Documenting a Service

Every Service should have a Service Architecture Document. The document centralizes all the information about a service. We recommend building a Google Site, or similar application, with this information
  • Service Name and Description
  • Definitions
  • Roles
    • Authorizing Official
      • Responsible for fielding the Service
      • Responsible to provide adequate budget and staff
      • Ultimately responsible to ensure that the system meets the functional requirements 
      • Responsible to ensure that the Governance model works with the service and with expectations
    • System Owner
      • Responsible for complete service documentation
      • System Security Policy
      • Install, operate, maintain, administer and update service
    • Certifying Authority
      • Responsible to ensure that the System Documentation is accurate, complete and truthful.
    • Users
      • System Acceptable Use Policy
        • Administrators
        • Users
  • Governance
    • Change Control
    • System Policy Acceptance
      • System Security Policy
      • System Acceptable Use Policy
      • System Change Control Policy
      • System Incident Response Plan
    • Procurement
      • Capital investment
      • Staff
      • Maintenance
      • Subscriptions
  • Business Plans
    • Functional Requirements
    • Budget
    • Return on investment
    • Timeline and life cycle
    • Business Risk and Gap Management
    • Data and System Classification
      • Confidentiality
        • High, Medium or Low
      • Integrity
        • High, Medium or Low
      • Availability
        • High, Medium or Low
    • Compliance Requirements
      • Compliance Requirements
      • Audit Results
    • Contingency Management
      • Disaster planning
      • Mitigation Plans
    • Audit
      • Audit Requirements
      • Audit Results
  • Technical Implementation
    • Design
      • Map to business plans in detail
      • Detailed Network Maps
      • Detailed System Maps
      • Detailed Data Maps
    • Security
      • Incident Response Plan
      • Systems Risk Assessment
    • Monitoring
    • Maintenance
    • Operations
    • Vendors
  • Other Services
    • System interconnect agreements
      • Services that this service depends on
      • Services that depend on this service

Comments