doctor’s consultation fee
Doctors personal information
Patients Profile
Medical Report
Billing Status
Patients personal information
Maintenance of Doctor’s profile
Maintenance Patients profile
Appointment scheduling
Administration status (Sign Out/ Sign In)
Doctor’s status (Sign Out/ Sign In)
Patient’s status (Sign Out/ Sign In)
Interactive Chat Session

VXML Functionalities

Make appointments
Confirm appointments
Appointment update
Information Retrieval of
Doctors Profile
Patients Profile
Doctor’s status (Sign Out/ Sign In)
Patient’s status (Sign Out/ Sign In)
Actor

Use Cases

               Patient

(Keyboard input-website)

(Keypad input-telephony device)

    Initiates
Request to view doctor’s profile

Request to view patient’s profile

Request to update appointments through web site

Request to make appointments through web site

Request to Sign In through web site

Request to Sign Out through web site

Request to retrieve forgotten password

Request to change password through website

Request to change pin code through website

Request to initiate chat session

Request to hear doctor’s profile

Request to hear patient’s profile

Request to update appointment through telephony device

Request to make appointment through telephony device

Request to Sign In through telephony device

Request to sign out through telephony device

Request to change password through telephony device

Request to change pin code through telephony device

Administrator

(Keyboard input-website)

             Initiates
Request to view doctor’s profile

Request to view patient’s profile Request to set doctor’s profile

Request to set patient’s profile

Request to update appointments through web site

Request to Sign In through web site

Request to Sign Out through web site

Request to retrieve forgotten password

Request to change password through website through website

Request to change pin code through website
Doctor

(Keyboard input-website)

(Keypad input-telephony device)

    Initiates

Request to view doctor’s profile

Request to view patient’s profile

Request to set patient’s profile

Request to update appointments through web site

Request to Sign In through web site

Request to Sign Out through web site

Request to retrieve forgotten password

Request to change password through website

Request to change pin code through website

Request to Initiate Chat Session

Request to hear doctor’s profile

Request to hear patient’s profile

Request to update appointment through telephony device

Request to Sign In through telephony device

Request to sign out through telephony device Request to change password through telephony device.

Request to change pin code through telephone device.

Team members

Our team contains five members each having different skills but these all are active team players:

A
B
C
D
E
Roles of each team member

No.
Names
Roles Description
Skills
1
A
Project Manager
Project Management
2
B
Team Leader
LAN/WAN Engineer
3
C
Member
Graphic Designing, Documentation and Networking
4
D
Member
VXML & security implementation.
5
E
Member
Documentation & Testing

Project Schedule

Detailed time-line describing goals of each week
Phase 1: Sever 2003 Network

Part 1: Planning the Network Infrastructure
Understanding Computer Roles and Specifications
Locating & Identifying Network Resources
The OSI Reference Model
The Physical Network Infrastructure
The Logical Network Infrastructure

Part 2: Determine IP Address Requirements
IP Addressing
Sub-netting
IP Address Configuration
DHCP Deployment & Configuration
Installing and Configuring a DHCP Server

Part 3: Determine Name Resolution Requirements
NetBIOS Name Resolution
LM HOSTS file
WINS Servers and Push/Pull Replication
NetBIOS Name Cache
DNS Name Registration
Planning DNS Security
Troubleshooting Client Configuration Problems
Troubleshooting Server Configuration Problems
Configure the DNS Server Service in Active Directory

Part 4: Using Routing and Remote Access
WAN Topologies
WAN Technologies
An Overview of Static Routing
A Review of Dynamic Routing
Securing Remote Access
Common Troubleshooting Tools
Configure a dial-up RAS Server & Manage authentication

Part 5: Server Clustering
The types of server cluster available with Windows Server 2003
Designing a Clustering solution
The Installation and configuration of network load balancing clusters
The Installation and configuration of server clusters
Creating a Network Load Balancing Cluster

Part 6: Identify the Default Security Settings
Planning a Security Framework
NTFS Permissions
Share Permissions
Registry Permissions
Active Directory Permissions
Account Policy
Audit Policy
Auditing Resources & the Event Viewer

Part 7: Plan and deploy Security Configuration
Reviewing Group Policy
Baseline Security Configuration
Create a Role Specific Configuration
Deploy a Role Specific GPO
The Security Configuration Wizard (SCW)
Create a test and deployment plan
Managing security configuration with security templates
Deploying security templates with group policy
The Security Configuration and Analysis Tool
Modify and Applying a Security Template

Part 8: Secure Communications using Digital Certificates & IPSec
An introduction to a Public Key Infrastructure (PKI)
Plan and Design a PKI
Install and Manage Certificates
Plan an IPSec Deployment
Deploy IPSec
Creating an IPSec Policy

Part 9: Design a Security Infrastructure
Determine Internet Security Requirements
Plan a Security Update Infrastructure
Secure Wireless Networks
Provide Secure Network Administration
Installing, Synchronizing and configuring SUS

Part 10: Maintain Server Availability
Using the Performance Console
Using Network Monitor
Monitor Server Services
Planning a Backup Strategy
Using Volume Shadow Copy Service (VSS)
Using Automated Systems Recovery (ASR)
Recovering Files Using the Shadow Copy Service

Phase 2: Active Directory

Part 1: Plan and Install an Active Directory Structure
Logical & Physical Components of Active Directory
An Introduction to the Active Directory Schema
An Introduction to Global Catalog Servers and Universal Group Caching
Replication Partitions
Planning the Active Directory Infrastructure Design
Verifying the Active Directory Installation
Troubleshooting the Active Directory Installation
Removing Active Directory from a Domain Controller
Promote & Configure a 2003 Server into a Domain Controller

Part 2: An Overview of Active Directory Administration
Administrative Tools
Forest and Domain Functional Levels
Operational Master Roles
Restructuring a Domain
Renaming a Domain Controller
Creating a new MMC to configure the schema
Using the NETDOM command to rename a Domain Controller

Part 3: Manage and Configure Trust Relationships
Managing Trust Relationships
The types of trust relationship
Managing and configuring trusts using the AD Domains and Trusts snap-in
Using the NETDOM command to configure trusts
Creating and Administering a Forest Trust

Part 4: Configure Sites and Manage Replication.
The Replication Process
The Replication topology
The Replication Protocols
Sites, Site links and attributes
Bridgehead Servers
Monitoring and Troubleshooting Replication
The Global Catalog and Universal Group Caching
Application Directory Partitions
Configuring Sites and Site Links

Part 5: Manage & Configure Users and Groups
Create and Manage User Accounts in Active Directory
Managing User Profiles & Home Folders
Smart Card Authentication
Manage Group Membership in Active Directory
Group Scopes and Group Nesting

Part 6: Administer Active Directory Objects & Implement an OU Structure
Controlling Access to Active Directory Objects
Understanding Organizational Units
The DSMOVE.EXE command line tool
Finding objects in the Directory
The DSQUERY command line tool

Part 7: Plan & Implement Group Policy
Group Policy components
Linking GPO’s and Administrative templates
Group Policy Inheritance and GPO conflicts
Delegation of control of a GPO
Planning Group Policy
An Introduction to the Group Policy Management Console (GPMC)
Troubleshooting Group Policy
Create, modify and Delegate control of a GPO

Part 8: Managing the User Environment with Group Policy
Resultant Set of Policy (RSoP)
Reviewing Folder Redirection and Offline Files
The deployment of software using group policy
Planning and preparing software deployment
Maintaining software deployment with group policy
Deploying & Assigning Software with Group Policy
Part 9: Software Restriction policy & Security Templates
Implementing software restriction policies
Default Security Levels
Software Restriction Policy Rules
Software Restriction Policy Recommendations
Troubleshooting Software Restriction Policy
Audit Policy and the Security Log of the Event Viewer
What are security templates
Managing security configuration with security templates
The default security templates which are available
Deploying security templates with group policy
The Security Configuration and Analysis Tool
Modifying and Applying a Security Template

Part 10: Managing Active Directory Back-up & Restore
Backing up Files and Folders
The Types of Backup
Restoring Files and Folders
System State Data
Non-Authoritative Restore & Authoritative Restore
Active Directory Database Maintenance using the NTDSUTIL command.
What are security templates
Backing up System State Data on a Domain Controller

Part 11: Monitor and Troubleshoot Performance
The System Monitor Tool
Performance Logs and Alerts
Typical Active Directory Objects and Counters
Managing Active Directory Performance via Command Line
Troubleshooting Performance Logs and Alerts
Configuring a Performance Log and Generating a Report
Phase 3: Routing and Remote Access

Part 1: Routing and Remote Access
User Authentication
Authentication Protocols
Internet Authentication Service (IAS)
Remote Access Policies
Packet Filters
Routing Protocols
VPN
Demand-Dial Routing
Phase 4: Disk management and fault tolerance
Part 1: Veritask anti backup (Windows default Service)

Part 2: Nova net (Service)

Part 3: Rapid Access Disk (Tool)

Phase 5: Network Services
Part 1: DHCP

Part 2: DNS

Part 3: Windows Update Service

Part 4: Remote Installation Service

Part 5: Windows Internet Name Service (WINS)

Phase 6: IIS
Enabling Web Service Extensions
Creating Web or FTP Sites
Creating Virtual Directories in IIS
Renaming Virtual Directories
Configuring Authentication
Creating Application Pools in IIS
Creating and Isolating Applications in IIS
Obtaining and Backing Up SSL Certificates
Backing Up and Restoring the Metabase in IIS
Redirecting Web Sites in IIS
Hosting Multiple Web Sites
Assigning Resources to Applications in IIS
Controlling Access to Applications in IIS
Enabling ASP.NET
Enabling ASP Pages in IIS
Saving Configurations
Starting and Stopping Services
Configuring Recycling in IIS
Administering Servers from the Command Line in IIS
Administering Servers Remotely in IIS
Enabling Network File System Support

Behaviors
“ Request to view doctor’s profile Use Case “

Behavior
Automated/Manual
Object type
System loads page with list of available doctors
Automated
Doctor
System searches doctors profile and displays it
Automated
System

“ Request to view patient’s profile Use Case”

Behavior
Automated/Manual
Object type
System loads patients profile
Automated
Patient
System searches patients profile and displays it
Automated
System

“Request to update appointments through web site Use Case”

Behavior
Automated/Manual
Object type
System loads list of patients and their schedule
Automated
System
System loads the available slots of appointments
Automated
System
System saves changes in appointments directory
Automated
System

“Request to Set doctor’s profile Use Case”

Behavior
Automated/Manual
Object type
System loads the options
Automated
System
System loads the doctors profile
Automated
System
System saves changes in database
Automated
System
System generates confirmation message
Automated
System

“Request to set patient’s profile Use Case”

Behavior
Automated/Manual
Object type
System loads options
Automated
System
System loads the a form for patients profile
Automated
System
System saves changes in database
Automated
System

“Request to make appointments through web site Use Case”

Behavior
Automated/Manual
Object type
System loads list of the available time slots for appointment
Automated
System

System saves these changes in the database
Automated
System

“Request to Sign In through web site Use Case”

Behavior
Automated/Manual
Object type
System performs verification of ID and Password
Automated
System
System loads user’s login page
Automated
System

“Request to hear doctor’s profile Use Case”

Behavior
Automated/Manual
Object type
Profile Loaded from system database and read to requester*
Automated
System

“Request to hear patient’s profile Use Case”

Behavior
Automated/Manual
Object type
Profile Loaded from system database and read to requester
Automated
System

“Request to Update an appointment through telephony device Use Case”

Behavior
Automated/Manual
Object type

System shows available slots
Automated
System
System generates confirmation message
Automated
System

“Request to make appointment through telephony device Use Case”

Behavior
Automated/Manual
Object type
System reads available slots of appointments
Automated
Potential Patient, Patient
Confirmation message read to user
Automated
System

“Request to Sign In through Telephony Device Use Case”

Behavior
Automated/Manual
Object type
System requests to requester to dial password through telephony keypad
Automated
System
System Verifies password
Automated
System
System loads requester account settings
Automated
System

“Request to Sign Out through Telephony Device Use Case”

Behavior
Automated/Manual
Object type
System expires the session
Automated
System
System generates a confirmation message
Automated
System

“Request to Sign In through web site Use Cases”

Behavior
Automated/Manual
Object type
System verifies password
Automated
System
System loads requesters account page
Automated
System

“Request to Sign Out through web site Use Cases”

Behavior
Automated/Manual
Object type
System would expire that session, and log out the requester
Automated
System
System generate a page with confirmation message of sign out
Automated
System

“Request to retrieve forgotten password Use Case”

Behavior
Automated/Manual
Object type
System loads page to enter ID and Pin Code
Automated
System
System shows the password to user
Automated
System

“Request to change password through website Use Case”

Behavior
Automated/Manual
Object type
System loads page requesting to enter ID and Pin Code
Automated
System
System generates page to enter new password
Automated
System
System saves changes in database
Automated
System
System generates confirmation message
Automated
System

“Request to initiate chat session Use Case”

Behavior
Automated/Manual
Object type
System would load a page to enter ID and Pin Code
Automated
System
System verifies the ID and password
Automated
System
System loads chat interface
Automated
System

Object Matrix Table

Potential Patient
Patient
Administrator
Doctor
Time Slot
Appointment
Schedule
Potential Patient

Becomes

View
Select
Makes
View

Patient
Becomes

View/Chat
Select
Make/

Update
View

Administrator

Set/view

View/Update
Freeze/

Unfreeze
Update
View

Doctor
View
View/chat

View/Chat
Freeze/

Unfreeze
View/

Update
View

Time Slots

Selects
Select
Freeze/

Unfreeze
Freeze/

Unfreeze

Appointments
Makes
Makes
Update
View/Update
Contains

Schedule
Views
View
View
View
Contains
Contains

Project Development Life Cycle
Project development lifecycle includes following four phases which our project will also go through:

Analysis Phase
During analysis phase, we will complete all our planning and research. We will also try to reach to some conclusion that may be finalized in the next phase. Following phases are our deliverables for Analysis Phase:

Planning the Network Infrastructure
Research and plan IP Address Requirements
Research and plan Name Resolution Requirements
Analyzing the Routing scheme and Remote access routes
Plan for server Clustering
Plan Security Configuration
Plan and Install an Active Directory Structure
General Overview of Active Directory Administration
Research the information on Trust Relationship
Search for Replication techniques
Plan for the User and Groups Scheme
Plan Group Policy
Restriction and Security Planning
Backup and Restore planning
Troubleshoot planning
Disk management and fault tolerance planning
Network Services (DHCP and DNS) planning
IIS planning
Voice SDK
Design Phase
During design phase we will look at architecture feasibility and will start making design of all those phases that we have decided (after careful analysis) to implement in our network project. On completion of our design phase we will have following deliverables of this phase:

Designing IP infrastructure
Determine IP Address Requirements
Determine Name Resolution Requirements
Designing Routing scheme and Remote Access possibilities
Design the Server Clustering techniques
Design Security Configuration possibilities
Design Plan for an Active Directory Structure
Designing Active Directory Administration
Manage Trust Relationships
Design lay out plan for replication
Design Users and Groups Scheme
Design Group policy
Designing Restriction policy and Security templates
Backup and restore design
Troubleshoot design
Disk management and fault tolerance design
Network Services (DHCP and DNS) designing
IIS designing
Design of Voice application
Implementation Phase
By the time we will reach implementation phase we will have enough analysis and designing of our project deliverables and one after another we will start implementing our network designs while we will keep testing our installation, configuration and settings so that it may not create any problem at the time of processing in real world environment. At the end of implementation we will have following deliverables:

Implementing IP infrastructure
Implementing IP Address Requirements
Implementing Name Resolution Requirements
Using Routing and Remote Access
Implementing Server Clustering
Deploy Security Configuration
Install an Active Directory Structure
Implementing Active Directory Administration
Configure Trust Relationships
Configure Sites and Manage Replication
Manage & Configure Users and Groups
Administer Active Directory Objects & Implement an OU Structure
Plan & Implement Group Policy
Managing the User Environment with Group Policy
Software Restriction policy & Security Templates implementation
Managing Active Directory Back-up & Restore
Monitor and Troubleshoot Performance
Disk management and fault tolerance implementation
Network Services (DHCP and DNS) installation and configuration
Windows Internet Name Service (WINS) installation and configuration
IIS installation and configuration
Implementation of Voice application & SDK

Test Plan

Test Items

The items we are testing consist of interface consistency of web pages, web pages integrity, resolution test, ASP pages, form fields, database validation and application/network security.

Approach

The approach we are using is bottom up approach, as we start off the testing of individual functionalities and approaching to the main functions.

Testing Environment

The testing has performed on the Pentium IV computers. We have performed testing in a LAN environment on the Webserver. The operating system onto which the testing has performed is MS Windows2003 server.

White Box Testing

The white box testing consists of the following categories:

Database records testing
Typographical errors

Database Records Testing

In this part of testing we are checking for wrong entries or Null entries occurred in the record set due to logically invalid code.  We are also checking the record updating consistency i.e. whether the records are updating correctly or not.

Typographical Errors

The testing for the Typographical error will be conducted so that any code that is left un-commented or any unusual message that the developer writes for his convenience can be checked.

Black Box Testing

The black box testing consists of the following categories:

Interface errors
Incorrect functionality
Behavior performance

Interface Errors

We are checking the web site for several interface errors such as testing the website interface on different resolutions, checking the page layouts consistency i.e. font style font colors, button size and position, indentation of text page loading test.

Incorrect functionality

In this part we are checking for incorrect functionalities such as website navigation errors, multiple login errors and site security verification errors. Field validation checking on null and invalid fields, hyperlink validity test and Site upload test (Webserver integrity test).

Behavior Performance

At this stage we are checking the behavior of the system by entering specific combination of data and different characters. The behavior of the system whenever the traversing of the database is done is checked on the boundary values, behavior of the system while running on different browsers and different computers and page loading time.

Test Case Specification

The test cases we used in our testing are listed here.

Test Case 1 – Login Test

All user accounts that were created and exist in the database will be tested. Each user’s functionalities will be checked and an observation would be attempted to see whether each user is receiving the information he is expected to receive. In case the user types an incorrect user-id / password he should be redirected to the invalid login page. The user should have the liberty to change his password whenever he wants after login.

Test Case 2 – Multiple Login Test

Two types of multiple login tests will be conducted:

Using same user name and password to login to the website through the same PC. Using same user name and password to login to the website through different PCs. The login should not be accepted under any of the two conditions.

Test Case 3 – Application Security Test

The application would be tested for any unauthorized access to certain pages.  Changing the contents of the address bar would do this. Each login has a specific address. We would attempt to change one or two values of the address and see if we are able to access another login while two conditions are being observed:

The other user has already logged in from another terminal.

The other user has already logged in from the same terminal.

The other user has not logged in.

Test Case 4 – Session Expiry Test

In order to note down the time it takes for user login session to expire, the session expiry test will be conducted by allowing the PC to be left untouched for a certain period of time after login. If after returning, the session has expired, the test result would be termed as success because the session should expire after a certain time period for security purposes.

Test Case 5 – Resolution Test

A resolution test will be conducted to check for any changes in the page structure that might appear when the screen size and resolution are adjusted. Different browsers will be used to check for any page breakups and graphical distortions that might appear.

Test Case 6 – Browser Compatibility Test

This test is to check whether the website is compatible with other browsers e.g. Netscape Navigator, Opera, Internet Explorer, Neoplanet.

Test Case 7 – Hardware Compatibility Test

The speed and performance of the website will be checked over different PCs using various hardware configurations. Originally we are doing all our testing on Pentium IV 2.0 GHz with 256MB RAM. We would also be checking the speed and performance on a Pentium III 1.0 GHz.

Test Case 8 – Field Validation Test 1

In this test we would take certain symbols and insert them in the form fields. Our objective is to check for any errors in the database as well as the asp code of the website when the database accepts an erroneous value. At times it so happens that a value or a symbol inserted in a field, when read by the asp, is taken as part of the code. This causes an error in the asp and the submission is not accepted.

Test Case 9 – Field Validation Test 2

The database should be clear enough not to accept any blank values in any cell that has a ‘*’ next to it. Empty fields would be submitted. We would keep a note on the following:

There should be no submission if field is empty.

There should be no submission if field value is invalid, e.g. in place of numbers, the user typed a character.

Test Case 10 – Field Validation Test 3

The asp should only accept input from a particular field if the size of the input is valid, that is, it should be the same as that defined in the database. For this purpose we would test every field by inserting specific number of input characters and testing their length in the corresponding data field in the database.

Test Case 11 – Form Component Validity Test

This test is to check whether the desired action occurs while pressing the desired button and also all the drop down menus, radio buttons, check boxes and different form components are working correctly.

Test Case 12 – Hyperlinks Validity Test

The pages should not have any hyperlinks leading to dead or incorrect pages. At times the hyperlinks lead to pages that were never created. This is usually the error of the programmer who forgets to add a valid page link in the end.

Test Case 13 – Email Hyperlink Test

This test will be done to check any links that are supposed to be used for email. On clicking such a link the compose page of Outlook should open with the desired email address in the “To” field. For this purpose the “Mailto” tag should be placed in the link.

Test Case 14 – Theme Consistency Test

The theme of the website should be the same throughout the website. The background, heading, titles, fonts and page structure should be consistent. It is advisable to use cascaded style sheets in this reference.

Test Case 15 – Page Integrity Test

This test would identify any errors that might appear in browsing through the forward and back buttons within the website. Our objective is to note any changes in the requested information that might appear during the browsing. At times the back button refreshes a login session and the page disappears.

Test Case 16 – Record Add/Update Test

In this test, each field of the form would be added with various valid values. The database would be left open as the new value is added and submitted. Objective of this test is to check the database tables for correct and consistent value received. Another check would be made on any field that the user updates later. This would tell us whether the database is creating an entirely new account after updating or simply adjusting the new value in place of the old one as required.

Test Case 17 – Update Result Test

At times on certain websites the results that appear after login come from the system cache. The user has to refresh those pages in order to view the updated and current results. This is not considered a good practice. Hence the updated results test would detect such errors and identify pages that need to be refreshed.

Test Case 18 – Admin / User Simultaneous Update Test

We would login to the database and adjust some values. From another PC we would login to the user account whose values are being adjusted. Our objective is to check when the user receives the updated values. The user should know that the database was adjusted while he had already logged in.

Test Case 19 – Page Loading Test

This test would be done to identify the time it takes to load a page. Two criteria will be observed:

First time load – Page loaded for the first time on a PC with the cache empty.

Load through cache – The page would be reloaded and the time it takes to reload it would be noted. The page source should be the system cache.

Test Case 20 – Download Time Test

This test deals with the download of the interested pages of the website, this includes that whether the page is downloaded completely and how long it takes for a page to get downloaded. All the images should also be downloaded in a specific folder and when the page is locally accessed the images should be visible.

Test Case 21 – Condition Code Test

This is a test to check the “if, then else” conditions in the website. The page should not proceed if the condition is not satisfied. Likely so the page should not refresh if a condition is not satisfied.

Test Case 22 – TAB Index Test

In this test we check that where our cursor moves on pressing the TAB key. In this it is checked whether the cursor skips a particular field or does it moves to the desired field.

Test Case 23 – Boundary Value Test

The end of file and beginning of file would be checked to see whether an alert is generated when EOF or BOF is reached. The user should not be able to browse further once the limit is crossed.

Test Case 24 – External Software Test

We would use the software “HTML Power Tool” to check the image size, spellings, rule base and Meta errors on the entire website.

Test Case 25 – Typographical Errors Test

At times, the coder add some checks in the code to see whether the site is functioning properly for a particular code amendment. Some coders forget to remove that check later. These errors where the final output has an unwanted check or text on it come under typographical errors. We would test the site for such errors.

Test Case 26 – File Name Validity Test

A website should always consist of file names that are valid and refer to the page being visited. In other words, a webpage should be named after its contents and should not have a name like page2.htm. A test will be conducted to see whether the names of the webpage match the contents of that page.

Acceptance Criteria

The acceptance criteria decide the satisfaction level of a component, system or a deliverable. Acceptance Criteria is the success measure of each component, system or deliverable. It describes on what level and quality a deliverable in the acceptable state. It is used by both sponsors (if any) and the team members to know when a deliverable is acceptable and can be approved (Haugan, 2002). In our case our fully functional and smoothly administered network would be the acceptance criteria for the project.

Graphical interface design

Network diagrams are the best to explain the plans, especially when they are evolving constantly. It broadens mind and also help to make better picture of hypothetical idea. This would be any network diagrams that show the whole company layout by site, with the connection methods in between. This map does not have to be identical to, but should resemble something similar to Figure 1. If it doesn’t exist, it needs to be made first, before anything else is done. Without a map, or a diagram of the current network, you will find it somewhat difficult to plan a Windows Server 2003 deployment across the network.

In this example we will consider our client. They are in 3 separate locales, one location in the US, one location in the UK, and one location in Asia. It is also important for the understanding that where a site exist. Since we think our network to be multi-continental therefore it is good to focus this scenario.

 Report design

Status Reports
Describe the format, frequency, and distribution of status reports during the project lifecycle.

 Weekly
Describe the process used to update the weekly status reports, i.e. in order to provide the approvers with information about recent completions, accomplishments, and effort expended.

 Monthly
Describe the format, frequency, and distribution of monthly reports during the project lifecycle.

Deployment plan

When planning and designing a Windows Server 2003 deployment that spans a global Wide Area Network (WAN), understanding how the base operating system communications subsystems function will help us to size our lines appropriately, plan a site link architecture that follows a planned design and so on. When placing domain controllers (DCs) on a network, they need to be designed so that they can help us to control bandwidth consumption, through them – site links can be used.  It is very important to assess our network properly before deployment. If we do not assess properly, problems such as an under assessment of the unknown effect on our telecommunications lines when rolling out Windows Server 2003 in our corporate network will raise its ugly head right in front of us and our bosses, we could cause problems not only to the current data traversing the network, but also to the directory service that Windows Server 2003 relies on – Active Directory Service (ADS or ‘AD’ for short). Directory corruption is not fun to deal with, hence why backups are so important, but to keep yourself from having to restore or deal with major issues, planning the replication strategy to ‘avoid’ corruption in the first place would be wise. We need getting our access, plan, design, and avoid disaster.

Support plan

Data corruption happens all the time, Directories are nothing more than data files that can be corrupted and a poorly performing directory system will only eventually become corrupted and cause issues. Consider the NTDS.DIT file, nothing more than a file, nothing more than the ‘Active Directory database’. Problems with our directory will cause an unstable environment which breeds nothing but problems such as users being able to logon, then not being able to log on are big issues.  To not consider what may affect our network bandwidth in our plan is technical suicide, most of what a company relies on to do business comes across such telecommunication lines, and Ethernet based network switches phones, email, Instant Messaging (IM), file transfers, Internet access, application access, printing and so on so ensuring that we assess all that was just mentioned in our planning stages will help lessen the risk of something bad happening not only to our directory, but also to the other systems running on the network.

In today’s large environments, it is imperative to get the most out of your network bandwidth so that businesses can continue to operate, and the businesses do not overspend on telecommunications costs which can get out of control very quickly if not monitored carefully. Our data transmission speed can be affected by any excessive traffic created by applications and services, which is not an easy job.

Network Management

Network professionals in the new millennium are facing the most difficult network challenges of their careers. They must manage the critical infrastructure that provides the foundation for business. Our application is based on intranets, extranets, and over the Internet and data is stored in server forms.  Because of heavy load, security and sophisticated networked applications, our client requirement is demanding more robust network services. For the corporation, support to be a world-class competitor in today’s market, the network must be available 7×24 and have the necessary bandwidth available to service its internal as well as external customers. Understanding this need is only a small part of the task at hand. The network manager must not only have the proper infrastructure to direct this critical traffic to the proper destination, but just as importantly must also have the necessary hardware and software tools deployed to proactively manage this environment.

Our network will work on (MIBs) embedded within routers and switches as well as Network Analysis Modules (NAMs), which utilize the remote monitoring (RMON) MIB. RMON-based queries are not the only method of network monitoring, but because of their applicability to numerous network management functions, they are of great value. The data collected by these intelligent agents can be viewed in real time for a quick glance or for troubleshooting. In addition, the data can be stored in a database for historical viewing, reviewing, network base lining, and trending.

Change Control

Tracking, recording and auditing of all changes administered to the network and its devices.

Today’s issues far exceed connectivity and access. In the asset management area, the LAN administrator must control all of the devices on the network. He must know which devices are added or removed, and where they got added to or removed from.

In the area of operations management, administrators need to know the versions of software that their networks are running, and the state of all devices. Strong network operations management also ensures that there are no rogue devices on the network. It indicates where upgrades are needed, and whether licenses are up to date.

Change control is another major IT initiative. Network monitoring tools administrators to take snapshots of the network, and can even be automated to take network snapshots whenever there is a change. These changes become an audit trail for purposes of tracking and accountability. They allow a LAN manager to troubleshoot problems that might have occurred because of a specific change.

Risk Management

“The chance of something happening that will have an impact upon objectives” (Australia1n and New Zealand Standards – Risk Management Standard). There can be a number of risks that can cause impairment if they are not mitigate or reduced in the beginning. In our case these risks can be reputational risk, compliance, operational risk and infrastructural risks. On further scrutiny, we can realize that if we just take a good hold on our compliance and infrastructure we will not have most destructive risk which is reputational risk. For risk reduction and mitigation we need to consider following:

Risk management is an essential tool of good management practice and governance. It is the process whereby there is shared awareness and understanding within the organization of:

The nature and extent of the risks it faces

The extent and categories of risks regarded as acceptable

The likelihood and potential impact of the risks materializing

Its ability to reduce the incidence and impact on the organization of risks that do materialize.

This process involves:

Regular and ongoing monitoring and reporting of risk including early warning mechanisms. Appropriate assessment of the cost of operating particular controls relative to the benefit obtained in managing the related risk. For example the University might decide some areas of operation are over controlled relative to the risks faced. At least annually, a review of the effectiveness of the systems of internal control in place

Reporting the results of the review, and explaining the action being taken to address any significant concerns that are identified.

 Risk Identification
Risk identification is the process of determining what, how and why things may happen. Risk should be considered at the earliest stages of project planning, and risk management activities should be continued throughout a project. Risk exposure may arise from the possibility of economic, financial or social loss or gain, physical damage or injury, or delay.

Possible attacks to our application may include:

“Physical attacks – threats posed to the IT infrastructure

Logical attacks – threats posed to the software

Errors by people

Technical failure

Infrastructure failures (Cache Server failure, Database Server failure, Error Messages etc)

Risk analysis
Risk analysis is the systematic use of available information to determine how often specified events may occur and the magnitude of their consequences. Monitoring is an essential job at Shriners Hospitals for such risk analysis. It may also do further well to Shriners after the applying proper risk prevention.

Secondly, if you are aware that certain virus attacks are possible for your website, you may prepare for it before hand. Similar is with Denial of Service attacks.

Third probably you know through risk analysis that your software has a little problem with some action, which is important for you company at such situations risk mitigation is a good option.

Risk Evaluation

Risk evaluation determines whether the risk is tolerable or not and identifies the risks that should be accorded the highest priority in developing responses for risk treatment. Intolerable risks for Shriners Hospitals are the System failures, Infrastructural failures, unless swift action is taken, any problems with this e-commerce site will be immediately obvious to the world. Other Intolerable risk is Technical failure which customer can identify. For example, if user has a credit card that is good in all means, its authentication failure may cause user to think something is wrong with it. On knowing its working perfectly, the user may never come back to your website as e-commerce customers typically have very little loyalty, so if your website is unavailable they will simply move on to one of your competitors. In addition, technical failure can have a significant impact, not only on your customers but also on key trading partners.

Risk Treatment

Risk treatment establishes and implements management responses for dealing with risks, in ways appropriate to the significance of the risk and the importance of the project. Shriners Hospitals will benefit from all four-risk treatment strategies:

Risk Treatment Strategies
There are four major Risk Treatment Strategies:

Risk Prevention (Including Risk Avoidance)
Risk prevention strategies are directed to eliminating sources of risk or reducing substantially the likelihood of their occurrence. Shriners Hospitals can also prevent risks by applying following procedures:

Alternative approaches: The selection of alternative approaches to deal with the problem situations would do a lot good to Shriners Hospitals.

Professional Assistance: Shriners Hospital should have formal processes and quality assurance procedures done by professionals to avoid software problems

Inspections and Audits: Shriners Hospitals should have regular inspections and audits of the system and networks.

Education and Training: Educating and training the staff of potential risks and for the sake of skills enhancement.

Security Measures: Physical protection to the system by proper firewalls and anti-viruses programs is must to avoid the likelihood to losses specially data.

Avoid User Confusion: Shriners Hospitals should provide user with proper password retrieval methods, to avoid confusion mention the fields “must” to fill, and validate user before starting the process.

Regular Back ups: Regular backups of data should be taken and should be transferred on tapes and to all the other branches of the company.

Risk Mitigation

Impact mitigation is directed to minimizing the consequences of risks. Some risks, such as those associated with economic variations or extreme weather conditions, cannot be avoided. The likelihoods of other risks arising may be reduced by risk prevention strategies, but the risks may still occur. In these cases, risk management must be directed to coping with their impacts, and ensuring that adverse consequences for the project and the project criteria are minimized. Impact reduction strategies include:

Contingency planning: Shriners Hospital would strongly need a contingency plan in order to deal with the un-measured risks or the risk those have a likelihood of appearing again and again. For example the Denial of Service attacks in business like ours are very common. Since, contingency plan is an impact-reduction measure it will always help our company to deal with this issue and the like.

Engineering and structural barriers: Shriners Hospital should not take any actions that could exacerbate the problem. For example, if there is a problem with accessing files from a back-up tape using a tape drive, you should investigate whether the problem is caused by the drive, rather than just assuming there is a problem with the tape and then potentially damaging others by placing them in a faulty drive.

Separation or relocation of an activity and resources: Shriners Hospitals should take care that its internal network should be separate and they should not have Internet access. Few PC in the sub net of this external network should allow users to use Internet. Server Farm should be part of the external network.

Quality assurance: Quality Assurance is must for Shriners Hospital as when the procedures are assured; it becomes easy to detect the problems earlier. Where you have a risk that you can’t eliminate, you should ensure that you have a fail-safe method of detecting the problem if it occurs.

Contract terms and conditions: Shriners Hospital should sign contracts with anti-virus providers for increased security of the network. It should also provide clear terms and conditions on the website to aware user of its rights and limitations.

Regular audit and Checks: Regular audits and checks to detect compliance or information security breaches is one the things which e-widget should always take care of because in continuous or recurring processes, a failure may occur silently, and its impact will grow over time. If you identify this type of risk you should build in a periodic check to detect the problem as soon as possible.

Crisis management and disaster recovery plans: “Disaster recovery plans should be tested if possible. A test could be a simple paper exercise where different people run through different parts of the recovery procedure involved.” However, it does not provide any exercise of it prevention. For example, escape and evacuation plans are essential in many areas for mitigating the consequences of major fires, but they do not avoid the need for proper prevention measures such as the use of fire retardant materials, sprinkler systems and the like.

Document the Procedures: Document procedures for dealing with likely threats, and train your staff in their use. For example, there are many ways that a virus can get into your system, so you should have plans for quarantining affected parts of the system so that the problem doesn’t spread.

Risk Transfer

“A general principle of risk management is that risks should be the responsibility of those best able to control and manage them. However, sharing a risk with a contractor or supplier does not transfer it fully, and it may not really eliminate the risk – it just transforms it into a ‘contractor failure’ or ‘contractor performance’ risk. In these circumstances it is critical to ensure the contractor has a system in place for managing risk effectively, otherwise the project may end up with additional risks”.

In our project (Shriners Hospitals), contracts require sound risk management processes to be developed and implemented by the contractors, sub-contractors or suppliers of products or services, as part of control and oversight procedures. This process of allocation is called risk sharing rather than risk transfer because risks are rarely transferred completely or shed entirely. For example, Credit safe transfer is must for our company, if the company we work with will not provide us with the required security, the problem will be increased on our part.

Another way of risk transfer for our company is Insurance. “Insurance is a well-known risk sharing strategy. It is normally used for physical assets and a limited range of commercial risks, particularly for the low probability but high impact residual risks that may remain after other risk treatment actions have been implemented. Sharing a risk with another party will usually incur a cost, for example an insurance premium, which provides a direct measure of the cost of sharing the risk. It should be noted that an insurance contract, like most contracts, is also a process that transforms the risk into something different: in this case, the insured party now has a credit risk that the insurer will not pay the full amount of a claim or will delay payment.”

Risk Retention
Sometimes risks cannot be avoided or transferred, or the costs of doing so would be high. In these circumstances, the organization must retain the risks. In our case all of our concerns are almost solved. But no one can always sure of 100% risk removal.  There will always be new IT-related risks that we have not covered. For example, new virus, new attacks and fraud tricks are a big portion of our risk retention.

However, certain other risks like software procedure that need a lot of capital, a mechanism which is better for us but have but reduce speed like cryptography that needs within network may increase security but at the expense of robustness of network are also retained for the sake of betterment of functionality of our e-commerce.

Customer Satisfaction

To keep the customer attracted and satisfied we have ensured three basic rules besides all the preparations we have done to deal with unexpected situations:

Regular Meetings with Customer
There should be regular meetings with customer in which customer would receive a briefing of project progress and likely changes that the project may counter. If the customer approve of the change then this would be one of the biggest achievement in winning customer satisfaction

Status Report Submission
A regular status report should be submitted to the Customer. Frequency and duration of submission should be as per customer’s demand.

Deliverables checklist
We already have a deliverable checklist which is required to be delivered after the completion of the phase. These deliverables should be double checked and should be conveyed to customer through reports or during the meeting’s briefing, as per customer demand.

Network monitoring

Network monitoring gives the ability to monitor the activities of the applications and the devices to ensure expected and normal operations. On the other hand it helps to detect problems and take the necessary actions to correct them. It can guide you to discover the security holes opened through your network intentionally by attackers or unintentionally such as disabled or unused suspicious services that may be enabled by mistake.

Network monitoring could be achieved through the following:

Using an accurate and complete Logging System for almost all devices.

Using almost all the available traffic monitoring tools including bandwidth monitoring, packet sniffing, IDSs etc.

Logging can give detailed information about any access or change of any network resources. Frequently, uses of traffic monitoring tools help you to distinguish between normal traffic and suspicious ones. There are many free network-monitoring tools that can help you to easily enhance your security; you do not have to care too much about the budget.

The free tools are such as Kiwi Syslog Daemon, Backlog for logging purposes and Ethereal, MRTG, Snort (IDS), for traffic monitoring purposes.

It is a very difficult task to monitor a network perfectly, especially when it is a big network. Most of the beginners face difficulties in understanding and analyzing the logs and the network traffic flows. This requires a lot of time and constant struggle to make one used to of these technical things. It is most of the time suggested to at least learn monitoring before doing job because it makes life problematic and haphazard when you don’t know it.

 Network Traffic Monitoring

Network traffic monitoring is an important aspect of network management and security. For example, observations may reveal the effects of events such as a network failure, an operational failure or a security incident on network traffic effects a great deal. There are several other usages of network traffic monitoring e.g. in Quality of Service estimation, bandwidth planning etc. But, in routine network monitoring, the interest is on events. If there are no events of interest, the network manager probably won’t want to “look” at the traffic.

The traffic data in such cases is destined for archiving. From there it will probably be backed-up on off-line media or discarded. Present monitoring systems do not have a mechanism of detecting events of interest. So it appears that the operator will either look at all the traffic to detect events of interest or will not look at the traffic at all. It is always better to suggest that one should use data from a network to examine the utility and effectiveness of the approach.

In conjunction with Expert System technology and automated alarm thresholds, both the interactive behavior of communicators on the network and the statistics concerning performance of the network can be monitored. For example, the statistics can be automatically evaluated to confirm that they haven’t exceeded allowable limits. By establishing an effective network monitoring solution you will:

Monitor complete real-time and historical performance metrics for the network.

Isolate and describe potential network problems before they impact the end-user.

Obtain measurements and trend information to allow for accurate capacity planning.

Make effective use of your available network bandwidth.

Monitor performance to validate service level agreements.

Respond to network outages and errors without having to wait until an end-user calls to complain (“proactive network management”)

Categorize network performance to help prioritize the work flow of the support team.

Market Analysis

In order to validate the requirements of the functionalities our system is attempting to provide, we decided on analyzing the current situation of hospitals in the city. This helped us in determining the fact that whatever we were intending to develop is actually required in the market.

 Analysis Strategies Adopted

The market analysis of our application evolved around the following strategies:

Surveys of Hospitals

One to One interviews of Hospital related personnel

Surveys of Hospitals

We went around the city and surveyed various hospitals of different scales. We basically targeted three types of medical organizations:

Large Scale Hospitals

Free Treatment Hospitals

Clinics

One to One interviews of Hospital related personnel

For the interviews, we got in touch with the system administrators of the hospitals we were surveying:

Most of the hospitals we visited had a system administrator, who would come by to the hospital just for 2 – 3 hours in the evening. Since they are the people who design the system of any hospital, interviewing them was very productive since they already knew what exactly their hospital would require in a system as ours.

Summary of Results

This is a summary of the survey we had conducted. Rating is in a range of 1(lowest) to 10(highest).

Functionalities
V / W
Rating (Avg.)

1 Lowest – 10 Highest
Online Appointments for Patients
V + W
9.2
Online Doctor’s Consultation Fees
V + W
7.4
Medical History for Doctors
V + W
8.4
Interactive Chat b/w Doctor & Patient
W
6.2
Medical History for Patients (View)
V + W
7.6
Automated Appointment Updates
V + W
8.6
Payment Balances for Patients
V + W
6.6

Key:

W = Website

V = Voice

Conclusion

Through this research we can conclude that hospitals do require an automated appointment management system and maintenance of patients’ medical history. Currently most hospitals have computerized their patient enrollment procedures and billing procedures but not even a single hospital has given access to this information via the internet or through an IVR system.

Hospitals are interested in providing information regarding their doctors’ schedules and the facility to make appointments via the World Wide Web. Hence developing an automated appointment scheduling system over the internet and via an IVR system was chosen as the prime objective of our project. We can see the desire of such a system by the feedback of investment budget we received from this hospital which they are willing to spend on such a system.

SCM PLAN

Changes can occur everyday during the lifecycle of a project. It is very important to manage this change efficiently without affecting the smooth working of the project. Changes can be minor or can be major. Internal team members or external factors can bring them about. No matter how minute the change is, it is very important to absorb it in the process. Changes might occur at any stage of the software production life cycle and if not handled well can cause severe harm to the overall project. This document outlines the plan or the process of handling changes during the life of this project.

Type of Change

Changes can be categorized in 4 major groups. Matrix 1.1 lists them down efficiently.

Matrix 1.1

Urgent
Not Urgent
Minor

Major

For every change that occurs during the project it would be placed in this matrix to see which category does it belong to and would be acted upon accordingly.

Minor but Urgent

Such a change would not cause any change to the documents of problem specifications and design, but the change would require immediate attention from the configuration management team.

Minor and Not Urgent

Such a change does not affect any documents nor requires immediate attention from the configuration management team.

Major and Urgent

Such a change requires the management team to divert their attention towards this change immediately as if such a change could jeopardize the entire project. Decisions are to be taken quickly with documents altered representing the change.

Major but Not Urgent

Though such a change is major but it is not so critical and can be delayed for sometime till the next configuration management team’s meeting.

Managing Change

Because it is an academic project which is aimed to learning it is very important to involve all the group members in the configuration management team. Hence the configuration management involves all the group members working on the project. Changes are noted down as they occur and are discussed with the project supervisor during the weekly meeting. Decision on managing change is reached with a discussion between the team members and the supervisor. The supervisor is mainly responsible to give the final verdict on how a particular change be managed.

Actions taken in each Case

Minor but urgent

In such a case the group member outlining the change forwards his request verbally to the team leader. The team leader would then analyze the change and its effect on the project in order to classify the change. Once the change has been classified as minor but urgent, the team leader would then call the project supervisor to ask him for a short period of time as soon as possible to discuss the matter. Once the matter is discussed and a decision reached, the team leader informs the team members regarding what the change is and how it would be managed. Since it’s a minor change, it would be dealt with easily.

Minor and not urgent

Such a change would wait for the next project meeting and would be allotted very little time during the meeting for discussion on the matter. The change would be acted upon immediately after the meeting. The team leader would assign one team member to implement the change. The rest of the team would move on with the project.

Major and urgent

Such a change would call for an immediate meeting of the entire group with the project supervisor. The meeting would continue until a decision is reached. The team leader would then select team members who would be responsible for implementing the change. The project would wait till the change has been successfully implemented and then move on.

Major but not urgent

Such a change would wait for the next project meeting. Once the matter is discussed and a decision be reached, the team leader would assign one team member to implement the change. The rest of the team would assist this group member in implementing the change while the unaffected part of the project would continue to work.

References

Microsoft (2007). Retrieved from: http://technet.microsoft.com/en-us/default.aspx Retrieved on: January 16, 2007.

Chellis, James; Perkins, Charles and Strebe, Matthew (2005). MCSE: Networking essentials, Study Guide. Network Press, SYBX.

Haugan, Gregory T. (2002) Effective Work Breakdown Structures (The Project Management Essential Library Series), Project Management Institute, pp.100, ISBN 1-56726-135-3

The basics of project risk management (2004) Retrieved on February 21, 2007 from http://media.wiley.com/product_data/excerpt/17/04700228/0470022817.pdf

 

Haven't found the Essay You Want?

Get your custom essay sample

For Only $13/page