Beruflich Dokumente
Kultur Dokumente
Prof. Belton MPM, CIPM Christian Gonzalez, PM Tamika Roland, PC Teria Edwards, QM
Table of Content
Procurement Planning Vendor Selection Process Negotiation and Award Cost of Quality Induction and Integration Plan Contracting Procurement Flow Chart Risk Management Process Risk Categories Risk Categories Risk Driver Risk Strategy PI Matrix
Procurement Planning
Developing specification and formats SOW Description of work to be done Timeline of the work to be done Parameters of acceptable quality & the metrics in which they will be measured Strategic planning Focus on external efforts in areas that account for significant spending or high risk but also on internal processes and constraints workload and customer satisfaction. SWOT pg 350 techniques can be used here. Supplier selection To determine the best Cisco vendor a clear list of information on the project such as cost quality standards to be implemented expected timeline HIPAA and FIPS PUBS standard would be sent in a rfp. To be sure that our project remains on time and budget we will be doing an automated bidding pg 45 this will enhance competition among the Cisco vendors to ensure the best price for our clients
COQ
Cost of Quality
Plan Contracting
The approach taken to perform the plan contracting process is to collect information from the following project processes and their documents:
Contracts to be used
Purchase Orders Firm Fixed for Hr Fixed Price with Incentive for Cisco T&M
P M B O K , R i M a n a g e m e n t Pro ce ss sk 1 1 . 1 -1 1 . 6
Risk Categories
Standards
S e cu ri ty
Technical
Complexity and interfaces Performance and reliability Requirements Technology
Servers Network Cloud Facility Human resources Scope Feature Hope Effort
Creeps
Risk Categories
Project Management
Team management Communication management Risk management Quality management HR management Planning Estimating Controlling Monitoring
Risk Drivers
1. New and unfamiliar technology
setting up a HIPAA safe cloud is new to the conglomerate .
Risk Strategy
I p l m e n ta ti n m e o Tra n sfe r M i g a te ti I p l m e n ta ti n m e o E xp l i ot
PI Matrix
Probability (P)
NEARLY CERTAIN = 5 HIGHLY LIKELY = 4 LIKELY = 3 LOW LIKELIHOOD = 2 VERY UNLIKELY = 1
PI Matrix 50 40 30 20 10
VERY LOW = 1
60 50 40 30 20
LOW = 2
70 60 50 40 30
MEDIUM = 3
80 70 60 50 40
HIGH = 4
90 80 70 60 50
VERY HIGH = 5
IMPACT (I)
Risk Register
Risk ID Risk Elements Priority Examined Ranking Responsible Likely Actions Approved Sign Off
SECURITY
YES
EVERYONE
0.8
YES
PS
SCOPE CREEP
HR
PMP, HIGH COMMUNICATION MANAGEMENT SCOPE MANAGEMENT HR MANAGEMENT, HIGH RISK MANAGEMENT Time Management, HIGH Risk & Cost Management Quality Management, HIGH Risk Management
YES
TAMIKA ROLAND
0.6
COMMUNICATE YES
PM
YES
0.6
YES
PC
Schedule
YES
0.4
PS
Standards
YES
Teria Edwards
0.6
YES
PM
Budget
HIGH
YES
Chris Gonzalez
0.5
PS
Project Risk 01 Risk ID Impact: Breach of patient information, lawsuits Security Unauthorized Description personnel access the database
Project Risks
Owner Mitigation: .80 : Tamika Roland Probability tier base security levels, encrypted .90 Impact .72 Score servers with locks, Certified access certificates, location based access only
Project Impact: creep of project time, additionalits 02 Scope loss The project diverts from costs, baseline
Owner Mitigation: Weekly scoping .60 : Christian Gonzalez meetings, monitor scope & .90 .54 work throughout project
Project Impact: Lawsuit against the resources cost for assisting patients Certified access certificate, location based 03 HR The human hiree and give out Owner Mitigation: .60 : Teria Edwards .90 .54 their database pass code access only
04
Standards
The new HIPPA standards change .60 the requirements of the project.
.80
.42
Project Impact: Delay in the project to add the new requirements : Meet FIPS 140.3 standards and pass SAS 70 Mitigation inspection Owner: Christian Gonzalez 05 Schedule The 23 week schedule is insufficient .40 .80 .32
Project Impact: Delay while request additional time is processed, Failed Research and retrieve SMEs for launching Mitigation: project phase Owner: Christian Gonzalez
Quality Processes
Elements that impact Project Quality Deliverable(product) Management Processes Quality planning Quality assurance Quality control Corporate culture
Quality Assurance
Monitor and control tools and techniques 11.6.2.2 Risk Audit-examines and document the effectiveness of risk responses in dealing with identified risk
Database Audit
Cloud database audit SAS 70 audit( system security audit) Performance audit (WPI)
HR audit
The Deming Quality Approach Seven Deadly Diseases Demings Fourteen Points The Deming Cycle
B2B and B2G Focus
Quality Management Pg 19
Quality Process
Database Audit
Quality Audit
SAS Audit test Starts with; Creation of 6 user logins (2 doctors, 2 nurses, 2 heath care providers) Creation of 2 full access login Creation of a patient record template Physical system check Walk through to check the hardware security Check the documentation to verify what security has been incorporated into the database and locate it. System check Login with a full access login Introduce the Information Security Management System Plan-Do-Check-Act (PDCA)-model for the ISMSPlan - Establish the ISMSDo - Implement and operate the ISMSCheck - Monitor and review the ISMSAct - Maintain and improve the ISMS User interface check Login to the database Login as a nurse Login as a doctor Login as a health care Look at the patient records to see what information can be seen for each user. Multiple location test Same as user interface check but it is done from another location
HR Control Chart
Work Cited
process, using a standard procurement, and will know that they are dealing with a professional organization.. "Procurement Process." Purchasing Insight for Purchase to pay, electronic invoicing, the procurement process, the purchasing process and dynamic discounting.. N.p., n.d. Web. 3 Nov. 2011. <http://purchasinginsight.com/resources/the-procurement-process/>.