GSD ECM-EDMS Project Management Plan

New Mexico General Services Department Enterprise Content Management Project Management Plan (PMP) GSD ECM ______

Executive Sponsors – Arturo Jaramillo, GSD Secretary Mike Wilson, GSD Risk Management Director George McGeorge, Risk Management Deputy Director Ed Romero, Risk Management Deputy Director

Business Owners –

Nancy Bearce, State Benefits Manager, GSD Claudia Melendrez-Rel, GSD Ida Spence, GSD Gerald Rodriguez, GSD Velma Herrera, GSD Peggy Martinez, GSD Mary Jo :Lujan, GSD Manuel Tijerina, GSD Angela Lucero, SRCA GSD ECM Project Director, Karen Baltzley

Original Plan Date: November 18, 2008 Revision Date: January 20, 2009 Revision: 2.5 Prepared By: John Salazar and Jane Hamlet, Project Managers

0b528c1696cbaec306621e90e6e09ed6.doc Table of Contents Revision History...... 5 About This Document...... 6 1 Project Overview...... 7 1.1 Executive Summary...... 7 1.2 Funding and Sources...... 10 1.3 Constraints...... 10 1.4 Dependencies...... 11 1.5 Assumptions...... 12 1.6 Initial Project Risks Identified...... 13 2 Project Authority and Organizational Structure...... 14 2.1 Stakeholders...... 14 2.2 Project Governance Structure...... 15 2.2.1 Project Organizational Structure...... 15 2.2.2 Project Steering Committee Roles and Members...... 16 2.3 Executive Reporting...... 16 3 Scope...... 18 3.1 Project Objectives...... 18 3.1.1 Business Objectives...... 18 3.1.2 Technical Objectives...... 18 3.2 Project Exclusions...... 19 3.3 Critical Success Factors...... 20 4 PROJECT DELIVERABLES AND METHODOLOGY...... 21 4.1 Project Management Life Cycle...... 22 4.1.1 Project Management Deliverables...... 22 4.1.2 Deliverable Approval Authority Designations...... 24 4.1.3 Deliverable Acceptance Procedure...... 24 4.2 Product Life Cycle...... 25 4.2.1 Technical Strategy...... 26 4.2.2 Product and Product Development Deliverables...... 27 4.2.3 Deliverable Approval Authority Designations...... 28 4.2.4 Deliverable Acceptance Procedure...... 33 5 Project Work...... 35 5.1 Work Breakdown Structure (WBS)...... 35 5.2 Schedule Allocation – Project Timeline...... 37 5.3 Project Budget...... 38 5.4 Project Team...... 39 5.4.1 Project Team Organizational Structure...... 39 5.4.2 Project Team Roles and Responsibilities...... 39 5.5 Staff Planning And Resource Acquisition...... 42

0b528c1696cbaec306621e90e6e09ed6.doc

of 86 6 Project Management and Controls...... 45 6.1 Risk and Issue Management...... 45 6.1.1 Risk Management Strategy...... 45 6.1.2 Project Risk Identification...... 45 6.1.3 Project Risk Mitigation Approach...... 45 6.1.4 Risk Reporting and Escalation Strategy...... 45 6.1.5 Project Risk Tracking Approach...... 46 6.1.6 Issue Management...... 48 6.2 Independent Verification and Validation – IV&V...... 48 6.3 Scope Management Plan...... 49 6.3.1 Change Control Process...... 51 6.4 Project Budget Management...... 53 6.4.1 Budget Tracking...... 53 6.5 Project Communication Plan...... 53 6.5.2 Project Communication Matrix...... 54 6.5.3 Project Status Meetings...... 54 6.5.4 Project Status Reports...... 55 6.6 Performance Measurements (Project Metrics)...... 55 6.7 Quality Objectives And Control...... 55 6.7.1 Quality Standards...... 56 6.7.2 Agency/Customer Satisfaction...... 56 6.7.3 Product Deliverable Acceptance Process...... 57 6.8 Configuration Management...... 57 6.8.1 Version Control...... 57 6.8.2 Project Repository...... 57 6.9 Procurement Management Plan...... 57 7 Project Close...... 58 7.1.1 Administrative Close...... 58 7.1.2 Contract Close...... 58 APPENDIX A - Scope Definition Document...... 59 7.2 Detailed Work Breakdown Structure (WBS)...... 59 EDMS Project Management WBS...... 60 Application & Technology Infrastructure WBS...... 61 Business Process Reengineering WBS...... 62 Implementation WBS...... 63 Electronic Records Management Rules & Standards WBS...... 64 Supporting Organizational Infrastructure WBS...... 65 Enterprise Model WBS...... 66 APPENDIX B - Project Schedule/Gantt Chart...... 67 APPENDIX C - Project Budget...... 68 APPENDIX D - Risk Analysis...... 69 APPENDIX E - Project Library...... 70 APPENDIX F - Sample Project Forms...... 71 Project Change Request Form...... 71 Project Status Report...... 72 Sample issues report...... 73 APPENDIX G – GSD ECM-EDMS Project Definitions...... 74 0b528c1696cbaec306621e90e6e09ed6.doc

of 86 APPENDIX H – GSD ECM-EDMS Project Acronyms...... 80 APPENDIX P - Project Management Definitions...... 81 APPENDIX R – References...... 85

of 86 Revision History

of 86 Revision Number Date Comment 0.1 November 17, 2008 Work In Progress Draft, Format Status Report 2.0 December 8, 2008 Incorporate feedback from GSD staff 2.2 December 8. 2008 Incorporate updates from GSD staff 2.5 January 20, 2009 Updates for Implementation

About This Document This document – the GSD ECM Project Management Plan is developed based on the State of New Mexico Department of Information Technology (DoIT) template for a Project Management Plan - Revision: 0.1, DoIT- PMO-TEM-020; a careful review of the template ensured all intended components are included. The document includes all of the industry-accepted guidelines to plan, execute, control, and close a project.

The Manual is set up so that the body of the document continues to serve the needs of any future GSD ECM- EDMS project with minimal modification, while the Appendices contain the dynamic components of the project plan that must be continually updated and managed, for example the project schedule and the budget. The document is being referred to as the ‘GSD ECM-EDMS Project Management Plan”.

Special note on the terminology used in this document: This project was conceived when the generally accepted industry terminology was Electronic Document Management System (EDMS.) As detailed in the “Industry Background, History and Market Trends” section below, during the years 1998 to present there continues to be significant volatility for vendors in the ECM-EDMS marketplace. Vendors are merging and/or acquiring related content management technology. The term Enterprise Content Management (ECM) has become the industry standard for a combination of functions that includes: document imaging, electronic document management, electronic records management, workflow, and web content management. While AIIM is not changing their name, they are using a new byline, referring to themselves as the “Enterprise Content Management Association. For over 60 years, AIIM (The Association for Information and Image Management) has been the leading international organization focused on helping users to understand the challenges associated with managing documents, content, and business processes.”1

Here is a diagram showing the various technology tools that are being included in Enterprise Content Management solutions offered by vendors.

Enterprise Content Management

Document- Document Document Records Workflow Web Content centric Imaging Management Management Management Management Collaboration

Integrated Digital Asset e-Forms Document Archive Email Archiving Management Processing & Retrieval

ECM Components

The title of this document is “GSD ECM-EDMS Project Management Plan.” The term, Enterprise Content Management (ECM) is used in this document when referring to the enterprise framework for integrated

1 http://www.aiim.org/article-aiim.asp?ID=18274 0b528c1696cbaec306621e90e6e09ed6.doc

of 86 Electronic Document Management and Electronic Records Management. Conceptually, ECM contains both EDMS and ERMS functionality. ERMS is used specifically in this document when referring to the Electronic Records Management component functionality. Similarly, the term, EDMS is used specifically to refer to the Electronic Document Management component of an ECM solution.

of 86 1 Project Overview “ It is estimated that more than 90% of the records being created today are electronic. Coupled with the overwhelming growth of electronic messages - most notably e-mail and instant messaging - the management of electronic records has become a critical business issue. How information is managed has significant business, legal, and technology ramifications.”2 Determining when content is a record, and then how that record is managed throughout its lifecycle is essential, while the medium that is used to create, deliver, or store information is the secondary consideration. 1.1 Executive Summary

The GSD Risk Management Division (GSD/RMD) has identified opportunities to improve the management of paper business processes for six out of seven bureaus within the Risk Management Division. Those bureaus are workers’ compensation, contracts, loss control, legal, property and casualty, and employee benefits. All of these bureaus deal with paper documents, onsite file storage, as well as off site file storage. GSD/RMD prioritizes their document imaging and management needs into planned phases:  Phase I – Workers’ Compensation (Active & New);

 Phase II – Legal, Employee Benefits & Workers’ Compensation (Closed Onsite Files);

 Phase III – Loss Control, Workers’ Compensation (Closed Offsite Files );

 Phase IV – Property and Casualty Workers’ Compensation (Closed Offsite Files);

Worker’s Compensation deals with on the job injury claims. Claims involve forms, medical history, medical treatment notes, mediation, judge’s rulings and much more. Additionally, a claim can be closed but the file is stored for any future related injuries until the death of the claimant. Workers’ Compensation can be grouped into three categories described below; these are incorporated into the four phases outlined above:  Closed Offsite Files – dates range from the 1970’s to 1994, with an estimated 1,000 boxes of files. These will be the most challenging to manage given the condition of the paper, type of paper and file organization that run the gamut of good to bad.

 Closed Onsite Files – dates range from 1995 to current, estimating 50-60 boxes per fiscal year, representing about 2200 cases each fiscal year, of which half are documents that need to be joined with files in offsite storage.

 Active Files – approximately 2000 files are active open cases, with 10 staff carrying an average caseload of 200. Additionally, this category involves new claims that are received daily. Active and New Workers’ Compensation business processes are priority for implementing document imaging, electronic document management and workflow management.

The GSD Risk Management Division (RMD) business processes are paper intensive. Substantial GSD/RMD business process improvements are achievable through implementing document scanning, electronic document management and electronic records management.

The State of New Mexico General Services Department submitted funding requests for an electronic document management system.

2 ARMA International, The Association of Records Management Professionals, www.arma.org 0b528c1696cbaec306621e90e6e09ed6.doc

of 86 The benefits of implementing Enterprise Content Management solutions for the GSD Risk Management Division (GSD/RMD) include:  Increased efficiency and productivity through a well managed records environment;  Optimize business processes, decreasing number of steps, saving time;  Lower the cost of government;  Improved service delivery to constituency This total cost estimate for the GSD/RMD FY08 ECM project is $1,100,000. The funding comes from the following source:

 The GSD Risk Management Division received legislative approval in January 2007 to transfer $1,000,000 from the Risk Management Reserves to provide for Enterprise Content Management solutions. This funding amount supports 1) hardware, 2) software and 3) ECM implementation services.

Industry Background

The research on industry background, history and market trends is based primarily on three sources – AIIM, ARMA and Gartner Research. AIIM is using a new byline, referring to itself as the Enterprise Content Management Association and ARMA International “has adopted the tag line – The Association of Information Management Professionals, as a descriptor of the association.” Gartner, Inc. is the leading provider of research and analysis on the information technology industry.

Enterprise Content Management (ECM)

What is the definition for “content” as in “content management”? Content is a meta-concept that encompasses papers, books, maps, email, web sites, photographs, images, forms, audio, video, text, documents and reports.

During the last 2-4 years there has been significant volatility for vendors in the Enterprise Content Management marketplace. Gartner Research during 2002 and 2003 reported on Integrated Document Management (IDM) and Integrated Document Archive and Retrieval (IDARS) vendors. However Gartner is no longer providing detailed analysis on these types of vendor, instead they are now reporting on Enterprise Content Management (ECM) vendors. Gartner Strategic Planning Assumptions state that:  “By 2005, all of the major stand-alone IDM vendors will have evolved into Content Management suite vendors (0.8 probability).”3  “By 2007, the IDARS market will cease to be a stand-alone market and will merge into the ECM Category (0.7 probability).  “By 2007, IDARS will become integral components of ECM suites (0.7 probability).”4  “Several of the stand-alone markets that contribute functions to ECM (such as Web content management, records management and digital asset management) will disappear by 2008 (0.9% probability.)”5

The project team will develop the Selection Criteria for GSD ECM-EDMS using information from the Enterprise Content Management (ECM) marketplace. See the ECM Requirements Matrix at www.GSD ECM- EDMS.state.nm.us. The reasons for implementing ECM are most clearly stated in Gartner Analysis:

“Enterprise content management (ECM) will be the strategic foundation of a new model for the vendor and user communities. A profound shift in the document and content management markets will affect the way users make purchases. ECM has emerged after 10 years of market consolidation. Vendors from

3 “The Reality Behind Enterprise Content Management,” GARTNER Research, Publication Date: 10 July 2002, page 3. 4 “Review Your IDARS Plans as the Market Consolidates,” GARTNER Research, Publication Date: 12 November 2004, page 2. 5 “ECM Suites Emerge From Industry Consolidation,” GARTNER Research; Publication Date: 11 November 2004, page 2. 0b528c1696cbaec306621e90e6e09ed6.doc

of 86 various areas have entered other markets by developing new functions, or by acquiring companies and technology from related markets. As a result, few stand-alone vendors remain in some of these markets (for example, Web content management and records management).

“Today, ECM encompasses the following core components: o Document capture and document imaging for capturing and managing paper documents o Document management for check-in/check-out, version control, security and library services for business documents o Web content management for automating the Webmaster bottleneck, and managing dynamic content and user interaction o Records management for long-term archiving and the automation of retention and compliance policies, and to ensure legal or regulatory record compliance o Document-centric collaboration for document sharing and supporting project teams o Workflow for supporting business processes and routing content, assigning work tasks and states, and creating audit trails “ECM can also include: o Integrated document archive and retrieval systems for documents and reports o E-forms for exchanging electronic content o Digital asset management for storing and managing rich media content o E-mail archiving and e-mail management for retaining electronic communications in support of compliance “Although they're only options today, the four capabilities above will become core components of ECM suites within the next two years.”6

Here is a diagram showing the various technology tools that are being included in Enterprise Content Management solutions offered by vendors.

Enterprise Content Management

Document- Document Document Records Workflow Web Content centric Imaging Management Management Management Management Collaboration

Integrated Digital Asset e-Forms Document Archive Email Archiving Management Processing & Retrieval

ECM Components

Clearly the ECM market trends are continuing to evolve. It seems prudent for the State of New Mexico General Services Department to select and implement a document management system component within an Enterprise Content Management solution that remains viable as the markets consolidate, and also includes extensible features and functions that can be added as the State moves toward an Enterprise Model.

6 “ECM Suites Emerge From Industry Consolidation,” GARTNER Research; Publication Date: 11 November 2004 0b528c1696cbaec306621e90e6e09ed6.doc

of 86 1.2 Funding and Sources

SOURCE AMOUNT ASSOCIATED RESTRICTIONS Laws of 2007, Chap 28, 2.3 – (Includes RMIS, ECM, NONE Section 7, Subsection 8 DataWarehouse) ECM – estimated @$1.1 – RMD Enterprise Funds

1.3 Constraints

NUMBER DESCRIPTION 1 Project budget for implementation of the base program is limited. Funding will not be re-authorized at the end of FY10. 2 Large volumes of paper records

3 Adequate resources to scan documents 4 15,000 sq ft warehouse storage of paper documents

5 Statutory requirement to keep records for life of claimant

of 86 1.4 Dependencies

Types include the following and should be associated with each dependency listed.

 Mandatory dependencies are dependencies that are inherent to the work being done.  D- Discretionary dependencies are dependencies defined by the project management team. This may also encompass particular approaches because a specific sequence of activities is preferred, but not mandatory in the project life cycle.  E-External dependencies are dependencies that involve a relationship between project activities and non-project activities such as purchasing/procurement

NUMBER DESCRIPTION TYPE M,D,E 1 Vendor On-going Software Support M

2 RMD Business process Re-Engineering M 3 System sized to scale to meet GSD demands M

4 Department of Information Technology Project Oversight Committee M approval of Project certification phases to support on-going project effort 5 Infrastructure design and availability. E 6 Contract Approval and purchase for software and maintenance. E

7 Funding for software maintenance, implementation and on-going support M of system. 8 Data conversion and defined Metadata requirements and standards M

9 Develop Operating Standards Maintenance standards manual. M

10 Application server procurement and installation M

11 Forms management M 12 Approval of GSD imaging plan by SRCA M

of 86 1.5 Assumptions

NUMBER DESCRIPTION 1 System will integrate with DoIT infrastructure and with Central Repository System selected by Records and Archives 2 Data will be easily converted and without corruption or loss. 3 Vendor will honor contractual obligations. 4 Software will integrate with other system software 5 Adequate Budget will be available. 6 Adequate staffing levels with the proper skill sets necessary to ensure the system will perform at level expected. 7 Staff is trained properly on the operation of the system to ensure continued success of the program. 8 Vendor will continue to support software and release upgrades/patches on a regular basis. 9 Business Requirements will have minimal change over the life cycle of the project.

of 86 1.6 Initial Project Risks Identified

EDMS Project Risk Management Date # Risk Title Opened Rating Prob Impact Description Effect Mitigation Trigger Event Contingency Ensure Senior Management Have 2nd layer of Stakeholders are involved and individauls defined Lack of GSD resources to complete 1 GSD Resource Availability 12/3/2008 Medium High Medium Delays in project schedule support the project. Ensure EDMS Delays in project activities w ho may able to project activities implementation is a priority among cover task GSD team members responsibilities DoIT Service Level Agreements System dow ntime not Agency's experience system Continue to w ork w ith GSD to refine DoIT SLA's and cost needs to be refined. Cost structure w ithin SLA criteria. Host systems w ithin 2 12/3/2008 Medium Medium High dow ntime and/or GSD cost the SLA process and cost structure structure methods methods undefined and/or not clearly Unexpected GSD charges each agency surprises. methods communicated. to agency budget Designate a dedicated Procurement Extended Procurement Delayed procurement 3 12/3/2008 High Medium Medium Delays in the procurement process Extend the project schedule Manager to manage to the None Process events Procurement timeline Greater access to documents leads Delay w eb content to greater access to private / secure Ensure the security components management system content. As soon as an Enterprise Security Breach leading to w ithin the EDMS are implemented components of the Enterprise Identity Content Management system 7 12/3/2008 Medium Medium Medium Identity theft, non-compliance effectively. Regularly audit the Breach of Security ECM until the Management Program expands to serve as a w eb content w ith HIPAA security system implementation Statew ide Enterprise management system, an effective during and after deployment Identity Management Enterprise IT Security Management Program is in place Program needs to be in place.

Connecting and configuring the ECM EDMS Architecture no solution w ith the DoIT storage DoIT staff members time Evaluate possibility of contracting Integration w ith Enterprise longer complies w ith 8 12/3/2008 Medium Medium Medium architecture w ill require extensive constraints and expertise w ith w ith a vendor to configure storage None Architecture Enterprise Architecture coordination and effective ECM solution requirements design management

The implementation services contract Inadequately trained Effective operations and maintenance must require detailed system resources to effectively 9 Application Maintenance 12/3/2008 Medium Medium Medium of the EDMS after deployment may be documentation, training for all state Poor Transition phase None support EDMS after a risk w ith COTS softw are. resources, and a comprehensive deployment transition plan. State requirements for oversight as Extended Timeline caused w ell as the procurement process 10 by State Approval 12/3/2008 High High High Delays in project schedule Plan for Procurement delays provide numerous opportunities for processes extended project delays. 13 Funding Carryover 12/3/2008 Low Medium Low

of 86 2 Project Authority and Organizational Structure

2.1 Stakeholders

NAME STAKE IN PROJECT ORGANIZATION TITLE ARTURO JARAMILLO, PROGRAM FINANCIAL GENERAL CABINET RESPONSIBILITY SERVICES SECRETARY DEPARTMENT (GSD) MIKE WILSON PROGRAM GSD, RISK DIVISION ADMINISTRATION MANAGEMENT DIRECTOR RESPONSIBILITY DIVISION GEORGE MCGEORGE PROGRAM GSD, RISK DIVISION ADMINISTRATION MANAGEMENT DEPUTY RESPONSIBILITY DIVISION DIRECTOR ED ROMERO PROGRAM GSD, RISK DIVISION ADMINISTRATION MANAGEMENT DEPUTY RESPONSIBILITY DIVISION DIRECTOR STEVE MINDHAM QUALITY ASSURANCE GSD, RISK BUREAU MANAGEMENT MANAGEMENT CHIEF DIVISION IDA SPENCE WORKERS GSD, RISK BUREAU COMPENSATION MANAGEMENT CHIEF ADMINISTRATION DIVISION RESPONSIBILITY GERALD RODRIQUEZ ECM SYSTEM GSD, RISK BUREAU ADMINISTRATION MANAGEMENT CHIEF DIVISION VELMA HERRERA PROPERTY AND PROPERTY AND BUREAU CASUALTY CLAIMS CASUALTY CHIEF JENNIFER GROGIETSKY DISABILITY PAYMENTS DISABILITY BUREAU CHIEF CLAUDIA MELENDREZ-REL BENEFITS ENROLLMENT BENEFITS BUREAU AND PAYMENTS CHIEF NANCY BEARCE BENEFITS ENROLLMENT BENEFITS BUREAU AND PAYMENTS CHIEF GSD TECHNOLOGY AND TECHNICAL SUPPORT TECHNOLOGY AND Application SYSTEM SUPPORT OF SYSTEMS SYSTEM SUPPORT Developer, Database Administration, System Administration

of 86 2.2 Project Governance Structure

2.2.1 Project Organizational Structure

Executive Sponsor, Executive Steering Arturo Jaramillo Committee Arturo Jaramillo Mike Wilson George McGeorge Nancy Bearce Karen Baltzley Angela Lucero, Records Management Division Project Sponsor, Director, SCRA IV&V Mike Wilson

Business Owners, Nancy Bearce, Ed Romero Business Operations Review Team: Benefits Financial/Training Project Director, Legal Karen Baltzley Technical Review Sujatha Disability Seethapathi, Lead Workers Comp Ryan Woodard, System Support Loss Control DoIT / DFA Tech Staff Reports/HIPAA Regulations Project Manager CSW - Jane Hamlet

of 86 2.2.2 Project Steering Committee Roles and Members

ROLE RESPONSIBILITY Executive Project The point person for the project within the highest level of the General Sponsor Services Department. Responsibilities include:  Champion the project.  Consider potential changes facing the organization and assess the organizational impact  Decide which changes will be instituted, communicate priorities and provide resources to ensure success  Responsible for creating an environment that enables changes to be made on time and within budget.  Participate in planning sessions  Member of Steering Committee  Ultimate project responsibility

Steering Committee Is chartered to provide governance over the direction and support of the Member project. Responsibilities include:  Attend and participate in meetings  Review and accept deliverables  Review and provide comment on presented documentation  Balance larger picture versus details of the project  Review project funding and expenditures  Champion the project  Contributes to lessons learned

2.3 Executive Reporting

Meetings will be conducted with GSD Management and project teams on a regularly scheduled basis.

Whiteboard sessions outlining project task and resource assignment schedules and agendas are conducted throughout the process and transferred to Microsoft project.

Project team meetings are scheduled to coincide with the Vendor Implementation/Design teams for on-site implementation sessions. Frequency and length of meetings to be defined.

Project status updates reports will be verbally communicated to Business Owners conducted at weekly staff meetings by both Divisions

GSD management will be kept informed on progress of the project periodically throughout the project life cycle.

Special oral and written Project Management and IV&V reports will be given on project progress to the ECM Steering Committee.

of 86 The State of New Mexico General Services Department submitted funding requests for an electronic document management system.

The benefits of implementing Enterprise Content Management solutions for the GSD Risk Management Division (GSD/RMD) include:  Increased efficiency and productivity through a well managed records environment;  Optimize business processes, decreasing number of steps, saving time;  Lower the cost of government;  Improved service delivery to constituency This total cost estimate for the GSD/RMD FY09 ECM project is $1,100,000. The funding is to come from the following source:

 The GSD Risk Management Division received legislative approval in January 2007 to transfer $1,000,000 from the Risk Management Reserves to provide for Enterprise Content Management solutions. This funding amount supports 1) hardware, 2) software and 3) ECM implementation services.

of 86 3 Scope

3.1 Project Objectives

3.1.1 Business Objectives

NUMBER DESCRIPTION BUSINESS Increased efficiency and productivity through a well managed OBJECTIVE 1 records environment BUSINESS Optimize business processes, decreasing number of steps, saving OBJECTIVE 2 time BUSINESS Lower the cost of government, more effective Electronic Records OBJECTIVE 3 Administration Management BUSINESS Improved service delivery to constituency OBJECTIVE 4 BUSINESS Substantial GSD/RMD business process improvements are OBJECTIVE 5 achievable through implementing document scanning, electronic document management and electronic records management. BUSINESS Streamline traditional claims inefficiencies and reduce manual, OBJECTIVE 6 paper-based processes, which contribute to high claims costs and overhead expenses. BUSINESS Provide records management for long-term archiving and the OBJECTIVE 7 automation of retention and compliance policies, and to ensure legal or regulatory record compliance BUSINESS System will provide document management for check-in/check-out, OBJECTIVE 8 version control, security and library services for business documents BUSINESS Develop a document imaging plan approved by SRCA OBJECTIVE 9

3.1.2 Technical Objectives

NUMBER DESCRIPTION TECHNICAL Web-Based System - will be designed on a public facing network OBJECTIVE 1 with a web based Java platform front-end to allow RMD staff and vendor remote access TECHNICAL Data will be easily converted and migrated. Metadata will be tagged OBJECTIVE 2 and follow standards TECHNICAL Support portal architecture OBJECTIVE 3 TECHNICAL System will have indexing and archiving functionality OBJECTIVE 4 TECHNICAL System will integrate with the Centralized Electronic Records OBJECTIVE 5 Repository managed by State Records and Archives TECHNICAL System Interface - Provide an architecture that will easily interface OBJECTIVE 6 with SHARE and GSD RMIS systems TECHNICAL Open Architecture - Provide an open architecture infrastructure and 0b528c1696cbaec306621e90e6e09ed6.doc

of 86 NUMBER DESCRIPTION OBJECTIVE 7 scalable to allow for growth TECHNICAL IT Architecture – ensure system aligns with enterprise-wide IT OBJECTIVE 8 architecture TECHNICAL Efficiency, High Performance – Application will be server OBJECTIVE 9 independent and can be deployed on an open source application server such as Apache Tomcat TECHNICAL Authentication - System will support Microsoft Active Directory OBJECTIVE 10 TECHNICAL Systems Integration - System will be connected to Hitachi SAN OBJECTIVE 11 TECHNICAL Redundancy - System will be configured to support system fail over OBJECTIVE 12 TECHNICAL Security/User Roles - System will support a secure front end user OBJECTIVE 13 system log in and security role level authentication TECHNICAL Extensibility - ensure system is designed to easily allow the OBJECTIVE 14 addition of new-features later,, using hooks, an application programming interface or plug-ins. TECHNICAL Include a Reports Writer module OBJECTIVE 15 TECHNICAL System must support up to 87 concurrent users OBJECTIVE 16

3.2 Project Exclusions

The following activities and deliverables are out of scope for this specific project:  Enterprise IT Security Management Program - As soon as an Enterprise Content Management expands to serve multiple agencies' functions, an effective Enterprise IT Security Management Program needs to be in place. Identity Management and Directory Access Services will be recommended as essential components of an Enterprise Model. However, identity management and security will be built into the implementation of the ECM solution.  Email Archiving - The capability to capture, manage, store and retrieve email must be selection criterion for the ECM Vendor; the implementation of this important functionality is out of scope for this phase of the ECM (EDMS/ERMS) project.

of 86 3.3 Critical Success Factors Metric are key to understanding the ability of the project to meet the end goals of the Executive Sponsor and the Business Owner, as well as the ability of the project team to stay within schedule and budget.

NUMBER DESCRIPTION QUALITY METRICS 1 The project schedule, assigned tasks, resources and milestones are met. QUALITY METRICS 2 Project does not exceed budget. QUALITY METRICS 3 System can provide reports that accurately track utilities by building QUALITY METRICS 4 All RMD operational and facility data information is successfully converted and migrated onto a electronic records management platform QUALITY METRICS 5 Applicable RMD Legislative Performance Measures as stated in GSD FY09-10 Strategic Business and IT plan are met QUALITY METRICS 6 System is secure, operable and stable

QUALITY METRICS 7 Data integrity is maintained QUALITY METRICS 8 Staff is adequately trained QUALITY METRICS 9 Conforms to SRCA Records Management Policies

of 86 4 PROJECT DELIVERABLES AND METHODOLOGY The following four elements provide a summary of the project deliverables description and associated acceptance criteria. The elements include:

Planning Documents Description – The Project Management Plan Deliverable Acceptance Criteria – EDMS represents the project team’s plans for the Executive Steering Committee (ESC) approval and acquisition, installation, testing and implementation DoIT approval of the ECM solution. It is a working document. It Standards for Content and Format – The State will be modified and updated (under revision PMO provides templates for content. The standard control) as the project team learns more about the is based on the Project Management Institute’s project, brings on support vendors and responds to (PMI) Project Management Body of Knowledge changing or evolving conditions. On completion of (PMBOK) the project, the Project Manual is envisioned to Quality Review – Review by EDMS ESC, the State evolve into a Manual that can serve as a guide for PMO and PCC agencies implementing the statewide EDMS in the future

Project Management & Control Functions Description – Integrated Project Control Process, Deliverable Acceptance Criteria – EDMS ESC Change Control Process, Risk Management Plan, Standards for Content and Format –The standard Internal Project Communication Plan, Quality is based on the Project Management Institute’s (PMI) Management Plan, Issue Management Process Project Management Body of Knowledge (PMBOK) and the IV&V Plan. These are sections in the Quality Review – Review by EDMS ESC, the State EDMS Project Manual. PMO and PCC

Procure ECM Solution and Implementation Services (RFP Process) Description – Procuring the ECM solution and Deliverable Acceptance Criteria – EDMS ESC Implementation Services (the RFP process) is approval, signature approval by Purchasing, Legal estimated to require two months at the most. After and the State CIO and then ACF approval the RFP is written, State Purchasing, the General Standards for Content and Format – The Council & DoIT must approve it. Then the following contracts follow New Mexico standards for steps and timeframes are required: professional services contracts . RFP must be open for proposals – 30 days Quality Review – EDMS ESC . Review proposals & decide - - - - - 30 days . Contract negotiations ------30 days . Contract Approval ------30–60 days.

Project Resource Management Description – Recruit and hire project labor Deliverable Acceptance Criteria – EDMS ESC resources to include, a Project Manager, and IV&V approval, signature approval by Purchasing, Legal services vendor. Specific Deliverables include: and the State CIO o Project Manager Price Agreement Standards for Content and Format – The o IV&V Price Agreement. contracts follow New Mexico standards for professional services contracts Quality Review – EDMS ESC

of 86 4.1 Project Management Life Cycle

Phase Summary of Phase Key Deliverable Initiating Main elements include: Authorize the project; Commit Project Charter, Project organization to project or phase; Set the overall direction; Scope, Business Define top-level project objectives; Secure necessary Requirements, approvals and resources; Assign Project Manger; Integration Assumptions, Management. Constraints, Planning Main elements include: Define Project scope; Refine Project Project Plan, Critical objectives; define all required deliverables; Create frame for success factors, Work project schedule; Provide forum for information sharing Break Down Structures, between project team members; Define all required activities; Project Schedule Identify required skills and resources; Estimate work effort; Risk analysis and avoidance; Define and estimate all required costs; Obtain project funding approval; Communication Plan. Executing Main elements include: Coordinate the resources, team Actual efforts, Project development; Quality Assurance; Select subcontractors; deliverables completion Distribute Information; Work the plan. Controlling Main elements include: Manage team, stakeholders and Performance status subcontractors; Measure progress and monitor performance reports, Corrective (overall, scope, schedule, costs and quality); Take corrective Actions, Measurement action if needed; Change request Management; Risk Metrics, Plan Change Management; Performance reports and Communications. Request, Product Change Request, Risk Management, Issues Management Closing Main elements include: Finalize activities; Administrative Deliverable Acceptance, close out (gather, distribute, archive information to formalize Lessons Learned project completion, acceptance/signoff, evaluation, member, appraisals, lessons learned); Contract close out (completion of the project contract including resolution of open items and final formal acceptance)

4.1.1 Project Management Deliverables

Project Charter The Project Charter for Certification sets the overall scope for the project, the governance structure, and when signed is considered permission to proceed with the project. The Project Charter for Certification is used to provide the Project Certification Committee with adequate knowledge of the project and its planning to certify the initiation phase of the project Certification Form The Request for Certification and Release of Funds form is submitted when a project goes for any of the certification phases. It deals with the financial aspects of the project, as well as other topics that indicate the level of planning that has gone into the project. Many of the questions have been incorporated into the preparation of the project charter

of 86 Project Management Plan “Project management plan” is a formal document approved by the executive sponsor and the Department and developed in the plan phase used to manage project execution, control, and project close. The primary uses of the project plan are to document planning assumptions and decisions, facilitate communication among stakeholders, and documents approved scope, cost and schedule baselines. A project plan includes at least other plans for issue escalation, change control, communications, deliverable review and acceptance, staff acquisition, and risk management. plan.” IV&V Contract & Reports “Independent verification and validation (IV&V)” means the process of evaluating a project to determine compliance with specified requirements and the process of determining whether the products of a given development phase fulfill the requirements established during the previous stage, both of which are performed by an organization independent of the lead agency. Independent verification and validation assessment reporting. The Department requires all projects subject to oversight to engage an independent verification and validation contractor unless waived by the Department.

IT Service Contracts The Department of Information Technology and the State Purchasing Division of General Services have established a template for all IT related contracts.

Risk Assessment and The DoIT Initial PROJECT RISK ASSESSMENT template which management is meant to fulfill the following requirement:

“ Prepare a written risk assessment report at the inception of a project and at end of each product development lifecycle phase or more frequently for large high-risk projects. Each risk assessment shall be included as a project activity in project schedule.” Project Oversight Process memorandum

Project Schedule A tool used to indicate the planned dates, dependencies, and assigned resources for performing activities and for meeting milestones. The defacto standard is Microsoft Project

Monthly Project Status Reports Project status reports. For all projects that require to DoIT Department oversight, the lead agency project manager shall submit an agency approved project status report on a monthly basis to the Department. Project Closeout Report This is the Template used to request that the project be officially closed. Note that project closure is the last phase of the certification process

of 86 4.1.2 Deliverable Approval Authority Designations

DELIVERABLE DELIVERABLE APPROVERS (WHO DATE NUMBER CAN APPROVE) APPROVED PRJ-DEL-001 Project Management Plan (PMP) Project Director on behalf of Executive Steering Committee PRJ-DEL-002 Business Assessment and Project Director on Requirements Report behalf of Executive Steering Committee PRJ-DEL-003 IV&V Contract & Reports Project Director on behalf of Executive Steering Committee PRJ-DEL-004 IT Service Contracts Project Director on behalf of Executive Steering Committee PRJ-DEL-005 Risk Assessment and management Project Director on reports behalf of Executive Steering Committee PRJ-DEL-006 Project Schedule Project Director on behalf of Executive Steering Committee PRJ-DEL-007 Monthly Project Status Reports to Project Director on DoIT behalf of Executive Steering Committee PRJ-DEL-008 Architecture Plan Project Director on behalf of Executive Steering Committee PRJ-DEL-009 Hardware configuration and equipment Project Director on behalf of Executive Steering Committee PRJ-DEL-010 Software licenses Project Director on behalf of Executive Steering Committee PRJ-DEL-011 Implementation services Project Director on behalf of Executive Steering Committee PRJ-DEL-012 Lessons Learned Project Director on behalf of Executive Steering Committee PRJ-DEL-013 Close out reports and documentation Project Director on behalf of Executive Steering Committee

4.1.3 Deliverable Acceptance Procedure

The Project Director shall present the deliverables along with a recommendation for approval to the Executive Steering Committee during a regularly scheduled steering committee meeting. The Executive Steering Committee must then vote to accept or reject the deliverable with the vote reflecting a majority decision.

of 86 If the deliverable is rejected, the Project Director must inform the vendor submitting the deliverable of the committee’s action and must also identify, in writing, why the deliverable was rejected, and what actions must be addressed by the vendor before the deliverable is presented for acceptance again. 4.2 Product Life Cycle

Phase Summary of Phase Key Deliverables Initiating The requirements have been REQUIREMENTS DOCUMENTS defined and documented. A Business Strategy Survey will be conducted to define goals, business processes, critical factors, current environment, sizing requirements, current vendor environment, # of users, work processing requirements, other needs. Planning The Vendor will be required to DESIGN DOCUMENTS deliver design documents for authentication, reporting, and the database feeds. Executing EMC software will be an open SYSTEMS SPECIFICATIONS source web application that will require no additional desktop software to run and minimal customization. It will have the ability to interface with GSD systems at minimal cost. Executing The system will be open SYSTEMS ARCHITECTURE architecture and be certified on standard operating platforms – Windows or Unix. Architecture will be scalable to allow for growth, provide interoperability with other systems, have a secure web front end, be security rules based and provide multiple security layers for user authentication. Executing The Program users will test SYSTEM AND ACCEPTANCE system functionality, TESTING performance, reporting accuracy and response times. IT Technical Support Staff will test system operational performance. Executing The Vendor will be required to OPERATIONS deliver design documents for REQUIREMENTS authentication, Reporting, and the Database feeds. Vendor will also integrate data from legacy system.

of 86 4.2.1 Technical Strategy

Developing a project strategy is a process of choosing an approach to the work that maximizes strengths, minimizes weaknesses, takes advantage of opportunities and mitigates threats while balancing the anticipated cost and potential benefit. A good strategy will minimize risk while maximizing return on investment.

The strategic direction is to select and implement an EDMS that fits within a greater Enterprise Content Management (ECM) solution using a Commercial-Off-the-Shelf (COTS) software product that has demonstrated its effectiveness in the marketplace. Using a package strategy rather than a custom development strategy has been proven effective in many situations, and is a common strategy in both the private and public sectors.

A package strategy however, is not without its own risks. As a whole, the Information Technology (IT) industry has found the implementation of Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), Supply Chain Management (SCM) and other large-scale automation packages to be very difficult in many situations. Many of the high profile IT project disasters documented by the IT trade press over the years have involved the implementation of software packages. The question then is how to take advantage of a software package strategy while avoiding the potential pitfalls that have plagued so many other package implementations over the years?

The project strategy is based on the strategic direction established by the GSD ECM-EDMS Executive Steering Committee, and the lessons learned from others in the Information Technology industry that have implemented package software. Five principles guide the project strategy:

4.2.1.1 Project Management

One of the common factors identified, as a contributing cause of many information technology project failures is the lack of effective project management. The State of New Mexico Department of Information Technology is implementing project management programs both in their organization and in each state agency implementing IT projects. This project will adhere to project management standards of practice as being implemented within state government and specified by the Project Management Institute (PMI) in their Project Management Body of Knowledge (PMBOK) guidelines. According to the Project Management Body of Knowledge:

“Project Management is the application of knowledge, skills, tools and techniques to project activities to meet project objectives. Project Management is accomplished using the processes such as initiating, planning, executing, controlling, and closing. The project team manages the work of the projects, and the work typically involves:  Competing demands for: scope, time, cost, risk and quality.  Stakeholders with differing needs and expectations.  Identified requirements.

“It is important to note that many of the processes within project management are iterative in nature. This is in part due to the existence of and the necessity for progressive elaboration in a project throughout the project lifecycle, i.e., the more you know about your project, the better you are able to manage it.”

4.2.1.2 Rapid Implementation

Faster implementation is better than drawn out implementation. Solutions that require too long to implement, have a high risk of failure. Administrations change, business needs change and solution requirements change. Time is the enemy. Successful package implementations are fast implementations, even at the expense of some functionality. An 80% solution today is far superior to a 100% solution that requires 2 years to implement. Fast implementation allows for taking advantage of the Pareto Principal; 80% of the benefit comes from 20% of the solution. The additional 20% of the benefit that might be achieved comes at a dramatically higher price and extended schedules.

of 86 4.2.1.3 Well-defined Objectives The project must be tightly focused on a well-defined set of objectives. The “keep it simple” approach minimizes risk and implementation time. It empowers the team to concentrate on those objectives that offer the maximum return on the invested time and effort while allowing the team to spend adequate time and energy on validation, testing and documentation – tasks that are the first to be sacrificed in a more complex and drawn out implementation plan. The net result is a successful package implementation on which further development and enhancements are more likely and have a better chance of ultimate success. 4.2.1.4 Support Extensibility The objective is to procure an Enterprise Content Management solution designed to easily allow the addition of new features later. This allows New Mexico agencies to start with a limited subset of functionality, and limiting initial costs, with the option to expand to greater functionality in the future.

4.2.2 Product and Product Development Deliverables REQUIREMENTS DOCUMENTS The requirements have been defined and documented. A Business Strategy Survey will be conducted to define goals, business processes, critical factors, current environment, sizing requirements, current vendor environment, # of users, work processing requirements, other needs. DESIGN DOCUMENTS The Vendor will be required to deliver design documents for authentication, reporting, and the database feeds.

SYSTEMS SPECIFICATIONS EMC software will be an open source web application that will require no additional desktop software to run and minimal customization. It will have the ability to interface with GSD systems at minimal cost. SYSTEMS ARCHITECTURE The system will be open architecture and be certified on standard operating platforms – Windows or Unix. Architecture will be scalable to allow for growth, provide interoperability with other systems, have a secure web front end, be security rules based and provide multiple security layers for user authentication. SYSTEM AND ACCEPTANCE The Program users will test system functionality, performance, TESTING reporting accuracy and response times. IT Technical Support Staff will test system operational performance. OPERATIONS REQUIREMENTS The Vendor will be required to deliver design documents for authentication, Reporting, and the Database feeds. Vendor will also integrate data from legacy system.

of 86 4.2.3 Deliverable Approval Authority Designations

DELIVERABLE DELIVERABLE APPROVERS (WHO DATE NUMBER CAN APPROVE) APPROVED PRJ-DEL-001 Project Management Plan (PMP) Project Director on behalf of Executive Steering Committee PRJ-DEL-002 Business Assessment and Project Director on Requirements Report behalf of Executive Steering Committee PRJ-DEL-003 IV&V Contract & Reports Project Director on behalf of Executive Steering Committee PRJ-DEL-004 IT Service Contracts Project Director on behalf of Executive Steering Committee PRJ-DEL-005 Risk Assessment and management Project Director on reports behalf of Executive Steering Committee PRJ-DEL-006 Project Schedule Project Director on behalf of Executive Steering Committee PRJ-DEL-007 Monthly Project Status Reports to Project Director on DoIT behalf of Executive Steering Committee PRJ-DEL-008 Architecture Plan Project Director on behalf of Executive Steering Committee PRJ-DEL-009 Hardware configuration and equipment Project Director on behalf of Executive Steering Committee PRJ-DEL-010 Software licenses Project Director on behalf of Executive Steering Committee PRJ-DEL-011 Implementation services Project Director on behalf of Executive Steering Committee PRJ-DEL-012 Lessons Learned Project Director on behalf of Executive Steering Committee PRJ-DEL-013 Close out reports and documentation Project Director on behalf of Executive Steering Committee

Project Certification Description – Project Certification Committee Deliverable Acceptance Criteria – Certification by (PCC) certification of the EDMS Project Manual is PCC & ITC approval to release funds required for each phase of the EDMS project. PCC Standards for Content and Format – Provided by provides a recommendation to the ITC for the State PMO and PMI methodologies. certification and release of funds. Quality Review – Review by EDMS ESC and the project management team.

of 86 ECM Solution - Selection Criteria Description – Develop Functional and Technical Deliverable Acceptance Criteria – EDMS ESC Selection Criteria List for ECM solution. Rank each approval criterion in terms of A - Critical Need, B – Medium Standards for Content and Format – N/A Need, C - Nice to Have. Rate Vendor solutions Quality Review – EDMS ESC

Infrastructure Analysis & Design (IA&D) Description – Infrastructure Design of the EDMS Deliverable Acceptance Criteria – Approved environments (Production, Development, Test and infrastructure design capable of hosting all EDMS Training). Design will include: environments. o Document logistics analysis & design Standards for Content and Format – Content and o Hardware specifications & sizing req. Format should follow GSD established standards o System software requirements for platform design. o Communication (network) requirements Quality Review – Review and approval by GSD o Data interchange requirements technical architects. o Cost estimates

Professional Services Procurement Description – Professional Services contract with Deliverable Acceptance Criteria – Signed and a vendor to support the design, development and approved professional services contract implementation of the ECM solution. An open RFP Standards for Content and Format – Contract process will be used to garner proposals and select follows NM standards for professional services a vendor. Quality Review – GSD, State Purchasing & DFA.

Vendor Planning and Documentation Description – Vendor documentation required for Deliverable Acceptance Criteria – EDMS ESC successfully planning and managing all aspects of Approval the EDMS development and implementation, Standards for Content and Format – Content and including Quality Assurance plan and processes, Format should follow GSD established standards. Communications Plan, Change Management Plan, Quality Review – Review and approval by EDMS Issues & Risk Management Plan, Work Plan, Project Director. EDMS Project Director will route Service Level Agreements (SLAs), product documentation to the appropriate project team documentation, Security Plan, Transition Plan, and members as required for review and approval. Metadata & Taxonomy Best Practices document.

System Hardware & Software Procurement Description – All necessary system hardware and Deliverable Acceptance Criteria – Possession of software required to fully implement ECM solution all system hardware and software as designed for all system environments as designed Standards for Content and Format – Meets the design requirements specified Quality Review – GSD tech team

Infrastructure Description – Installation and configuration of all Deliverable Acceptance Criteria – Fully installed necessary hardware and software necessary to & configured infrastructure to support ECM fully implement the ECM solution for all system Standards for Content and Format – GSD environments. Deliverable includes system established standards. documentation. Quality Review – Review and approval by EDMS Project Director with GSD tech team.

of 86 Functional Analysis & Design Description – Functional Analysis & Design Deliverable Acceptance Criteria – Approved includes designing the content management Functional Analysis and Design Document structure, records management structure and Standards for Content and Format – Best designing the metadata and taxonomy Practices document for metadata and taxonomy Quality Review – EDMS ESC and project team

Disaster Recovery Planning Description – Develop Disaster Recovery Plan Deliverable Acceptance Criteria – Approved and Strategy for the ECM solution Disaster Recovery Planning document for the ECM Standards for Content and Format – Industry Best Practices for Disaster Recovery Quality Review – EDMS ESC and Project Team

Hosting Strategy and Service Level Agreements (SLA) Description – GSD will develop a hosting strategy Deliverable Acceptance Criteria – EDMS ESC for the ECM solution. Based on the approved Approval for Hosting Strategy document hosting strategy, SLAs will be developed Standards for Content and Format – N/A Quality Review – EDMS ESC and Project Team

System Development, Customization and Transition Description – These deliverable descriptions, Deliverable Acceptance Criteria – N/A Acceptance Criteria, Standards for Content and Standards for Content and Format – N/A Format, as well as Quality Review are included in Quality Review – N/A the RFP and the Professional Services Contract for the ECM solution & Implementation Services Vendor

Business Process Reengineering (BPR) Business Process Reengineering (BPR) must proceed for the GSD Risk Management Division processes to achieve success. Deliverables consist of an approved BPR project team and BPR scope, a measurements document, detailing current performance metrics, an analysis document including AS-IS process diagram, a process improvement document, including TO-BE process diagram, and reengineered policies and procedures, and finally an approved control document. The EDMS Project Director will facilitate Business Process Reengineering, providing education & support for the HSD teams.

Define BPR Project Team and BPR Scope Description – A BPR Project Team Charter and Deliverable Acceptance Criteria – EDMS Stakeholders must be defined. The BPR Project Executive Steering Committee (ESC) approval and Team members must be chosen based on their Division Management approval subject matter expertise, their demonstrated Standards for Content and Format – BPR contributions as a team member, and their ability to Industry Best Practices and the Project champion the vision to all associates affected by Management Institute’s (PMI) Project Management the BPR and implementation. The BPR Scope Body of Knowledge (PMBOK) document defines the boundaries for the BPR Quality Review – Review by Project Team effort, which includes, defining at a high level, the members, EDMS ESC and Division Managers issues and solutions, estimating the BPR impact, and creating a first draft AS-IS process map

of 86 Measurements Document Description – Developing a measurement Deliverable Acceptance Criteria – EDMS document consists of collecting current baseline Executive Steering Committee (ESC) approval and performance metrics based on identifying the Division Management approval Inputs, Processes & Outputs (IPO). Collect current Standards for Content and Format – Industry policy and procedure manuals, detail the AS-IS Best Practices process map and perform Strength, Weaknesses, Quality Review – Review by Project Team Opportunities, Threats & Issues (SWOTI) analysis. members, EDMS ESC and Division Managers

Detailed Analysis Description – Detailed analysis consists of various Deliverable Acceptance Criteria – EDMS methods for separating the whole into its Executive Steering Committee (ESC) approval and component parts. Based on specific needs, use Division Management approval appropriate analysis methods, including gap Standards for Content and Format – Industry analysis, identifying root causes, comparative Best Practices analysis, stratifying process and data, regression Quality Review – Review by Project Team analysis. The SWOTI analysis will be refined members, EDMS ESC and Division Managers

Improvement Document Description – The Improvement document Deliverable Acceptance Criteria – EDMS consists of generating solution ideas, determining Executive Steering Committee (ESC) approval and solution impacts &benefits, evaluating & selecting Division Management approval solutions, designing the TO-BE process map, & Standards for Content and Format – Industry updating and/or developing policy & procedure Best Practices manuals. Develop & present a Storyboard, Quality Review – Review by Project Team communicating solutions to Stakeholders members, EDMS ESC and Division Managers

Control Document Description – The control document details Deliverable Acceptance Criteria – EDMS expected performance metrics, as well as policies Executive Steering Committee (ESC) approval and and procedures to monitor, correct and control Division Management approval performance during and after the implementation of Standards for Content and Format – Industry new systems and processes. Integrate and Best Practices manage solutions in daily work processes. Quality Review – Review by Project Team Integrate lessons learned members, EDMS ESC and Division Managers Implementation The General Services Department is responsible for Implementation. This includes an approved implementation plan for reengineered business processes, training, system integration, content security and a content migration plan.

Implementation Plan for Reengineered Business Processes Description – The implementation plan consists of Deliverable Acceptance Criteria – EDMS a process transition plan, a system cutover plan Executive Steering Committee (ESC) approval and and a communication plan for stakeholders and all Division Management approval affected associates. Standards for Content and Format – N/A Quality Review – Review by Project Team members, EDMS ESC and Division Managers

Training Description – Training starts with an Approved Deliverable Acceptance Criteria – EDMS ESC Training Plan, to develop and distribute Approved approval and Division Management approval Training Documents, including user manuals and Standards for Content and Format – Best quick references Practices and Standards for Training Quality Review – Review by Project Team members, EDMS ESC and Division Managers

of 86 System Integration Description – System integration brings together Deliverable Acceptance Criteria – EDMS ESC work done while developing the application and approval and Division Management UAT Sign-off technology infrastructure, completing the functional Standards for Content and Format – GSD interface design, technical interface design, established standards for functional & technical interface development, unit, system & integration design documents. testing and finally User Acceptance Testing (UAT) Quality Review – Review by Project Team members, EDMS ESC and Division Managers

Content Security Description – Ensure the security features built Deliverable Acceptance Criteria – EDMS ESC into the Enterprise Content Management solution approval and Division Management UAT Sign-off are activated for content and documents. Test the Standards for Content and Format – GSD security features established standards for document security Quality Review – Review by Project Team members, EDMS ESC and Division Managers

Content Migration Description – Content Migration plans need to be Deliverable Acceptance Criteria – EDMS ESC developed giving serious consideration to the costs approval and Division Management approval & benefits of migrating paper documents or Standards for Content and Format – N/A microfilm to the electronic document repository. Quality Review – Review by Project Team Questions that need to be considered include the members, EDMS ESC and Division Managers frequency or likelihood the documents will be accessed in the future, and the labor and time to scan the volume of documents.

Implementation for GSD Release 1.0 Description –Implementing Release 1.0is based Deliverable Acceptance Criteria – EDMS ESC on completing and signing off on all prior approval and Division Management approval deliverables included in Application and Standards for Content and Format – N/A Technology Infrastructure and BPR Quality Review – Review by Project Team members, EDMS ESC and Division Managers

Transition Description – Sign-off on transition document Deliverable Acceptance Criteria – Signed signaling the successful completion of transition to transition document. NM State staff for maintenance and operations of Standards for Content and Format – Content and the ECM solution. Format should follow GSD established standards. Quality Review – Review and approval by Project Director. Internal review by GSD staff.

Electronic Records Rules and Standards The work breakdown structure for Electronic Records Rules and Standards includes a communication plan, clarifying content ownership, creating a content management strategy, establishing a Content Review Board for metadata standards, and planning & budgeting for ERMS administrative and operational support.

Communication Plan Description – Establish a formal communication Deliverable Acceptance Criteria – GSD plan for to assist agencies with buy-in, compliance Management approval and education for the ERMS Standards for Content and Format – Electronic Records Management Best Practices Quality Review – Review by GSD Project Team members.

of 86 Supporting Organizational Infrastructure An organizational infrastructure needs to be set up to support the ECM product after the initial implementation project ends. This also includes training for new users, and administration of the system to support the existence of the product.

Description – Establish and staff formal Deliverable Acceptance Criteria – EDMS organizations for the operation, maintenance and Executive Steering Committee (ESC) approval ongoing staff support of the ECM solution. Standards for Content and Format – N/A o GSD trained ECM Operations Staff Quality Review – Review by Project Team o GSD Trained ECM Administration Staff members, EDMS ESC o Trained End-Users o Governance model approved by the Executive steering committee. o Continuing ECM Executive Steering Committee (new formation) o ECM User Group

Enterprise Model Enterprise Content Management and an Electronic Document and Records Management Systems framework is just one component of an Enterprise Model allowing the State of New Mexico General Services Department to move towards a fully electronic services interface for technology enabled customers Description – Establishing an Enterprise Model Deliverable Acceptance Criteria – EDMS involves research, creating an Enterprise Model Executive Steering Committee (ESC) approval document and promoting awareness and Standards for Content and Format – N/A acceptance of the Enterprise Model. Quality Review – Review by Project Team o Approved Enterprise Content Management members, EDMS ESC Best Practices Documents o Approved Survey of Other States Practices Document o Approved Industry Trends Document o Approved Blueprint for Enterprise Model o Presentation to DoIT

4.2.4 Deliverable Acceptance Procedure

The Project Director shall present the deliverables along with a recommendation for approval to the Executive Steering Committee during a regularly scheduled steering committee meeting. The Executive Steering Committee must then vote to accept or reject the deliverable with the vote reflecting a majority decision.

If the deliverable is rejected, the Project Director must inform the vendor submitting the deliverable of the committee’s action and must also identify, in writing, why the deliverable was rejected, and what actions must be addressed by the vendor before the deliverable is presented for acceptance again.

of 86 5 Project Work

5.1 Work Breakdown Structure (WBS)

The implementation plan provides an overview of the project by providing a description of the project in terms of the major categories of work, primary activities and responsibilities, milestones/deliverables and overall project timeline. A detailed Work Breakdown Structure (WBS) and deliverable descriptions are found in the Appendix A, while the detailed Project Schedule/Gantt Chart is in Appendix B and the Project Budget is in Appendix C. ECM (EDMS/ERMS) Project Work Breakdown Structure

ECM (EDMS/ERMS) Project

Application & Business Electronic Supporting Project Enterprise Technology Process Implementation Records Organizational Management Model Infrastructure Reengineering Governance Infrastructure

Note: The detailed Work Breakdown Structure is included as part of Appendix A: Scope Definition Document.

The project implementation strategy is developed from the perspective of products to be delivered. Each of the activities and tasks required to implement the GSD ECM (EDMS/ERMS) strategy has a specific associated deliverable. At a high level, the work is organized into seven separate work categories:  Project Management  Application & Technology Infrastructure  Business Process Reengineering  Implementation  Enhance Electronic Records Management Governance Model  Set up GSD ECM-EDMS Support Organizational Infrastructure  Promote Enterprise Model

Each of these work categories is defined below and the detailed Work Breakdown Structure is included as part of Appendix A: Scope Definition Document. 5.1.1.1 Project Management The discipline of the project management concept offers a variety of tools and techniques to deal with and control complex projects. The State of New Mexico Department of Information Technology is implementing the Project Management concepts at the state level and within each department as part of a strategy to better manage and coordinate the state’s information technology resources and budget.

5.1.1.2 Application & Technology Infrastructure The strategy for designing the application and technology infrastructure for the GSD ECM/EDMD must necessarily consider the enterprise architecture. ECM is just one component of the overall enterprise model. Extensibility, flexibility and scalability are the criteria that must be used to ensure that the architecture for ECM that is implemented now can also support the enterprise architecture that is evolving over the next few years.

of 86 5.1.1.3 Business Process Reengineering (BPR) Process reengineering is the most essential work of implementing Enterprise Content Management or an EDMS. A process is a group of tasks that together create a result of value to a customer or a state constituent. As the reengineering expert, Michael Hammer writes, “Processes are concerned with results, not with what it takes to produce them. The essence of process is its inputs and its outputs; what it starts with and what it ends with. Process work requires that everyone involved be directed toward a common goal; otherwise conflicting goals and parochial agendas impair the effort.”7 Moving towards a process-oriented culture, is training everybody in habits of thinking and acting that allow the whole organization to work more smoothly and effectively. The question to be asked continuously is, “How do we improve our day to day process?” 5.1.1.4 Implementation The strategy is to implement an ECM package using external resources. Under the guiding principles, the initial implementation will be completed as quickly as possible. This initial ECM implementation will be used to gain additional knowledge about the product, its operational environment and to help the project team develop a department model for the State of New Mexico General Services Department. 5.1.1.5 Supporting Organizational Infrastructure The effective operation and support of a large software application requires formal organizational thought and structure. Enterprise Content Management will require more organizational thought than most because it is one component of an enterprise model. The strategy is to provide department resources as the organizational staff necessary to support the ECM application while working to refine the Enterprise Content Management governance model. 5.1.1.6 Electronic Records Governance Model The General Services Department already has a records governance model in place to deal with paper-based documents. With the GSD ECM (EDMS/ERMS) implementation, a new electronic records environment is to be created. The strategy here is to align the current governance model to the effective ongoing management of electronic records and archives within the new Enterprise Content Management environment. 5.1.1.7 Enterprise Model Enterprise Content Management, and an Integrated Electronic Document and Records Management Systems framework is just one component of an Enterprise Model allowing the State of New Mexico General Services Department to move towards a fully electronic services interface for technology-enabled customers. Another component of an enterprise model includes Enterprise IT Data Interchange capability, to allow instant online access to information across multiple application systems. A pre-requisite to any type of department-wide access to applications and data is an Enterprise IT Security Management Program, which includes Identity Management, and Access Directory Services. A third component is the Business Process Platform, “As enterprises emphasize business processes, they need to establish a business process platform, specific to their needs, to enable business process creation, deployment and monitoring using service-enabled applications.”8 Service Oriented Architecture (SOA) is the foundation supporting the enterprise model.

7 Michael Hammer, Beyond Reengineering (HarperCollins, 1996), 11-12 8 “Flexibility Drives the Emergence of the Business Process Platform” GARTNER Research, Publication Date: 26 April 2005

of 86 5.2 Schedule Allocation – Project Timeline GSD ECM Project Timeline By Quarter Resource Deliverable 4 QTR 08 1 QTR 09 2 QTR 09 3 QTR 09 Name Develop Project Management Plan PM Vendor Approve PMP DoIT Develop Worker's Comp Business Assessm ent PM Vendor Implementation Project Cert DoIT Develop Contract for PM Implement Phase GSD CIO Select software solution GSD Business Owners, PM vendor

Develop CVR/RFP for Implementation Services PM Vendor Draft and Award IV & V services contract PM Vendor, GSD CIO Develop architectural standards for hardware, software, data interchange, and records PM Vendor, GSD CIO, GSD m anagem ent Business Owners, DoIT Procure GSD ECM- EDMS hardware and software PM Vendor, GSD CIO Install and custom ize COTS system to meet requirements Integration Vendor Activate COTS Security features to m eet GSD IT staff, DoIT staff, Integration requirements Vendor Business Process Reengineering w/ PM Vendor, GSD Business Owners, software solution Integration Vendor PM Vendor, GSD Business Owners, Integration Vendor, GSD IT Staff, DoIT Training staff Develop Interfaces with existing GSD IT staff, DoIT staff, Integration systems Vendor Develop hos ting strategy and SLAs PM Vendor, GSD CIO Test and validate PM Vendor, GSD Business Owners, solution Integration Vendor Phase 1 PM Vendor, GSD Business Owners, Implementation Integration Vendor, GSD IT Staff, DoIT Cutover staff

of 86 5.3 Project Budget

PROPOSED CERTIFICATION SCHEDULE FOR CURRENT FISCAL YEAR (AGENCY TO COMPLETE FOR ALL PHASES) Phases Amount Major Deliverable(s) / Performance Due Requested Measure(s) Dates Initiation: $ 50,000 Finalize Business Requirements, Finalize PM 9/24/2008 contract, Hire Project Manager. Product development Rationale, End Vision and purpose, Project Scope, Work Break Down Schedules, Workers Compensation Bureau Business Requirements/Needs Assessment and develop workflow (Cost Breakdown - PM @$50.0) Planning: $217,000 Develop Project schedule, Project team structure, 12/17/2008 Risk/Mitigation, Project Management Plan, Detailed Requirements Analysis, Architecture and Network Design, Release IV&V CVR & finalize contract, Release CVR for SW/Integrator. Hire IV&V contractor, inventory of existing related infrastructure/ records management practices for Worker’s Comp. (Cost Breakdown - PM @$162.0 , IV&V @$55.0)

Implementation: $833,000 Order Hardware, Finalize SW/Integrator vendor 1/28/2009 contract, Implement Hardware, Software, solution design, data integration, and workflow setup, system configuration and installation, Technical Testing, and End user training for GSD RMD Workers’ Comp Claims, Administration and User training, Develop Interfaces with existing systems. Develop hosting strategy and SLAs, Test and validate solution, Cutover. (Cost Breakdown - Data Integration @$76.3, HW/SW @$686.7, Training @$15.0, Contingency 5% of $1,100,000@$55.0)

Closeout: $-0- SME Functional Testing, Customer Acceptance, 12/31/2009 Transition to Operations

of 86 5.4 Project Team

5.4.1 Project Team Organizational Structure

Executive Sponsor,

Executive Steering Committee Arturo Jaramillo Arturo Jaramillo Mike Wilson Ed Romero Nancy Bearce Karen Baltzley Angela Lucero, Records Management Division Director, Project Sponsor, SCRA IV&V Mike Wilson

Business Owner, Ed Romero Nancy Bearce Business Operations Review Team: Benefits Project Director, Financial/Training Karen Baltzley Technical Review, Legal Sujatha Seethapathi, Lead Disability Workers Comp Loss Control Ryan Woodard, System Reports/HIPAA Regulations Project Manager Support CSW- Jane Hamlet DoIT/DFA Tech Staff

5.4.2 Project Team Roles and Responsibilities

The State Department of Information Technology (DOIT) will provide project management oversight and the GSD ECM-EDMS Executive Steering Committee will provide strategic direction for the project.

The GSD ECM-EDMS Executive Steering Committee (ESC) provides strategic, high-level guidance with regard to procedures, progress, and risks. The Steering Committee is charged with taking a department view to ensure this project supports the delivery of an enterprise/department model. The project team reports status and progress to the Steering Committee on a regular basis. The GSD ECM-EDMS ESC will also review, and approve deliverables, monitor the activities of the Project Team, assure adherence to the project plan and ensure involvement of participants in order to meet deadlines.

The GSD ECM-EDMS project team will handle the day-to-day tasks and decisions brought to the attention of the Steering Committee. The workgroup is comprised of staff members from the different GSD divisions. Tasks performed by the team include: project management and planning, analyzing requirements, data gap analysis and data mapping, making program specific decisions, helping determine the system and operational processes, business process reengineering, training and deployment.

of 86 The Department of Information Technology Office will provide increased emphasis on strategic information technology planning and management. This ensures the proper and efficient administration of all Information Technology projects in the state.

An implementation vendor will be contracted through an open procurement process (RFP/CVR) to install, and assist in the deployment of the ECM. Additional resources are to be contracted through the competitive vendor request (CVR) process to implement IV&V.

Given in the table below are the roles and responsibilities of each of the team members.

Role Responsibilities Executive Steering . Meet at least once monthly Committee (ESC) . Provide strategic direction and promote the vision for Enterprise Content Management . Advise project on policy issues . Review, evaluate, and provide direction to the Project Director and Project Team Members on implementation and deployment strategies . Monitor the project progress . Provide recommendations on issues escalated to the committee . Assist in mitigating strategic project risks . Direct the Project Director on issues and risks . Address, review, and approve all deliverables, such as project structure and team activities . Monitor the project activities, assuring adherence to the project plan . Ensure involvement of participants in order to meet deadlines . Review and approve expenditures of funds . Represent the point of view of key stakeholders including technology- enabled customers and state government executives NM DOIT . Provide project implementation oversight . Ensure proper project management and cost reporting . Certify and approve funding prior to each phase of the project

of 86 Role Responsibilities Project Director . Report to ESC on project status, issues, budget, and activities . Address, review, and submit deliverables to ESC from the GSD Project Team members . Prepare Steering Committee meeting agenda and meeting materials . Establish and maintain a coordinated project manual that includes all IT and non-IT tasks and activities necessary to fully execute the project and to achieve project goals . Monitor and report the activities of the GSD Project Team, assuring adherence to the project plan, budget and schedule . Ensure involvement of participants in order to meet deadlines . Ensure mitigation of project issues and risks . Maintain a current copy of the project budget . Facilitate development of ECM selection criteria . Prepare the RFP/CVR for ECM Implementation Services Vendor . Procure hardware and software for GSD ECM (EDMS/ERMS) . Comply with approved IT Infrastructure policies & procedures . Lead Business Process Reengineering efforts . Facilitate defining document metadata and setting up document taxonomy . Plan system interfaces and document migration processes . Manage testing and validating GSD ECM (EDMS/ERMS) solution . Provide contract and Vendor oversight . Assure Vendor deliverables meet the business & system requirements . Monitor the project and contract to ensure delivery of complete, accepted deliverables on schedule . Serve as a contact for the Vendor Team Manager, review and accept weekly status reports, project milestones, deliverables, and issues logs . Advise the Vendor Team(s) on issues and risks . Review and approve all Vendor documentation . Document Enterprise Content Management Model . Work closely with SRCA team to create an approved, published electronic- records management framework . Provide a road map for Agencies to automate records management SRCA Project Team . Provide subject matter expertise for records management requirements Members . Participate in workgroups and status meetings to determine best course of action, options, and alternatives . Review ITC PCC documentation for certification . Participate in developing EDMS selection criteria . Make recommendations to EDMS Project Director concerning the project deliverables . Review any necessary interim and final APD documentation for approval . Assist with project coordination and issues where escalation is necessary . Review Vendor deliverables and participate in test walk-through . Approve and sign off on project documentation for HSD and TRD . Work closely with Project Director to create an approved, published electronic-records management framework . Advise the Project Director in developing an EDMS Enterprise Model GSD Team Members . Participate in Hosting Strategy Development . Support installation of hardware and technology infrastructure . Participate in SLA development IT Specialists . Provide IT subject matter expertise (Programmers, GSD . Share expertise on Document Imaging and Key from Image (KFI) systems Imaging System . Work with Project Director to determine hardware, software, network and Administrators, GSD technical requirements. System Experts and . Work with Project Director to define technical system interface Developers requirements. . Provide IT perspective and guidance for technology issues

of 86 Role Responsibilities Vendor(s) . Ensure compliance with the Contract and the approved work plan. . Develop and submit all deliverables as required by the Contract. . Meet the Project schedule and milestones as defined in the Work Plan and the Contract.

5.5 Staff Planning And Resource Acquisition

The responsibility assignment matrix (RAM) is a table that relates the project organization structure to the work breakdown structure to ensure that each element of the project’s scope of work is assigned to a responsible organization or individual. Larger projects may define responsibility assignment matrices at multiple levels. A high-level RAM may define which group or organizational unit is responsible for each component of the work breakdown structure, while lower-level RAM’s are used within the groups to assign roles and responsibilities for specific activities to specific individuals. The codes are defined as follows: A = Approval, O = Oversight, R = Responsible, S = Provide Support, W = Does the Work.

Responsible Organization ECM DoIT Project ESC Project Implement IV&V Team Management Services Vendor WBS Task Vendor Vendor

Project Management Planning Project Charter -- R A R -- -- Business Requirements -- R A S -- -- EDMS Project Manual - S R A R -- -- Project Management Plan including Scope & WBS Project Schedule Software Selection -- R A S -- -- Criteria Checklist RFP Development -- R A S -- -- Risk Management S R A S S S Communication S R A S S S Control Establish Controls S R A R -- -- Project Process Review -- R A R -- -- Resource Management Project Manager r Hiring -- S R ------IV&V Services Contract R/A A S S Procure Vendor Services S R A S - -- For Implementation (RFP Process) Vendor Services R A S R Contract Funding NM DoIT Project Certification Committee DoIT Approval Phase 1 -- R A ------– Planning DoIT Approval Phase 2 -- R A R -- -- - Implementation PCC Approval Phase 3 S R A R -- -- - Closeout -Transition App/Tech Infrastructure.

of 86 Responsible Organization ECM DoIT Project ESC Project Implement IV&V Team Management Services Vendor WBS Task Vendor Vendor

Select ECM Vendor R A R Sign License Agreement -- R A S -- O & Acquire ECM Solution Package (Select GSD Document -- R A S -- -- Imaging Vendor) Infrastructure Analysis & S R A S S O Design Hardware/Software S R A s S O Procurement Functionality Analysis & S R A S S O Design System Development & S R A S W O Customization Disaster Recovery W R A S S O Planning Transition S R A S W O Business Process Reengineering Define -- R/W A S S -- Measure -- R/W A S S -- Analyze -- R/W A S S -- Improve -- R/W A S S -- Control -- R/W A S S -- Implementation Implementation Plan for R R/W A S S O Reengineered Business Processes Training Plan S R/W A S S O Training Manuals System Integration S R/W A S S O Content Migration S R/W A S S O Development & S R/W A S W O Implementation Electronic Records Management System (ERMS) Rules & Standards ERMS Framework S R A S S O ERMS Roadmap S R A S S O ERMS Standards S R A S S O ERMS Rules S R A S S O Supporting Organizational Infrastructure Trained Operational Staff R/W R A -- S O Trained Admin Staff S R A -- S O Trained End-Users S R A -- S O ECM User Group S R A -- S -- ECM Governance Body S R A ------Enterprise Model Enterprise Model -- R A -- S O Document Champion Enterprise -- R A ------Model

A = Approval, R = Responsible, S = Provide Support, W = Does the Work. O = Oversight

of 86 6 Project Management and Controls

6.1 Risk and Issue Management Information technology (IT) projects have many inherent risks associated with them. The technology itself, risks associated with introduction of new and/or innovative ideas, organizational change issues, internal project issues, external issues such as politics and the economy not to mention social concerns around the introduction of technology. The list of potential risks is almost limitless.

Risk management is the process of identifying potential project risk, assessing the probability and severity of risk events, and planning appropriate responses. Risk management is a priority task on any IT project and is managed just like cost, schedule, scope and quality. 6.1.1 Risk Management Strategy The best way to deal with a large amount of data/information is to categorize it in such a way to begin understanding the relationships between the data and start to see structure. The Software Engineering Institute (SEI) has developed a Taxonomy of Software Project Risk that offers a way to systematically think about the potential risks that are faced by software development/implementation projects. This taxonomy is used to stimulate thinking about the potential risks that the EDMS Project faces. 6.1.2 Project Risk Identification To ease the documentation and tracking of identified risks, a risk evaluation tool is used, built with an excel spreadsheet. This is the primary tool to be used to list and categorize EDMS project risks. The Risk Analysis is shown in Appendix D. The sequence of activity is as follows: 1. Risk Identification – The process of identifying potential risks and documenting the specific characteristics of each. 2. Risk Analysis – The process of determining the impact and likelihood of the identified risks. This process may employ both qualitative and quantitative techniques as deemed necessary to objectively evaluate potential risks to the project.

6.1.3 Project Risk Mitigation Approach The process of mitigating the possibility of the risk and assigning responsible individuals to identified risks. All identified risks will have appropriate mitigation strategies/plans. For those risks that are highly probable and have, significant impact to the project will develop contingency plans. 6.1.4 Risk Reporting and Escalation Strategy Risk Monitoring and Control – The process of tracking, evaluating and responding to ongoing developments relative to project plans, risk mitigation plans and specific contingency plans. Risk management is an integral component of integrated project control. This is an ongoing process for the duration of the project and will be part of every project status meeting.

Risk identification is the responsibility of all members of the project team. The Project Director and Project Managers are responsible for tracking risks and for developing mitigation strategies and contingency plans that address the risks identified by the team.

The EDMS project will follow a continuous risk management strategy. Risk will be assessed routinely to ensure that identified risks are being dealt with appropriately and that new risks are identified and dealt with as early as possible

of 86 6.1.5 Project Risk Tracking Approach

Business Risks The following table identifies the risk, estimated level, mitigation note and explanatory comment.

Risk Level Mitigation Comment Prioritize each agency’s Insufficient funding allocation means that either Insufficient funding request and some agencies requesting funds will receive $0 or Low funding develop contingency agencies will not have enough to purchase plans to allocate funds hardware, software and implementation services Ensure Stakeholders are involved and support the Agency project. Ensure ECM- Lack of resources to complete project activities resource High EDMS implementation is can lead to delays in project schedule availability a priority among agency Project team members State requirements for oversight as well as the Extended procurement process provide numerous Timeline opportunities for extended project delays. For caused by High Plan for example: State Approval  The HSD/TRD procurement process for the processes ECM Architecture Design Contract took five (5) months to approve a $26,000 contract Keys to Identity Management are –  Authentication - proving that you are who you An ECM A Statewide Identity say you are increases Management program is  Authorization - now that we know who you accessibility a pre-requisite to rolling are, determine permissions for the content High to the out ECM so that personal you are allowed to access State’s information is  Delegated Administration – Leaders in each content safeguarded. agency are responsible for securing access to their content. The task of assigning permissions is delegated to associates that know who is allowed access to what content. NM DoIT processes for Service Level Agreements NM DoIT Continue to work with NM that need to be refined: SLA's and DoIT to refine the SLA cost Medium  Cost structure methods undefined and/or not process and cost structure clearly communicated. structure methods methods  System downtime not within SLA criteria  Unexpected charges to agency budget Insufficient funds to purchase a system to meet Ensure the project scope enterprise requirements – the project has not yet Limited Medium is defined within funding been funded adequately to build a Statewide Funding limits infrastructure, merely to ensure we build a baseline that is scalable

of 86 EDMS Project Risk Management Date # Risk Title Opened Rating Prob Impact Description Effect Mitigation Trigger Event Contingency Ensure Senior Management Have 2nd layer of Stakeholders are involved and individauls defined Lack of GSD resources to complete 1 GSD Resource Availability 12/3/2008 Medium High Medium Delays in project schedule support the project. Ensure EDMS Delays in project activities w ho may able to project activities implementation is a priority among cover task GSD team members responsibilities DoIT Service Level Agreements System dow ntime not Agency's experience system Continue to w ork w ith GSD to refine DoIT SLA's and cost needs to be refined. Cost structure w ithin SLA criteria. Host systems w ithin 2 12/3/2008 Medium Medium High dow ntime and/or GSD cost the SLA process and cost structure structure methods methods undefined and/or not clearly Unexpected GSD charges each agency surprises. methods communicated. to agency budget Designate a dedicated Procurement Extended Procurement Delayed procurement 3 12/3/2008 High M edium Medium Delays in the procurement process Extend the project schedule Manager to manage to the None Process events Procurement timeline Greater access to documents leads Delay w eb content to greater access to private / secure Ensure the security components management system content. As soon as an Enterprise Security Breach leading to w ithin the EDMS are implemented components of the Enterprise Identity Content Management system 7 12/3/2008 Medium Medium Medium Identity theft, non-compliance effectively. Regularly audit the Breach of Security ECM until the Management Program expands to serve as a w eb content w ith HIPAA security system implementation Statew ide Enterprise management system, an effective during and after deployment Identity Management Enterprise IT Security Management Program is in place Program needs to be in place.

Connecting and configuring the ECM EDMS Architecture no solution w ith the DoIT storage DoIT staff members time Evaluate possibility of contracting Integration w ith Enterprise longer complies w ith 8 12/3/2008 Medium Medium Medium architecture w ill require extensive constraints and expertise w ith w ith a vendor to configure storage None Architecture Enterprise Architecture coordination and effective ECM solution requirements design management

The implementation services contract Inadequately trained Effective operations and maintenance must require detailed system resources to effectively 9 Application Maintenance 12/3/2008 Medium Medium Medium of the EDMS after deployment may be documentation, training for all state Poor Transition phase None support EDMS after a risk w ith COTS softw are. resources, and a comprehensive deployment transition plan. State requirements for oversight as Extended Timeline caused w ell as the procurement process 10 by State Approval 12/3/2008 High High High Delays in project schedule Plan for Procurement delays provide numerous opportunities for processes extended project delays. 13 Funding Carryover 12/3/2008 Low Medium Low

of 86 6.1.6 Issue Management

With any project, no matter how comprehensive the planning process, issues arise that need to be addressed. This section of the project manual addresses how this process will be managed for the NM EDMS project.

When the project team identifies an issue, it will be added to a document called EDMS Project Issues.doc stored in the project library. An issue can also be identified by anyone affiliated with the project although the project team will be primarily responsible for tracking issues through to resolution. The project team will review the issues list twice a month. Issues, which could negatively affect the project, will be brought to EDMS ESC attention according to the change control process in section 7.4. The process of tracking an issue is outlined here: 1) An issue is identified. 2) It is added to the issue document, assigned an issue number with a brief explanation of the issue and date entered. 3) The issue is assigned to someone and potential action to be taken. 4) As action is taken, it is noted with the issue. 5) If possible, an estimated completion date is entered. 6) Upon completion of an issue, the actual completion date is noted with the resolution.

Listed below are examples of how an issue can be resolved:  An issue can become a task added to the project plan with proper approval, if new, or within scope of the project. See section 7.2 and 7.4 for further details of these processes.  It could be resolved by an action taken.  A document can be created which addresses the issue.  A resolution could create new issues that need to be addressed.  A new policy could be created which addresses the issue.

The project team is primarily responsible to resolve issues or follow-up to be sure action is being taken to resolve an issue.

6.2 Independent Verification and Validation – IV&V Independent Verification and Validation (IV&V) is a risk mitigation strategy designed to provide management with project oversight through an independent evaluation a project’s product and process quality. The New Mexico Electronic Document Management System project has adopted a low risk implementation strategy by using a package solution that is currently implemented in multiple commercial and government sites. Given that the project has adopted a package solution strategy, its IV&V plan will be tailored to address the unique risks associated with package implementation projects.

The IV&V plan will: 1. Evaluate and verify that processes, contracts, and system designs comply with the specified requirements of the Enterprise Architecture and Standards 2. Evaluate and validate that products and deliverables of a given development phase fulfill the requirements and performance outcomes set forth in the scope and project plan 3. Provide a “close-out” report to the Executive Board at the end of project.

A Competitive Vendor Request (CVR) will be submitted to the GSD EDMS Executive Steering Committee for approval. Once the CVR has been approved, the project team will initiate contact with approved IV&V vendors. The IV&V vendor will develop a complete IV&V plan in conjunction with the project team. 0b528c1696cbaec306621e90e6e09ed6.doc

of 86 6.3 Scope Management Plan

Project control is the mechanism by which the Project Director in conjunction with the project team assesses progress relative to the project plan. The project control process is implemented through a weekly project status meeting. The meeting will be designed to identify variances from the project plan and to identify and initiate corrective actions where appropriate.  Cost Control –The project director maintains a copy of the current budget and is to notify GSD of budget variances as they are identified.  Schedule Control – The project team is responsible for establishing and maintaining a project schedule. The project team will assess the current project schedule status and report variances as they are identified. Additionally, the team will identify and implement the appropriate corrective actions to eliminate or minimize schedule variances.  Scope Control – The project scope is defined and documented in the Appendix 6.1 of the Project Manual. The detailed scope definition contained in Appendix 6.1 will be used to evaluate project scope issues. Significant variances from scope will be submitted to a formal project change control mechanism (Section 7.4 Change Control Process).  Quality Management – GSD ECM (EDMS/ERMS) project quality management will be established for each deliverable based on the quality mechanisms of the responsible organization, and the GSD ECM (EDMS/ERMS) Quality Management Plan (Section 7.6) of this document.  Risk Management – Risk management is an ongoing process of identification and assessment. Risk Assessment is included as part of the routine status process of the project. This maintains an awareness of risk and the associated risk assessment and monitoring tasks required to manage the project effectively.

These five parameters of the project are integrally linked and any significant change in one will likely cause changes in the others. Project control establishes the mechanism to routinely track and report on these parameters. If issues arise that result in significant variances in these parameters, the project team will prepare and submit a Project Change Request form through the Project Change Control process.

The process below is designed to capture project status information on a weekly basis. The information is then used to trigger corrective action, risk mitigation and a variety of reporting processes. This process is critical to successful project communication and is the foundation on which a successful project control system will be built. The process should allow for flexibility in dealing with project control issues while ensuring that project status information is captured and documented.

EDMS Project Integrated Control Process

Emerging Issues & Risks

Cost Baseline Baseline Weekly Schedule Current EDMS Plan Plan Status Process Scope Status Quality

Status Weekly Status Report

Corrective Yes Action Required ?

EDMS Corrective Action Document Planning Process Archive - - Website -

Revised - No - Plans Weekly Continue Status Planned Information Does Work Corrective Cost Yes Action Exceed Schedule Change Request Authorized Scope Form Variance ? Quality

Change Control Process - No - Project Work Revised Plans

of 86 6.3.1 Change Control Process

A formal change control process is an essential component of a successful IT project. The key to controlling project change, is managing the impact to the project plan, budget, and implementation schedule.

Some changes are unavoidable – instances where changes have to be made to comply with legal, federal/state regulations, policy changes, compliance with changes in the business direction of the enterprise, or where technology may dictate change. Other non-essential changes can be avoided through management of a formal change control process.

Scope changes (sometimes referred to as scope creep) are the continual addition of functional enhancements to the product requirements throughout the project life cycle. Excessive scope changes are directly related to poorly defined product requirements and specifications. A well thought out change control process will assist the project management team in controlling “scope creep”.

Three (3) steps are necessary to control scope changes: 1. Establish the baseline product. 2. Obtain agreement from the project “approvers”. 3. Enforce a formal change control process.

6.3.1.1 Establish the baseline product The EDMS project plan is developed around a “package” strategy. Further, the strategy specifically specifies minimal modifications to the package. No functional modifications are to be made to the selected EDMS product. The package plus the Work Breakdown Structure and product descriptions in section 6.1 of this document represents the baseline product and therefore the criteria for determining the approved scope. 6.3.1.2 Agreement from the EDMS ESC The baseline product described above and strategy for implementation is to be reviewed and approved by the EDMS Executive Steering Committee. Requests to change the scope will also be reviewed and approved by the EDMS ESC. 6.3.1.3 Enforce a formal change control process The software package/implementation process is never static. Some changes are to be expected during the EDMS implementation, and a formal process has been defined and is to be followed to make sure all changes to the product are made in an orderly manner. As scope change requests are made, a change control process ensures . Only necessary changes are made, . Changes are communicated to all affected parties, and . Changes are implemented in an orderly fashion.

EDMS Project Change Control Process

Change Request Form

Change Request

Cost Baseline Change Request Baseline Schedule Current EDMS Plan Evaluation Plan Process Scope Status Quality

Change Accepted Revised Baseline Plan

Corrective Yes Action Required?

JAT Corrective Action Review & Approval Process Planning Process

Change Control Revised Request Yes -No - Accepted Plans Weekly Continue Status Planned Information Does Work Corrective Cost Action Exceed Schedule Authorized Scope Variance ? Quality EDMS Document Archive - - Website - -No - Revised Project Work Plans

Change Control Request- Rejected

of 86 6.4 Project Budget Management

6.4.1 Budget Tracking The Risk Management Division’s Financial Services Bureau will be responsible for managing the ECM-EDMS budget, and will be a member of the EDMS Executive Steering Committee. The FSB employee will provide a budget update at each Steering Committee Meeting, identifying past expenditures, encumbrances, future encumbrances, personnel costs, and any other expense associated with the project budget.

6.5 Project Communication Plan

Communication is fundamental to effective project management. The Communications Plan outlines the roles and responsibilities of participants in the dissemination, review and approval of project information. A communications plan that is well implemented will help manage expectations of the project, assure appropriate levels of communication with internal and external project stakeholders, provide relevant, accurate, consistent information at all times and help generate and sustain enthusiasm and support for the project.

The communication strategy covers all the informational needs of the project stakeholder community. Many will receive routine information about the project. Others will be able to visit the project website and obtain the specific information that they are seeking and all may receive ad hoc communication from the project team at any time depending on the need.

of 86 6.5.1.1 Project Stakeholders

General Services Department (GSD) . GSD Cabinet Secretary . GSD Deputy Cabinet Secretary . GSD Risk Management Division Director . GSD Risk Management Deputy Division Directors . GSD Chief Information Officer . GSD Subject Matter Experts . Project Manager . Project personnel

EDMS Executive Steering Committee . Committee Chairperson . Committee at large

State Records and Archives Center

Implementation Vendor . Account Executive . Project Manager . Project Personnel

6.5.2 Project Communication Matrix

Stakeholders (PD = Project Director, PMs = Project Manager Deliverable/Description Target Delivery Frequency Responsible Audience Method Party GSD / EDMS Project Status GSD CIO Face-to-Face Weekly GSD PM GSD / EDMS Project Status GSD Team Face-to-Face As needed PD/PM SRCA / ERMS Project Status SRCA Team Face-to-Face As needed PD/PM Weekly PD Status GSD PD Email Weekly PM EDMS Project Status EDMS ESC Email 2nd & 4th Monday PD/PM EDMS ESC Meeting EDMS ESC Face-to-Face 2nd & 4th Weds. PD/PM EDMS ESC Meeting Minutes EDMS ESC Email 2nd & 4th Fri. PM DOIT EDMS Project Status DOIT Email Monthly PD Project Web Page As needed Web Page As needed PM Team Ad hoc As needed As needed As needed As needed

6.5.3 Project Status Meetings The Executive Steering Committee will meet at a minimum on a monthly basis in order to review project progress, deliverables/milestones, provide direction to the Project Director, and team. The Project Director is required to provide formal status reports to the ESC and will present the report during the ESC meetings. The Project Director is also required to report on the overall status of the project on a monthly basis, per standard DoIT procedures.

Specific requests for expenditure authorization should be forwarded to the ESC representatives for the agencies. If funding approval is an agenda item on the regular ESC meeting, the request and associated justification for spending should be circulated to committee members at least seven (7) days in advance of the ESC meeting. If 0b528c1696cbaec306621e90e6e09ed6.doc

of 86 funding approval is required in a timeframe that does not coincide with the ESC meeting schedule, it is the responsibility of the Project Director to send a request and justification directly to the ESC committee members. A reminder notice should be sent out after seven (7) days if there has been no response from ESC committee members. A final attempt to contact ESC members should be made at fourteen (14) days if there has been no response. Summary of any such action should be documented in team status reports and reported to the ESC at the next meeting.

6.5.4 Project Status Reports The Project Manager provides a monthly summary project status report to all Project Stakeholders.

6.6 Performance Measurements (Project Metrics)

Metric are key to understanding the ability of the project to meet the end goals of the Executive Sponsor and the Business Owner, as well as the ability of the project team to stay within schedule and budget.

NUMBER DESCRIPTION QUALITY METRICS 1 The project schedule, assigned tasks, resources and milestones are met. QUALITY METRICS 2 Project does not exceed budget. QUALITY METRICS 3 System can provide reports that accurately track utilities by building QUALITY METRICS 4 All RMD operational and facility data information is successfully converted and migrated onto a electronic records management platform QUALITY METRICS 5 Applicable RMD Legislative Performance Measures as stated in GSD FY09-10 Strategic Business and IT plan are met QUALITY METRICS 6 System is secure, operable and stable

QUALITY METRICS 7 Data integrity is maintained QUALITY METRICS 8 Staff is adequately trained QUALITY METRICS 9 Conforms to SRCA Records Management Policies

6.7 Quality Objectives And Control

Quality Management includes the processes required to ensure that the project will satisfy the needs for which it was undertaken. It includes all activities of the overall management function that determine the quality policy, objectives, quality assurance, quality control, and quality improvement, within the quality system

Quality Management is an important aspect of any project to ensure that the product delivered is accepted and works as designed. Each functional organization is responsible for the quality of its contribution to the project and will apply its internal quality standards to project products and services. The project team will assess the projects products and services based on the standards established by the functional organizations represented on the project.

There are number of ways that quality has been built into this project. The first is IV&V, which will make sure the project meets its expected requirements through a third party evaluation of the project. Please see section 7.7 for more details.

The second is the integrated project control process and change control process, which assure that any changes that are made to the project are executed in a structured manner. The most important of these is the change control process to minimize the change of scope to the project and if scope does change, it is done knowing the impact to the project. Please see sections 7.2 and 7.4 for more details.

of 86 The third process for quality management is the risk management plan, which measures, mitigates and includes contingency plans for each risk. Please see section 7.5 for more details.

The project team will also create lessons learned at the end of each phase of the project. These lessons learned will be incorporated into the next phase of the project and be part of the project library that will be available for future projects to use.

All of these processes combined will create a product that has quality that is built in not tested in after the fact. This will provide an environment that maximizes opportunities to control quality.

6.7.1 Quality Standards

Describe the agency, industry or regulatory project performance standards that will be followed and assessed by the project. These quality standards will be used to assess whether the quality objectives were achieved. Identify each of the project quality standards that are directly related to the project and not to the performance of the actual product and/or service. For each quality standard, identify the tracking tool or measure such as number of project reviews or Project Status.

No. Quality Standard Tracking Tool or Measure

1 Project phase is completed by the established finish date. • Project Schedule • Project Status

2 Project is completed within budget. • Project Charter • Project Status

3 Quarterly project reviews show contractors deliver requirements • Vendor Contract specified in the contract by due dates or pay penalties. • Final Customer Acceptance

4 Project issues are resolved and documented within 10 calendar days of • Issues Tracking identification or extensions are justified.

5 Project will be completed based on the original project scope and • Project Charter approved scope changes. • Project Plan • Control Change Request

6.7.2 Agency/Customer Satisfaction

The project manager should assess the on-going sense of the customer agency about how they feel the project is going, and how team members are acting on the project. This feedback would be helpful to the success of the project and the professional growth of the project team members.

Areas of feedback When How Often Agency awareness Business Owner Meetings Monthly Quality of communications ESC Steering committee Monthly meetings Manages project tasks ESC Steering committee Monthly meetings Productive Meetings ESC Steering committee Quarterly meetings

of 86 6.7.3 Product Deliverable Acceptance Process

The General Services Department’s Chief Information Officer (GSD CIO) will take delivery of media; manuals; contracts; licenses; services agreements; configuration settings; status of patches to COTS products; in-house or vendor developed code; test cases, routines, and scripts; and other items required for the project. The GSD CIO will take delivery of such products only after the product deliverables have been accepted by the GSD EDMS Executive Steering Committee.

6.8 Configuration Management

Configuration Management determines how project information (files, reports, designs, memos, documents, etc.) will be managed (tracked, approved, stored, secured, accessed, version control, etc.) and owned by (e.g., Agency managing the project or the Customer). Standards and team awareness are critical.

6.8.1 Version Control

GSD will implement a software solution to manage version controls for documentation and products. The software will secure or lock documents and products for access by a single individual. The proposed software will have the ability to also merge changes to a central repository.

6.8.2 Project Repository

A project repository, consisting of a shared server with multiple folders and a project web site will be developed by GSD IT staff members as a means to provide a central repository for all project documentation and deliverables.

6.9 Procurement Management Plan

All procurement for project goods and services must be performed under the guidance and direction of New Mexico State Procurement Statues, which will be made available from the EDMS project website.

of 86 7 Project Close

Project Close will always consist of administrative project activities and possibly contractual project activities and an external vendor is employed. Completing both sets of activities is a mandatory step in the project life cycle. Administrative activities complete the internal needs for the Agency/Unit that is responsible for managing the project, such as lessons learned, recording the last hours against the project, and providing transition for the staff to other assignments. Contractual activities meet the contractual needs, such as executing a procurement audit and formal acceptance of the project work products.

7.1.1 Administrative Close Administrative Close occurs at both the end of phase and end of project. This closure consists of verification that objectives and deliverables were met. Acceptance is formalized and phase activities are administratively closed out. Administrative closure occurs on a “by-phase” basis in accordance with the WBS and should not be delayed to project end. At that point, the burden of closing is too great and audits inaccurate. The specific project close activities for a given project are contingent on the project’s complexity and size. Project managers should work with the project’s project management consultant to tailored Project Close procedures to compliment the project’s objectives

7.1.2 Contract Close Contract close is similar to administrative close in that it involves product and process verification for contract close.

of 86 APPENDIX A - Scope Definition Document

7.2 Detailed Work Breakdown Structure (WBS) ECM (EDMS/ERMS) Project Work Breakdown Structure

0b528c1696cbaec306621e90e6e09ed6.doc EDMS Project Management WBS ECM (EDMS/EDMS) Project Management Work Breakdown Structure

Planning Communication Funding

Communication Plan Project Charter Federal Financial Participation Twice Monthly ESC Meetings Needs Assessment - APDU Bi-weekly ESC Status Reports Project Control Plans - RFP Monthly OCIO Status Report Scope Document - Implementation Vendor Contract Approval Meeting Notes WBS PCC Certification Project Schedule - PIR Software Selection Criteria - PIR Certification Checklist - EDMS Project Manual Project Manual Document - Implementation Report - Implementation Certification - Close-out Report - Close-out Certification ECM (EDMS/ERMS) FY07 C3 Funding Request Resource Risk Control Management Management

Project Manual Document Project Director Price Agreement Risk Management Plan Risk Management Plan Needs Assessment Price Agreement - Mitigation Plans Issue Management Plan RFP for Implementation Services - Contingency Plans Quality Control Plan Implementation Vendor Contract IV&V Reports Communication Plan IV&V Price Agreement Change Control Plan Budget Planning Phase - Lessons Learned Implementation - Lessons Learned Project Overall - Lessons Learned Application & Technology Infrastructure WBS 0b528c1696cbaec306621e90e6e09ed6.doc

of 86 Application & Technology Infrastructure Work Breakdown Structure

System Disaster Functional Select ECM Infrastructure Development & Recovery Transition Analysis & Design Vendor Analysis & Customization Planning Design Finalize Selection Design Content Management Structure Execute Transition Criteria Infrastructure Analysis & Design (IA&D) Sign-off Deliverables Set up Vendor Document Logistics Analysis & Design Design Records Demonstrations Hardware Requirements Management Structure Select Vendor System Software Requirements Design Metadata Review & Communication (Network) Requirements & Taxonomy Approve Vendor Data Interchange Requirements Review & Approve IA&D Procure Hardware Architecture Committee & Software Approval Obtain Vendor Quotes Select Document Review & Approval Imaging Vendor IT Consolidation Exceptions Process Purchase Hardware & Software Finalize Selection Criteria Verify Inter-operability Set up Vendor Implementation Demonstrations Build Development & Services Vendor Infrastructure Implementation Select Vendor Planning Review & Approve Vendor Develop Quality Assurance Plan Develop Hosting SLA Develop Quality Assurance Process Develop Technical Hardware & Software GSD RMD Release 1.0 Document Architecture Document - Functional Design Develop Communication Plan Develop Technical Communication - Technical Design Develop Change Management Plan Architecture Document - Build Develop Issue & Risk Management Plan Develop Configuration Specification & - Unit, System, Integration Test Develop Project Work Plan Systems Administration Document - User Acceptance Testing Develop Acceptance / Exit Criteria Document Develop Installation & Configuration Develop Deployment / Support SLA Document Develop Metadata / Taxonomy Best Develop Configuration Management Plan Practices Document Install & Configure Hardware, Software & Develop Security Plan Network for Production Environment Develop Data Interchange Plan Install & Configure Hardware& Software Develop Transition Plan for Dev. Test & Training Environments

of 86 Business Process Reengineering WBS

of 86 Business Process Reengineering (BPR) Work Breakdown Structure

Application & Business Process Electronic Supporting Project Enterprise Technology Reengineering Implementation Records Organizational Management Model Infrastructure (BPR) Governance Infrastructure

Establish Enterprise Establish BPR Business Process Leadership Management Champion Continuous Process Improvement Support "end-to-end" process optimization Provide BPR Training Cross-functional process improvement Guide Process Reengineering efforts Support Cross-Departmental BPR Establish communication processes Continuous Process Improvement Utilize Best Practices such as Six Sigma Enterprise Business Process Management

Define Measure Analyze Improve Control

What are the steps to improve the How might we improve our day How can we gather performance How do we guarantee performance? What are the methods to process? to day process? measurements for our day to day Verify Improvement Resulted from separate the whole into Generate Solution Ideas Define Scope and Boundaries process now? Solution component parts ? Determine Solution Impacts - Benefits Define Issues and Solutions Identify Input, Process & Outputs Identify whether additional solutions Stratify Process Evaluate & Select Solutions Team Charter and Champion Define Operational Vision are needed to achieve goal Stratify Data & Identify Design "TO-BE" process map Estimate BPR Impact Develop Measurement Plan Identify & Develop Standardization & specific problems Update policy & procedure manuals Create "AS-IS" process map Collect Baseline Measurement Data Replication Opportunities Identify Root Causes Develop & present Storyboard Identify "Quick Hits" solutions Collect current policy & procedure Integrate and Manage Solutions in Validate Root Causes Communicate Solutions to all manuals daily work processes Comparative Analysis Stakeholders Detail "AS-IS' process map Integrate Lessons Learned Regression Analysis Develop Pilot Plan & Pilot Solution Perform SWOTI Analysis Design of Experiments Identify teams next steps and plans Refine SWOTI Analysis for remaining opportunities

of 86 Implementation WBS ECM Implementation Work Breakdown Structure

Implementation Plan System Content Development & for Reengineered Training Content Integration Migration Implementation Business Processes Security Training Plan System Integration Plans Activate Security Content Migration GSD RMD Release 1.0 Training Documents Functional Interface features for content Plans - User Manuals Requirements Test Security Cost/Benefit for - Functional Design - Quick Reference Technical Interface Imaging for - Technical Design Guides Requirements "backlog" documents - Build - Unit & System Testing Interface Development Identify EDMS - Integration Test Unit & System Testing export / import Integration Testing criteria - User Acceptance Testing User Acceptance Testing

of 86 Electronic Records Management Rules & Standards WBS

of 86 Electronic Records Governance Model Work Breakdown Structure

Enhance Electronic Records Rules & Standards

Establish Content Plan & Budget for Clarify or Restate Create Content Communication Review Board for ERMS Operational & Content Ownership Management Strategy Metadata Standards Administrative Support For ERMS buy-in Educate State Agencies on Content Use ECM solution to enforce Review Board to work with For compliance Ownership Responsibilities Lifecycle for Content - SRCA Statutory Responsibility Ensure content is properly For education Modify existing rules for ERMS Define components of a compliance - input from State Agencies categorized & metadata Modify Retention Schedules architecture Approve changes to the EDMS/ERMS tagged Management of Public Records - intelligent metadata editing metadata structure Ensure adherence to records created through electronic means Web-site Content - Define strategies to Periodically realign content retention policies Define metadata requirements address the unique challenges of library to business process Ensure content management - based on record series integrating web-based applications polices are enforced - thresholds with the ECM (ERMS/EDMS) Set up methods for auditing -- informational web content metadata -- transactional web content Define ERMS operational E-mail & Text Messaging Content staffing requirements ERMS Standards for State agency Define ERMS administrative EDMS Integration staffing requirements Strategies for Shared Content Set up Content Collaboration - virtual team spaces for shared unstructured "working" content Supporting Strategy for migration of content as Organizational technology changes Infrastructure

of 86 Supporting Organizational Infrastructure WBS Supporting Organizational

InfrastructureWork Breakdown Structure

This is an organizational infrastructure tosupport the ECM product after the Implementationinitial Project ends. The ECMproduct consists of training for users,new and administration of the systemto support the existence of the product

Enterprise EDMS DoIT SRCA GSD (Statewide) Governance Body (Note: Assumption is that DoIT Trained ERMS Trained ECM Continuing Enterprise Enterprise will host ECM Administration Staff Administration Staff Content Management Trained(EDMS/ERMS) ECM ERMS Operational Support Trained End-Users Executive Steering Committee Operations Staff Trained End-Users (new formation) Trained ECM ECM User Group Administration Staff Trained End-Users

of 86 Enterprise Model WBS Enterprise Model Work Breakdown Structure

Promote Enterprise Create Enterprise Research Model Model Document Increase Awareness for Industry Trends Blueprint for Enterprise EDMS Enterprise Content Management Best Practices Coordinate with other Agencies Survey Other States Presentations to CIO Council Enterprise Content Management, and an Electronic Document and Records Management Systems framework is just one component of an Enterprise Model allowing the State of New Mexico to move towards a fully electronic services interface for our technology-enabled customers

Enterprise IT Security Enterprise IT Data Enterprise Business Enterprise Content Service Oriented Management Program Interchange Capability Process Management Management Architecture (SOA)

Identity Management Access Directory Services LDAP

Enterprise Portal

of 86 APPENDIX B - Project Schedule/Gantt Chart If you would like a current soft copy of the MS Project file, please send an email to [email protected]

0b528c1696cbaec306621e90e6e09ed6.doc APPENDIX C - Project Budget If you would like a current soft copy of the Project Budget, please send an email to [email protected]

of 86 APPENDIX D - Risk Analysis For the most up to date EDMS Project Risk report, please email the GSD ECM-EDMS Project Manager at [email protected].

of 86 APPENDIX E - Project Library The project library is an electronic storage place where all documentation relating to the project is stored and updated. GSD ECM-EDMS project website provides project specific information. See www.GSD ECM- EDMS.state.nm.us . This is a single source of project information for all stakeholders. The website includes Information: . Project Objectives . Project Organization . Project Status . Governance, including project status reports and meeting minutes . Project Manual . Project Background and Definitions . ECM Requirements Matrix . ECM Architecture Design

of 86 APPENDIX F - Sample Project Forms

Project Change Request Form This is the form to initiate the Change Control process.

Project Change Request

Project Name Date Project Director Project Managers

AGENCY AND PROJECT INFORMATION Requested by Date Authorized by Date DESCRIPTION

IMPACT Technical Schedule Cost Other

ACTION PLAN

Mark One This change Is Is Not within scope.

Mark One This change is Accepted Denied On Hold Delayed

ESC Approval Signature Name Date

of 86 Project Status Report To request a copy of the current project status report, send an email to [email protected]

of 86 Sample issues report For the most up to date EDMS Project Issues report, please email the GSD ECM Project Manager at [email protected]

of 86 APPENDIX G – GSD ECM-EDMS Project Definitions

"Administrator" means the state records administrator (Section 14-3-2 NMSA 1978). "Agency" means any state agency, department, bureau, board, commission, institution or other organization of the state government, the territorial government and the Spanish and Mexican governments in New Mexico (Section 14-3-2 NMSA 1978). “Application” means a software program designed for end user to do work, such as word processing, accounting, or illustrating. Software programs such as WordPerfect, Excel, and PageMaker are examples of end user applications. “Archives” Archives has three meanings: 1. Documents preserved because of their historical or informational value. 2. “Archives” means the building or part of a building where archival materials are located, also referred to as an archival repository. 3. The agency or program responsible for selecting, preserving, and making available archival material. Archives and Historical Services is a Division of the State Commission of Public Records (General Services Department). This Division is responsible for selecting, preserving, and making available permanent records, historical manuscripts, photographs and other materials that contribute to the understanding of New Mexico history. “Audit” means a periodic examination of an organization to determine whether appropriate procedures and practices are followed. “C-1” means a project request for a base budget “C-2” is a single agency project request for funding “C-3” is a multi-agency project request for funding "Commission" means the state commission of public records (Section 14-3-2 NMSA 1978) “COMMISSION OF PUBLIC RECORDS” means the governing body of the NM General Services Department “Computer” This includes, but is not limited to, mainframe computers, minicomputers, and microcomputers, personal computers, portable computers, pocket computers, tablet computers, telephones capable of storing information, PDAs, and other devices. “Content” is a metadata concept that encompasses document images, papers, books, maps, email, web sites, HTML, XML, photographs, forms, audio, video, text, and reports. “Content Taxonomy” see the definition for Taxonomy “Custodial agency” means the agency responsible for the maintenance, care, or keeping of public records, regardless of whether the records are in that agency’s actual physical custody and control. “Data” is the plural for “datum” which means a single piece of information. Data refers to a collection of information, electronic or non-electronic. Data can also refer to raw facts, figures, or symbols. “Database” means a collection of information stored in magnetic or hardcopy form (with or without any particular structure). “Destruction” means the disposal of records of no further value by shredding, burial, incineration, pulping, electronic overwrite, or some other process, resulting in the obliteration of information contained on the record. “Digital asset management (DAM)” is the process of digitizing, cataloging, enabling search, retrieval, management, repurposing, delivery, and secure sale of media assets, which could be a combination of audio, video, text, and images. DAM systems are used to manage, store and retrieve rich media. DAM vendors offer:  Asset cataloging — done using the closed caption of a video or through the assignment of attributes.

of 86  Asset retrieval — provides indexing and search capabilities for rich media. Assets can be retrieved through their attributes, full text indexes or visual characteristics such as pattern recognition or scene changes of a video.  Workflow — includes being able to distribute and incorporate assets into tasks. Content distribution is based on its type, such as streaming for video and audio.  Content rendering — content can be rendered to different output types of resolutions, such as MP3 for audio or "thumbnails" for photos. This feature lends itself well to multi-channel (print, video, Web) marketing campaigns. As the use of rich media increases in intranet and Internet applications, partnerships and mergers will proliferate among vendors of DAM, WCM and document management applications. (From Gartner Research). “Disposition” means final action that puts into effect the results of an appraisal decision for a series of records (i.e., transfer to archives or destruction). “Electronic records” means records whose informational content has been encoded and recorded on a medium like magnetic tape, drums, discs, or punched paper tape and can be retrieved by finding aids known as software documentation. The encoded information is retrievable only with the help of a computer. “Electronic records management” Records management technology enables an enterprise to assign a specific life cycle to individual pieces of corporate information. The information classified as records can come from many applications, including e-mail, Web pages, scanned documents, enterprise resource planning, homegrown applications, fax documents and paper. Some records management systems rely on Integrated Document Management systems to work while others can be used stand-alone. o “The stand-alone records management market is small, with about $50 million in software revenue worldwide. However, the interest in records retention has surged, as accounting scandals and lawsuits have made headlines. o All the major Enterprise Content Management players will build or buy records management functionality by 2004 (0.8 probability). The stand-alone records management market is being relegated to niche status. (From Gartner Research)” “Enterprise Content Management (ECM)” is generally considered to be an amalgamation of a number of distinct but interrelated applications:  Integrated Document Management (IDM)  Web Content Management (WCM)  Digital Asset Management (DAM)  Enterprise Records & Retention Management (ERRM)  Collaboration Content Management (CCM), Collaboration technology, a subset of ECM, is becoming increasingly important in organizations, allowing the participants in a business process to come together to optimize the process to mutual benefit. This brings partners, suppliers, customers and agencies together in a controlled way, manages, and leverages collaboration content such as discussion threads, voting results, and documents. “Enterprise Records & Retention Management (ERRM)” is a process that monitors documents (for example, papers, books, maps, e-mail, Web site content, photographs and messages) throughout their life cycle; from the time they are created to the time they are destroyed. Records are documents used to maintain information created or received while conducting an organization's activities. They are held for several reasons, including business continuity, legal or statutory requirements, or as permanent records of the enterprise. In many cases, ERRM is a mandatory program, and enterprises have no choice but to spend money to meet legal or regulatory requirements. Penalties for lack of compliance can range from censure to fines or, in extreme cases, to suspension of business activities. (From Gartner Research) (Note: see also the definition for “Public Record,” and note the distinction for record destruction vs. record disposition.) “Forms capture and processing” Forms-capture and forms-processing software apply recognition technologies such as OCR, ICR and bar code against an electronic document (such as scanned paper and electronic fax) to increase the data entry throughput with a lower labor component. In the simplest case, a document is scanned, and key fields (for example, name, account number, age, purchase amount, tax owed) are recognized and translated, verified and passed to a database or line-of-business 0b528c1696cbaec306621e90e6e09ed6.doc

of 86 application. The leading forms processing and capture vendors are providing multichannel, multiprotocol (paper, Web, fax, e-mail) capture and export capabilities. “Through 2005, the leading forms-processing vendors will be those with strong product and channel relationships with the major document imaging vendors and integrators (0.8 probability) (From Gartner Research).” “General schedule” means a records retention and disposition schedule that specifies the disposition of support records common to many offices or agencies within government. See also: records retention and disposition schedule. “Human readable form” means information that can be recognized and interpreted without the use of technology. “Integrated document archive & retrieval system (IDARS)” serve as an archive repository for large volumes of fixed content while enabling access to, and delivery of, that content through multiple output channels. This "fixed content" includes report print streams, such as customer statements and related communications, and images of scanned documents, such as invoices, checks and contracts. IDARS also fulfill the reporting needs of enterprise applications, such as enterprise resource planning (ERP) and CRM. o IDARS provides consolidated storage, access, management and viewing of data that is often print- stream-originated, such as line data, advanced function presentation, Metacode, PostScript and Printer Control Language (PCL). IDARS is a mature market segment that has the potential for significant growth, particularly related to bill presentment opportunities o Through 2005, the IDARS software market will be dominated by the top eight vendors (0.7 probability). It will then cease to be a stand-alone market as content/IDM vendors will move in and acquire or offer these capabilities. o By 2007, the IDARS market will cease to be a stand-alone market and will merge into the ECM Category (0.7 probability). By 2007, IDARS will become integral components of ECM suites (0.7 probability). o By 2005, all of the major stand-alone IDM vendors will have evolved into Content Management suite vendors (0.8 probability) (From Gartner Research). “Integrated Document Management (IDM)” systems contain document/file creation and management tools that organize, import/export, provide version control, security, logs, text search, storage management and more. o “IDM software is an infrastructure service for securely organizing and managing electronic documents, routing documents, automating related tasks and facilitating document distribution. Core IDM functionality includes library services (check-in/checkout, version control and document-level security), cross-repository searching and common system administration. IDM and Web Content Management (WCM) vendors have taken up the Enterprise Content Management message. For the IDM vendors, this means adding richer support for Web technologies and standards — HTML, XML, Web Distributed Authoring and Versioning (WebDAV) — as well as greater functionality around Web publishing. Many IDM vendors are also incorporating enhanced search-and-retrieval capabilities, along with support for compound documents and document component management.’ o “IDM software architectures are evolving from repositories designed to handle specific types of information to integrated repositories designed to handle many types of unstructured information (for example, text, images, Web pages, video, audio and report data). These integrated repositories will add functionality required not only to manage the information, but also to understand the information content and structure. These expanded repository capabilities are key to the broader Content Management concept.” o “By 2005, all of the major stand-alone IDM vendors will have evolved into Content Management suite vendors or smart enterprise suite vendors (0.8 probability) (From Gartner Research).” “Information system” means an electronic framework by which hardware and software resources are coordinated to manipulate and convert inputs into outputs in order to achieve the objective of an enterprise. “Life cycle” means the life span of a record from its creation or receipt to its final disposition. “Medium, media” means the physical material on which information can be recorded.

of 86 “Microforms” means microfilm media, including reels, fiche, jackets, and computer output microfilm (COM) containing micro images. “NARA” – National Archives and Records Administration “Network Attached Storage (NAS)” is a LAN-attached storage server with a small, optimized system software package dedicated to performing storage related tasks. It includes preconfigured disk capacity that can be quickly installed on popular network platforms. NAS provides this expanded capacity without sacrificing either file access speed or system throughput, which would be affected by network storage add-ons such as tape libraries, CD towers, or optical jukeboxes. Instead, NAS storage devices are usually magnetic disks or RAID arrays that provide seamless, high performance file access and filing by operating at full hard disk speed. And the cost in time, resources, and inconvenience is far less than that of increasing internal storage space within the server or implementing a SAN. (See Storage Area Network (SAN).) “Non-record” means extra copies of documents kept solely for convenience of reference, stocks of publications, records not usually included within the scope of the official records of an agency or government entity, and library material intended only for reference or exhibition. The following specific types of materials are non-records: materials neither made nor received in pursuance of statutory requirements nor in connection with the functional responsibility of the officer or agency; extra copies of correspondence; preliminary drafts or other material summarized in final or other form and which have no value once action has been taken; blank “Operating system,” means the master control software that runs a computer. When the computer is turned on, the operating system is the first program that gets loaded into the memory of the machine. “Paper scanning, optical character recognition/intelligent character recognition (OCR/ICR) and imaging” One of the oldest Enterprise Content Management technologies, document imaging is more than 20 years old. It has evolved from proprietary stand-alone systems to standards-based applications. Imaging is used heavily in the financial service industries, banking and insurance. Government agencies are also heavy users of scanning technology. Because of its longevity, imaging technology has become highly commoditized and, therefore, presents a difficult market for stand-alone imaging vendors to succeed in. Imaging is now most often paired with integrated document management (IDM) solutions. Imaging applications are distinguished by their volume requirements. Although most imaging applications are more modest, high-volume scanning and imaging systems process more than 100,000 images per day. “The few remaining stand-alone imaging vendors will be acquired or will exit the market by 2004 (0.9 probability) (From Gartner Research).” “Pending litigation” means a proceeding in a court of law whose activity is in progress but not yet completed. “Program” means a coded set of instructions, written by humans, that directs a computer’s functions. The program can be stored on disk (in which case the program is software) or in a chip (which is firmware). “Public record” means all books, papers, maps, photographs or other documentary materials, regardless of physical form or characteristics, made or received by any agency in pursuance of law or in connection with the transaction of public business and preserved, or appropriate for preservation, by the agency or its legitimate successor as evidence of the organization, functions, policies, decisions, procedures, operations or other activities of the government, or because of the informational and historical value of data contained therein. “Records custodian” means the statutory head of the agency or his or her designee. “Records Liaison Officer (RLO)” means the individual in the custodial agency designated by the records custodian to cooperate with, assist, and advise the General Services Department in creating efficient and effective records management programs. The RLO in an agency is responsible for implementing the records retention and disposition schedules within his or her agency. The records liaison is also responsible for authorizing the storage and or destruction of his or her agency’s records. “Records management” means the systematic control of all records from creation or receipt through processing, distribution, maintenance and retrieval, to their ultimate disposition. “Records retention period” means the period of time during which records must be maintained by an organization because they are needed for operational, legal, fiscal, historical or other purposes. 0b528c1696cbaec306621e90e6e09ed6.doc

of 86 “Records retention and disposition schedules,” means document that specifies actions for the retention and disposition of current, inactive, and non-current records series of an organization or agency. “Records series” means file units, documents, or electronic records arranged according to a filing system or maintained as a unit because they relate to a particular subject or function, result from the same activity, have a particular form, or share some other relationship arising from their creation, receipt, or use. “Storage” The State Commission of Public Records (SRCA) provides secure storage for in-active public records maintained by state agencies. The SRCA maintains two records center facilities; the Albuquerque facility has a storage capacity of 45,000 cubic feet and the records center in Santa Fe has a storage capacity of 75,000 cubic feet. The Record Center Services Bureau staff monitors and handles the transfer, receipt, storage, and withdrawal of in-active records housed in the record facilities for state agencies. When those records have met their legal retention, the staff executes the disposition of the records. The disposition would be one of two situations, 1) transfer to Archives or 2) destruction. “Storage Area Network (SAN)” is a technology designed to overcome throughput and data-sharing issues that are common in existing data networks. SANs are fully scalable, fault-resilient shared data repositories providing unlimited mixing and matching of storage devices, storage space, and even files (under certain conditions) across the network. They are fast becoming the architecture of choice for centrally managed network storage tasks. SANs are high-speed, high-bandwidth I/O channels (usually Fibre Channel) that connect to the back end of local area network (LAN) servers. They remove cumbersome storage functions from the server, thus improving overall LAN and WAN performance. A typical SAN includes a blend of storage devices (such as automated tape libraries or RAID) capable of communicating with multiple hosts and with each other over a fast, fault-tolerant storage pipeline (the SAN). The SAN is actually a dedicated storage access I/O channel (containing network properties) optimized for handling storage tasks. “Scheduling” means the action of establishing retention periods for records and providing for their proper disposition at the end of active use. “Taxonomy” - A taxonomy is a classification scheme. Content Taxonomy is a classification of all unstructured content (document images, papers, books, maps, email, web sites, HTML, XML, photographs, forms, audio, video, text, and reports). The taxonomy automatically controls the attribution and organization of enterprise content based on information extraction, conceptual classification, business analysis, and taxonomy and metadata management capabilities. The taxonomy enables advanced search, easier navigation, and more effective personalization to facilitate content reuse. “Transfer” means moving inactive records to a records center or archives. Moving records into the state archives also includes the transfer of custody from the custodial agency to the state archives. “TIFF" means tagged image file format, a standardized format for storage of digitalized images, which contains a header or tag that defines the exact data structure of the associated image. “Vital records” means records essential to the continuing operation of an agency. They are either intrinsically irreplaceable or irreplaceable because copies do not have the same value as the originals. They are essential to the continuity of services during a disaster or to the restoration of daily business when it has been interrupted. They are the records that would be required to protect the legal and financial interests of an agency, preserve the rights of the people, and resume operations after a major disaster like fire or flood. “Voice mail” means a telecommunication message that is digitized and can be stored and subsequently retrieved in audio or visual format. “Web Content Management (WCM)” addresses the content creation, review and approval, and publishing processes. Typical applications rely on XML/XSL technology through templates and stylesheets to enable highly flexible output of content to multiple channels. Through year-end 2002, the WCM market will continue to consolidate. o “From the vendor perspective, IDM and WCM vendors are moving into each other's markets, and this represents an evolution of both technologies. There is some natural overlap of functionality related to document production and management. Users had balked at the high cost required to bring up two separate systems. Vendors offering both sets of functionality include Gauss Interprise, FileNET, Documentum, Interwoven and Hyperwave. 0b528c1696cbaec306621e90e6e09ed6.doc

of 86 o By 2006, WCM functionality will become commoditized into infrastructure applications, including Content Management suites, portals and other applications (0.7 probability). (From Gartner Research)” “Website” means a presence on the internet or intranet containing information that represents an agency or presents information on specific subjects or allows transactions to be conducted through the use of links or web pages. A website is normally hosted and maintained by an agency or by another entity sharing internet resource or through an internet service provider. “Work process management” - aka workflow, work management, process automation or e-process management software — is a tool for automating business processes and handling the interrelationships between the components of a business process, participants, procedures, information, tasks and management. Document-centric workflow was pioneered in the 1980s as a means of routing images of documents through a processing or approval cycle in an organization. The goal is to create an ideal document route through an enterprise, not simply to automate an established paper-based process. o Most Integrated Document Management (and Enterprise Content Management) software includes some workflow functionality. At a minimum, document versions can be sent along predefined routes for review or approval. At the higher end is workflow that includes task assembly, task assignment and task tracking to completion. IDM software products generally contain ad hoc workflow features such as routing and e-mail notification, but may permit integration of third-party workflow packages when greater processing and control features are required. (From Gartner Research)”

of 86 APPENDIX H – GSD ECM-EDMS Project Acronyms

APD – Advance Planning Document CIO – Chief Information Officer CRM – Customer relationship management DAM – Digital Asset Management DFA – Department of Finance and Administration DoIT – Department of Information Technology ERP – Enterprise Resource Planning ESC – Executive Steering Committee GSD – General Services Department HIPAA - Health Insurance Portability and Accountability Act of 1996 GSD – General Services Department IT – Information Technology ITC – IT Commission, a State CIO sponsored commission MAG – Multi Agency team PD – Project director PMBOK – Project Management Book of Knowledge PMI – Project Management Institute PT – Project team RFP – Request for proposal VR – Vital Records WBS – Work breakdown structure

of 86 APPENDIX P - Project Management Definitions Below is a list of project management terms. These definitions were supplied by the NM Department of Information Technology office.

Acceptance Criteria The criteria that a system or component must satisfy in order to be accepted by a user, customer, or other authorized entity. [IEEE-STD-610] Acceptance Testing Formal testing conducted to determine whether or not a system satisfies its acceptance criteria and to enable the customer to determine whether or not to accept the system. [IEE-STD-610] Assumptions Planning factors that for planning purposes, will be considered true, real, or certain. Assumptions generally involve a degree of risk. They may be documented here, or converted to formal risks. Baseline A specification or product that has been formally reviewed and agreed upon that thereafter serves as the basis for further development, and that can be changed only through formal change control procedures. [IEEE-STD- 610] Commitment A commitment is a pact that is freely assumed, visible, and expected to be kept by all parties. Configuration Management (CM) A discipline applying technical and administrative direction and surveillance to identify and document the functional and physical characteristics of a configuration item, control changes to those characteristics, record and report change processing and implementation status, and verify compliance with specified requirements. [IEEE-STD-610] Configuration Management Library System These are the tools and procedures needed to access the contents of the software baseline library. Constraints Factors that will (or do) limit the project management team’s options. Contract provisions will generally be considered constraints. Contingency Planning Contingency Planning is the development of a management plan that identifies alternative strategies to be used to ensure project success, if specified risk events occur. Crashing Crashing is taking action to decrease the total duration after analyzing a number of alternatives to determine how to get the maximum duration compression for the least cost. Critical Path Critical Path is a series of activities that determines the duration of the project. The critical path usually defined as those activities with float less than or equal to specified value often zero. It is the longest path through the project. Dependencies, Discretionary Dependencies defined by the project management team. They should be used with care and usually revolve around current Best Practices in a particular application area. They are sometimes referred to as soft logic,

of 86 preferred logic, or preferential logic. This may also encompass particular approaches because a specific sequence of activities is preferred, but not mandatory in the project life cycle. Dependencies, Mandatory Dependencies inherent to the work being done. In some cases, they are referred to as hard logic. Dependency Item A product, action, piece of information, etc., that must be provided by one individual or group to a second individual or group so they can perform a planned task. Deliverable Any measurable, tangible, verifiable outcome, result, or item that must be produced to complete a project or part of a project that is subject to approval by the project sponsor or customer. Duration The number of work periods (not including holidays or other nonworking periods) required to complete an activity or other project element. Duration Compression Shortening the project schedule without reducing the project scope. Often increases the project cost. End User The individual or group who will use the system for its intended operational use when it is deployed in its environment. Effort The number of labor units required to complete an activity or other project element, usually expressed as staff hours, staff days, or staff weeks. Fast Tracking Compressing the project schedule by overlapping activities that would normally be done in sequence, such as design and construction. Float The amount of time that an activity may be delayed from its early start without delaying the project finished date. Formal Review A formal meeting at which a product is presented to the end user, customer, or other interested parties for comment and approval. It can also be a review of the management and technical activities and of the progress of the project. Integrated Project Plan A plan created by the project manager reflecting all approved projects and sub-projects. Lessons Learned The learning gained from the process of performing the project. Lessons learned may be identified at any point during the execution of the project. Method Method is a reasonably complete set of rules and criteria that establish a precise and repeatable way of performing a task and arriving at a desired result. Methodology A collection of methods, procedures, and standards that defines an integrated synthesis of engineering approaches to the development of a product. Milestone

of 86 A scheduled event for which some individual is accountable and that is used to measure progress. Non-technical Requirements Agreements, conditions, and/or contractual terms that affect and determine the management activities of an architectural and software project. Performance Reporting Collecting and disseminating performance information. This includes status reporting measurement, and forecasting. Procurement Planning Determining what to procure and when. Product Scope The features and functions that characterize a product or service. Project Leader (Technical) The leader of a technical team for a specific task, who has technical responsibility and provides technical direction to the staff working on the task. Project Management The application of knowledge, skills, tools, and techniques to project activities to meet the project requirements. Project Management is also responsible for the oversight of the development and delivery of the architecture and software project. Program A group of related projects managed in a coordinated way. Programs include an element of ongoing work. Program Management Office An organizational entity responsible for management and oversight of the organization’s projects. As a specific reference in this document, the Office of the Chief Information Officer. Project Manager The role with total business responsibility for an entire project. The individual who directs, controls, administers, and regulates a project. The project manager is the individual ultimately responsible to the customer. Project Charter A document issued by senior management that formally authorizes the existence of a project. It provides the project manager with the authority to apply organizational resources to project activities. Project Management Plan A formal, approved document used to guide both project execution and project control. The primary uses of the project plan are to document planning assumptions and decisions, facilitate communication among stakeholders, and documents approved scope, cost, and schedule baselines. The Project Management Plan (PMP) is a project plan. Project Schedule A tool used to indicate the planned dates, dependencies, and assigned resources for performing activities and for meeting milestones. Software products such as ABT’s Workbench and Microsoft Project are tools used to develop project schedules.

Project Scope The work that must be done to deliver a product with the specified features and functions. Project Sponsor

of 86 The individual that provides the primary sponsorship for an approved project. This individual will play a key role in securing funding, negotiating for resources, facilitating resolution of critical organizational issues, and approving key project deliverables. Quality The degree to which a system, component, or process meets specified requirements. The degree to which a system, component, or process meets customer or user needs or expectations. [IEEE- STD-610] Quality Management The process of monitoring specific project results to determine id they comply with relevant standards and identifying ways to eliminate causes of product non-compliance. Risk Possibility of suffering loss. Risk Management An approach to problem analysis, which weighs risk in a situation by using risk probabilities to give a more accurate understanding of, the risks involved. Risk Management includes risk identification, analysis, prioritization, and control. Risk mitigation seeks to reduce the probability and/ or impact of a risk to below an acceptable threshold. Risk Management Plan The collection of plans that describes the Risk Management activities to be performed on a project. Scope Change Any change to the project scope. A scope change almost always requires an adjustment to the project cost or schedule. Software Life Cycle The period of time that begins when a software product is conceived and ends when the software is no longer available for use. The Software Life Cycle typically includes a concept phase, requirements phase, design phase, implementation phase, test phase, installation, and checkout phase, operation and maintenance phase, and, sometimes, retirement phase. Stakeholder Individuals and organizations that are actively involved in the project, or whose interests may be positively or negatively affected as a result of project execution or project completion. They may also exert influence over the project and its results.

of 86 APPENDIX R – References

1. “ECM Suites Emerge From Industry Consolidation,” GARTNER Research; Publication Date: 11 November 2004/Number: G00122995 2. Hammer, Michael. Beyond Reengineering, How the Process-Centered Organization is Changing Our Work and Our Lives. New York: HarperCollins Publishers, Inc., 1996. 3. “Review Your IDARS Plans as the Market Consolidates,” GARTNER Research; Publication Date: 12 November 2004/Number: G00124414 4. “Technical Report – Framework for Integration of Electronic Document Management Systems and Electronic Records Management Systems,” ANSI/AIIM/ARMA TR48- 2004, Copyright 2004 by AIIM www.aiim.org; ARMA www.arma.org; July 4, 2004