Web Application Development Process

Information Technology Services

The College of the Holy Cross Information Technology Services Department provides the infrastructure and support necessary to enable the College community, including faculty, staff and students, to effectively use technology to enhance teaching and student learning and to support the College's administrative and business operations and mission of the College. Increasingly, these network-based services are provided over the Internet or campus Intranet using a Web browser as the interface between the user and the system.

The ITS Web Development Team has built a core set of services, based on a unified architectural framework, over the past three years. Significantly more services to students, faculty, staff, alumni, and others are planned in the months ahead. The purpose of this document is to provide Holy Cross Web developers with a process to follow in terms of review meetings, documentation and signoff required for production. It is hoped that this will facilitate a smooth and rapid deployment of services.

Step 1. Functional specifications
To be completed by the Functional and Data owners and Developer. Includes application functionality desired, and target audience, including expected number of concurrent users. Also, includes expected period of heavy and light activity during the year. At this point the project team including representatives from technical services and DBAs should be identified. At this point all data owners must give preliminary consent to the use of their data.

Deliverable:
Document created and distributed

Step 2. Technical design document
To be completed by the Developer. Includes preliminary data flow diagram, architectural diagram and table description reflecting the production environment. Also includes description of any new technologies or third party products to be used.

Deliverable:
Document created and distributed

Step 3. Technical design review
To be scheduled by the Developer. Included in the review are the Developer, Web Development manager, Applications Development manager, Technical Services manager, Database manager, Change Control manager and Security Officer. The purpose of the review is to ensure that architectural and security standards will be adhered to. It is at this point that any exceptions to the standards would have to be requested and discussed. Issues such as maintainability and development standards will be discussed.

Deliverables:
Meeting minutes
Create initial Security Review document

Step 4. Functional design review
To be scheduled by the Developer. Included in the review are the Developer, Web Development manager, Applications Development manager, Functional owner and Change Control manager. Functional owner signs off on design and data owners signoff on use of their data.

Deliverable:
Meeting minutes

Step 5. Development
Prototype of application is completed by the developer on local workstation following development guidelines.

Step 6. Initial security review
To be scheduled by the Change Control manager. Included in the review are the Developer, Web Development manager, Applications Development manager, Technical Services manager, Database manager, Change Control manager and Security Officer. The purpose of the review is to ensure that security standards are being followed and Holy Cross data are being protected.

Deliverables:
Meeting minutes
Security document update

Step 7. Public Affairs Notification
To be completed by the Developer. Details should include the application name, description, Functional owners, and expected location on Web site. Public Affairs can determine what involvement they require from this point forward. Any changes to files or directories outside of webapps needs to be coordinated with Public Affairs

Step 8. Unit Testing
To be completed by the Developer on local workstation.

Step 9. Functional Testing
To be completed by the Developer and Functional Users on Webdev and Webdb servers. Testing includes application functionality and integration testing with other applications and framework.

Deliverable:
High level test scenarios

Step 10. Initial change control meeting and final security review
To be scheduled by the Change Control manager. Included in the review are the Developer, Web Development manager, Applications Development manager, Technical Services manager, User Services manager, Database manager, Change Control manager, Security Officer, Functional and Data owners. The security summary will be reviewed with Functional and Data owners. The Change Control requirements needed for the production move will be detailed. These include application survey, load testing requirements, operational and system documentation, and training.

Deliverables:
Meeting minutes
Final Security signoff

Step 11. Acceptance testing on Oakham and Mendon
To be completed by the Developer. Testing includes installation of the application into the ITS infrastructure and load testing based on established criteria.

Deliverables:
Final functional specification
Final design specification

Step 12. Final change control meeting
To be scheduled by the Change Control manager. Included in the meeting are Developer, Web Applications manager, Technical Services manager, User Services manager and Functional owner. Final review and approval of load test results, application survey, operational and system documentation, and training. Set production migration date.

Deliverables:
Change Control documentation
User Services application survey
Meeting minutes

Step 13. Production migration
To be completed by Technical Services engineer and Database Administrator with written instructions provided by the Developer.

Deliverables:
Unicenter TNG monitoring needs
Operational documentation

Step 14. Post migration debrief
To be scheduled by the developer. Included in the meeting are the Developer, Web Development manager, Applications Development manager, Technical Services manager, Database manager, Change Control manager and Security Officer. Discussion of lessons learned, inconsistencies of environments, potential changes to Web development process, etc.

Web application development process diagram
(this link will open a .pdf file in a new browser window)

5.03 tm