Iris volume I
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Iris volume I

on

  • 934 views

 

Statistics

Views

Total Views
934
Views on SlideShare
934
Embed Views
0

Actions

Likes
0
Downloads
1
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft Word

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Iris volume I Document Transcript

  • 1. University of Maryland University College Graduate School of Management and Technology Proposal in response to: ITEC 630/Dr. Drew Department of Everything Else I.R.I.S. Prepared by: Creative Computing, Inc. “Team CC”
  • 2. VOLUME I: L.5.1.1 (TAB A) MANAGEMENT APPROACH (PWS) Creative Computing is pleased to present this proposal to the United States Department of Everything Else’s (DoEE) in response to Request for Proposal (RFP) to procure systems and associated support services for an information technology enterprise wide Interactive Resource Information System (IRIS). Group CC assumes the Period of Performance (PoP) for this effort is five total years with a base period from December 5, 2013 thru February 28, 2014 to include four option years beginning March 1, 2014 ending May 1, 2018. This proposal will be valid for 90 days. A. OVERVIEW OF TECHNICAL PROPOSAL Creative Computing Incorporated (CCI) excels in delivering the best and most up-to-date information systems available. CCI is proposing to implement a new automated Human resource system in the United States Department of Everything Else (DoEE). This new automated information system will allow for Human Resources(HR) services and information to be access by managers and employees. CCI will employ different tactics and approaches in the creation and deployment of the Interactive Resource Information System or IRIS for short. IRIS’ information and resources will be tested and measured to meet any and all of USGA standards and guidelines. CCI will deliver IRIS to all HR offices spread out through all of DoEE. CCI’s IRIS system will incorporate all the requirements as stated by DoEE’s requirements document. IRIS will allow the access of HR information in a digital medium. CCI will provide training for HR department employees in this new way of information keeping and sharing. IRIS will be accessible by DoEE from anywhere they can access a web-browser. CCI will provide access to online training for the use and access of IRIS to all DoEE employees. Existing HR data will be uploaded to IRIS’ databank by scanning and/or manually entering it. Data will be gather, scam and stored following the proper government guidelines. The data will be store in (Armando put the technical specs of the data servers in here). IRIS will be a web-based application which will grant access to HR personnel, and all of DoEE employees. The application will be specifically tailored to meet DoEE’ requirements. IRIS will be a combination of (Armando enter what you used to create the application). The will be used to keep track of all employee’s HR information. IRIS will also work as a time keeping application for DoEE employees. CCI will also provide a help desk option to help DoEE HR personnel transition to IRIS. The help desk will consist of (not sure who did the help desk but just write a summary here). This option will make the switch from paper to digital data.
  • 3. After the deployment of IRIS CCI will continue to support the system. The support plan for IRIS will be as (whoever was in charge of the support after deployment just a small technical summary). CCI ultimate goal is to provide DoEE with a system that will deliver an innovative and advanced way to provide their employees HR services. IRIS 1.0 will be the first deliverable version, with a few more iteration to follow. Every following iteration will be built from a strong foundation and features to make every new release better than its predecessor. B. OVERVIEW OF MANAGEMENT APPROACH Once the new comprehensive Human Resource Management Solution entitled IRIS increment 1.0 is delivered; DoEE will need an affective future enhancement and extension strategy. Creative Computing and our team of senior information technology professional can provide DoEE with a wealth of knowledge and experience to identify cost effective and efficient enhancement to complement IRIS increment 1.0. Creative Computing proposes using our existence staffing along with one of our information technology partners to examine new and innovative ways to enhance current capabilities. Additionally, our experts will strategically assess possible replacement options for DoEE when IRIS matures to its end-of-life cycle. Our management approach will include cross utilizing our lead project manager and a dedicated consultant provided by our partners who utilize in-house resources already working the IRIS implementation project such as software engineers, consultants other professionals to ensure cost remain low for our customer. The ISEA Future Enhancement and Extension Activities will require staffing to research and develop innovative enhancement software design and sustain the IRIS system. We estimate configuration managements is an ongoing process and will take approximately 4-months from requirement gather phase to implementation and sustainment phase. Creative Computing Incorporated management plan is as follow: • Progress Reports- CCI will host weekly as well monthly progress reports meetings. Weekly progress report meetings will be geared towards our development team, stakeholders are welcome to join. Monthly progress report meetings will held to update DoEE stakeholders, as well as for the discussion of any concerns with the project development. • Development Strategy- The active Project Manager will be in charge of IRIS development. The PM will use a Gantt chart to keep and make sure IRIS is on track.
  • 4. Tasks will be divide and schedule according to the best possible scenario. The PM will make sure to allocate resources in accordance to what is best for IRIS. • • Risk Management- CCI understands and knows there’s risk in every project. Our goal is to make sure we are prepare and ready for any unplanned event. We will do everything at our disposal to stay on course. Our performance reports will help us determine any deviation from the progress path of IRIS. If there’s a problem that could affect the scope of the project, team members will be required to fill out a change of scope form and present it to the PM. The PM will then proceed to present it to the DoEE stakeholders. PM will present different solution options that will solve the problem while having the least impact on IRIS’ scope. Scope change will have a waterfall effect on the schedule and cost. If change of scope is unavoidable the cost and schedule changes will be reflected on the new development plan for IRIS. • Budget- The total cost for IRIS reflects all the initial planned materials and resources that CCI will required to deliver IRIS 1.0. The total cost will account for any required travelling expenses if there need to be. • C. Performance Report- In our weekly meetings CCI will review and discuss IRIS’ progress. The meetings will focus on reviewing the stage and the task of the project. CCI will make sure all of IRIS’ requirements are being met and none are being forgotten. The performance reports will be used to keep our employees accountable of the work they are performing. If they are not part of the solution, they will not be part of the problem CCI will swiftly find replacements. CCI will make sure that our employees will perform and meet government standards. Project Constraints- CCI will try and identify any constraints before the development of IRIS begins. We will also identify any constraints as IRIS goes through its developmental process. Two identify constraints so far are IRIS will use DOD servers and guidelines for hosting. Another is DoEE employees’ lack of technology experience. STAFFING Creative Computing Inc. has had the pleasure of providing staff to the Federal Government for over 35 years. Providing strategic workforce solutions is the core of our mission. We are committed to providing staff that are courteous and highly skilled. Creative Computing Inc.’s team is capable of recruiting, training and providing the necessary means for retention as well as sub-contracting to provide the proper staff to each project. Role Requirements
  • 5. The following is a detailed breakdown of the roles required to execute the project. It includes: the project role, the project responsibility of the role, skills required, number of staff required to fulfill the role, the estimated duration the staff needed on the project. Role Project Responsibility Staff Req. Duration Web Page Organization & Task handling DB & Web Interface Expert DoD IA Expert 1 (in Months) 50 1 12 1 50 DoD IA 2 50 Web Page Design PHP & HTML, CS5 2 50 Configure DB MySQL Expert 1 50 Web Project Manager Manager Project Usability Lead / QA Tester Information Assurance Manager Information Assurance Specialist Web Designer / Test System & Use Usability Secure System & C&A Secure System Developer Lead Engineer Database Administrator Skills C.1 Key Personnel Tom Baker has managed small and large team on many different projects for Creative Computing in the last 10 years. Tom Baker skills on varies languages (HTML, Perl, PHP) and other web-based systems tools making him a valuable team leader for DoEE HRMS. Albert H. Kaufman has been with Creative Computing for 15 years as a Usability/QA Tester for various projects on web-based system. Albert H. Kaufman still in Firefox, Database, and other tools used to test security and usability of system. Lisa Phillips expertise on MySQL database server makes her a valuable benefit on the IRIS system. Lisa Phillips has managed large database that grows and change on customers’ requirements. Joseph G. Nottoli has been with Creative Computing for 8 years as a Web Designer and Developer. Joseph has created and maintained multiple website for other Creative Computing customers. Josepph expertise in other Human Resource Management System makes him a valuable employee for DoEE project. Jeremiah Stevens’s expertise in managing security expertise system makes him a value member of the team. His expertise in DoD C&A system requirements and expertise in HBSS
  • 6. and DISA create a strong foundation for creating and maintaining a secure system for DoEE Human Resource Department. C.2 Maintaining Technical Proficiency Creative Computing will maintained training requirements for their staff member to be in compliance with DoEE and DoD regulations. All members of the project team will meet at least all DoDD8570 requirements for their position. Creative Computing will maintain a training department for all technical certification. C.3 Maintain Staff Creative Computing maintain a 95% retention rate of all employees in the last 10 years. Creative Computing employee maintain high standards for their employees package including 401k, medical, dental, Paid Time Off (PTO), and more. 1. FULL-TIME EQUIVALENCY (FTE) The table below identifies estimated efforts of Full-Time Equivalent (FTE) days in months of FY 13-14 for each role assigned to prototype ROC and IRIS 1.0 implementation task. Role Number of Staff Required Sep Oct Human Resource and Customer Relation 1 10.5 10.5 10.5 10.5 10.5 10.5 63 Project Consultant 2 4.5 Project Engineer 1 13.5 13.5 13.5 13.5 13.5 13.5 81 Project 1 15.0 15.0 15.0 15.0 15.0 15.0 90 DBA 1 15.0 15.0 15.0 15.0 15.0 15.0 90 Software Engineer 2 12.0 12.0 12.0 12.0 12.0 12.0 60 Tester 3 8.0 4.5 Nov Dec 4.5 4.5 Jan 4.5 Feb 4.5 Total 27 Manager 8.0 8.0 8.0 8.0 8.0 40
  • 7. Technical Writer 1 5.0 5.0 5.0 5.0 5.0 5.0 25 Administrative Assistant 1 30 30 30 30 30 30 180 Data Entry Clerk 20 30 30 30 30 30 30 180 Role Number of Staff Required May June July Aug Sep Oct Total Human Resource and Customer Relation 1 10.5 10.5 10.5 10.5 10.5 10.5 63 Project Consultant 2 4.5 Project Engineer 1 13.5 13.5 13.5 13.5 13.5 13.5 81 Project 1 15.0 15.0 15.0 15.0 15.0 15.0 90 DBA 1 15.0 15.0 15.0 15.0 15.0 15.0 90 Software Engineer 2 12.0 12.0 12.0 12.0 12.0 12.0 90 Tester 3 8.0 8.0 8.0 8.0 8.0 8.0 40 Technical Writer 1 5.0 5.0 5.0 5.0 5.0 5.0 25 Administrative Assistant 1 30 30 30 30 30 30 180 4.5 4.5 4.5 4.5 4.5 27 Manager Figure 3: Full-Time Equivalency
  • 8. D. PROJECT MANAGEMENT PLAN The Schedule, Cost and Staffing should reflect that status and conditions of the ROC. The ROC would be first fielded in the Increment 1.0 ready for Operational Test and Evaluation phase, 8 months into being awarded the contract. As requested, Creative Computing, Inc will provide project management services based on the requesting system suggestion. The ROC system features shall consist of: • Attendance and Paid Time Off use • Pay raises and history • Pay grades and Positions held • Staffing and Position Classification capabilities • Unfair Labor Practice claims filed and tracked • U.S. Merit System Protection Board case tracking • Employee Performance Development Plans • Training received and proposed • Disciplinary action received and proposed • Grievances filed and tracked • Personal employee information • Management and key employee succession plans • Applicant tracking, interviewing, and selection • Application Admin capability for HR Staff (to include user account provisioning) The Project Management plan will reflect the interrelationship between the prime contractors and project activities. The plan will provide specific techniques, task, and procedures. These will be monitored by management. The project is divided into multiple phases because each phase will require an approved approach, once the approach has been approved for the project plan. The project plan shall prepare also provide a Work Breakdown Schedule and schedule of all work, deliverables and work products. The project plan will be updated and will be presented biweekly. The Government schedule will be as follows: • Early Operational Capabilities or ROC 3 months after awarded contract: • Identify the requirements of each DoEE site • Design a logical representation of the information system • Develop human computer interaction • Preliminary Design Review 3 months after awarded contract: • Data Migration • Testing process and maintenance will be completed by programmers or analysts during • Increment 1.0 ready for Operational Test and Evaluation (OT&E) 8 months after awarded contract • ROC Fielding • Users in providing immediate feedback on the design output • Ensure problems are immediately identified and fixed
  • 9. • • • • • • • • • Maintenance of the systems Increment 1.0 ready for deployment 9 months after awarded contract: Transition from the manual system which includes scanning and converting paper files for entry into the database Training of users on how to handle the system Train new DOEE System Administrator Completion of Increment 1.0 deployment 15 months after awarded contract: Launch IRIS 1.0 Start the roll out phase of IRIS Hand over new system to DOEE The major milestones above have specific bulleted task associated. The bulleted tasks are how we plan to approach each milestone. Creative Computing Inc. will consist of key personnel and staff members. Some of the main positions will be a Project Manager, Project Consultant, Project Engineers, Software Engineers, Testers, Software Writers, and Database Administrators. For more details, reference below for Creative Computing Inc.’s staffing. Creative Computing, Inc. Labor Categories and Price List Labor Categories Price (hourly) Web Project Manager $43.27 – $63.31 Usability Lead / Quality Assurance Tester $19.23 – $28.85 Information Assurance Manager $36.06 - $57.69 System Administrator $24.04 – $38.46 Web Designer / Developer Lead Engineer $28.85 – $38.46 Database Administrator $36.06 - $46.67 can go through test and trials of our staffing plan to trigger different but accurate project staffing condition as well as cost monitoring. We will analyze the system productivity and prepare statistical reports which will be analyzed through heavy workflow and slow work period. By these means, Creative Computing, Inc can evaluate cost, schedule, performance, risk management, and schedule management. E. PROJECT STAFFING PLAN Labor category definitions and minimum training, experience, certifications, security clearances and degrees for each Labor Categories Web project Manager (Duration of the Contract) The web project manager coordinates and communicates the day-to-day tactical implementation of the web site project, acting within the constraints of the project charters and goals, project budget, development schedule, and quality objectives laid out in the planning stages. The project manager is the team member ultimately responsible for keeping the overall team activities focused on the site strategic objectives and agreed deliverables, and he or she continually monitors the scope of the project activities to ensure that the team stays “on time and on budget.”
  • 10. The project manager acts as the primary contact between the web team and the sponsor and manages the overall communication among creative, technical, and production elements of the web site team. In larger web projects the project manager is not normally part of the hands-on production team, but in smaller in-house projects the sponsor, design lead, or technical lead may also act as the project manager for the site team. Project managers create and maintain the project planning and strategy documents, budget spreadsheets, project schedules and Gantt charts, meeting notes, billing records, and other project documentation that details the team’s activities. Requirements • • -At least 10 years experience with project managing web site creation and advertising projects. Experience in managing engineering scrums/sprints including large-scale projects required. Prefer experience with large Internet, web-based projects. • Experience in project management process; knowledge of project management software tools, templates and management techniques. • Strong verbal and written communication skills. • BA/BS degree • Proficient in MS Word, Excel, PowerPoint, Access, SharePoint • Able to obtain and maintain a Secret Clearance Usability Lead/Quality Assurance Tester The usability lead’s role is to shape the overall user experience. The usability lead works closely with the information architect—in fact, the same individual often fills both information architect and usability roles. As the primary user advocate on the development team, the usability lead has responsibility for user testing, user research and persona development, and universal usability standards for the site project. In the initial stages of design, the usability lead is responsible for running interviews, field studies, and usability tests and for producing personas and scenarios to inform project requirements. Information Assurance Manager The IA Manager is responsible for the security of all DoEE Human Resource System and ensuring all system is set-up to meet all of DoEE requirements and meet government standards. Ensure the required Certification and Accreditation (C&A) documentation is prepared, reviewed, and maintained. Ensure Information and is system Risk Management is provided throughout the life cycle of the systems and networks. Review and assess IS security C&A supporting
  • 11. documentation including; DIP, SIP, system architecture diagrams, document. Maintain DISA Standard on all hardware and software Requirement • • BS in Computer Science or equivalent 10 + years experience in IA for government agency Systems Administrator Minimum/General Experience: This position requires a minimum of four years experience, of which at least three years must be specialized experience in network systems. General experience includes operations experience with multi-server local area networks. Functional Responsibility: Performs daily activities including configuration and operation of business systems that may be mainframe, mini, or client/server based. Optimizes system operation and resource utilization, and performs system capacity analysis. Provides assistance to users in accessing and using business systems. Minimum Education: A Bachelor's degree in Computer Science, Information Systems, Engineering, or other related discipline. With a Master's Degree, three years general experience of which at least two years must be specialized. With eight years of general experience of which six years is specialized, a degree is not required. Web Designer/Developer Lead Engineer Responsible for designing, creating, and building HRMS. • • Create standards-compliant, cross-browser compatible HTML & CSS Create Web graphics and user interface, icons, style sheets, templates, and layout for use in product development and customer Requirements: • • BS in Computer Science or equivalent +4 years professional design experience, preferably in government work or HR • Experience with HTML, XML, PHP, CSS, Java Script • Strong Attention to detail • Able to obtain and maintain a Secret Clearance
  • 12. Database Administrator Responsible for the installation, configuration, upgrade, administration, monitoring and maintenance of the Human Resource Management System Database. Their role includes but is not limited to development and design of database strategies, system monitoring and improving database performance and capacity and planning for future expansion. • • Education required Bachelor Degree or higher in Computer Science or related field. Knowledge of MySQL 5.x, Microsoft SQL, & Oracle. • Must be able to understand database theory and design for web application. • Must have 5 years of experience. F. KEY PERSONNEL QUALIFICATION MATRIX G. QUALITY CONTROL PLAN H. SECTION 508 COMPLIANCE a) Creative Computing represents by signing this offer that the supplies and services offered in response to this solicitation, except for those identified in paragraph (b), comply fully with the Electronic and Information Technology Accessibility Standards at 36 CFR 1194. Each supply or
  • 13. service that will not be totally compliant at time of delivery or is only partially compliant is listed in paragraph (b). b) All noncompliant and partially compliant supplies or services are listed below. In addition, for each supply or service that is not in full compliance, or is partially compliant, a detailed discussion of which standards are satisfied and which standards are not satisfied by the offered supply or service is included. Also, any qualifications or conditions that might affect compliance with Section 508 of the proposed supplies or services are described. The list will be kept current during the period of performance. L.5.1.2 (TAB B) TECHNICAL APPROACH DOCUMENTATION I. TECHNICAL APPROACH AND ARCHITECTURE Technical Architecture Hardware HP ProLiant DL380P Gen 8 Rack Server System Intel Xeon E5-2640 2.5Ghz QTY Cost Total 3 $4,109.99 $12,329.97 Enterprise Hard Drive 12 $389.99 $4,679.88 HP Laptop CISCO ASA5510-SECBUN-K9 ASA 5510 SSM Security Appliance 50000 Simultaneous Sessions Up to 300 Mbps Firewall throughput Up to 170 Mbps 3DES/AES VPN throughput Server Rack Cabinet HP Color LaserJet Enterprise CP4025n Workgroup Up to 35 ppm 1200 x 1200 dpi Color Print Quality Color Laser Printer Kodak Scan Station 500 8738056 24 bit CCD 600 dpi Sheet Fed Network Scanner 40 $1,700.00 $68,000.00 2 1 $2,814.99 $1,034.10 $5,629.98 $1,034.10 4 $799.99 $3,199.96 4 $2,005.00 $8,020.00 Remark Used for DB Server and load balancing 4 Server HD for each Server (RAID 5) Government Approved HP Laptop Headquarter and Remote Site *1 spares*
  • 14. Software Windows 2008 R2 Server Windows 7 Enterprise MySQL PHP Microsoft Office 2010 Professional 3 40 1 1 669.99 409.99 0.00 0.00 $2,009.97 $16,399.60 $0.00 $0.00 All Server All laptops Open Source Open Source 40 349.99 $13,999.60 Adobe Reader X 43 0.00 $0.00 All Laptops No charge for Adobe Reader X Total $135,303.06 Help Desk Service The help desk service will be supported by Caitta Inc. to support of all of Department of Everything Else Human Resource project. Caitta Inc. wills all customers help desk support with the following three tiers of support: a) Tier 1 Support: Tier 1 will provide basic software application and hardware support call center. b) Tier 2 Support: Tier 2 will provide subject matter expertise on specific software and hardware issues and problems that Tier 1 employee is unable to support. c) Tier 3 Support: Tier 3 support more complex hardware and network operating system. The employee will be a certified system engineer or expert in the specific problem. Depending on the type of issue the system engineer may call or visit the site. Creative Computing, Inc., through subcontracting with Caitta Inc. shall perform the following tasks: a)Review, develop appropriate response, and respond to electronic mail or telephone support requests. Coordinate corrective actions, user queries, and system related trouble/issue responses, including service issues, incidents, training issues, and requests for fault/trouble isolation, correction and feedback. b) Maintain publicly accessible website for helpdesk operations, troubleshooting tips, news and announcements, application use reports, survey results, and frequently answered questions. c)Provide IRIS user support for configuration and administration of software, network administration and specialized technologies as identified by the government. d) Receive and resolve user calls with a single point of contact (Level 1) which is defined as resolution of issues on the first call. User assistance requests which cannot be resolved on the first call shall be escalated to a Subject Matter Expert (Level 2 Support). e)User assistance requests which cannot be resolved through the first response shall be escalated to a Subject Matter Expert (Level 2 Support). Issues or incidents which cannot be resolved at by Subject Matter Expert (Level 2 Support) shall be escalated to the Vendor (Level 3 Support).
  • 15. f) Maintain or initiate normal office staffing as requested by the government after established work hours. If the request is initiated during regular support hours, no lead-time may be provided. If the request is initiated during after-hours support, extended hour support is required within two hours of said request. When call volume has increased significantly, the Helpdesk Project Manager may notify the designated government representative and request they be allowed to maintain or move to normal office staffing. The Government shall approve this change on a case-by-case basis. g) Perform helpdesk center capacity monitoring and planning which is defined as monitoring and maintaining appropriate staffing levels for anticipated and planned call volumes. 1.1 Help Desk Support Caitta Inc. is responsible for 24/7 customer service for Tier 1 and Tier 2. For more complete and onsite visit response may take additional time for troubleshoot and part replacement. Support Tier Tier 1 Tier 2 Tier 3 Response Response Time 24 / 7 2 – 5 min 24 / 7 15 – 30 min. 12 / 5 1 – 5 days Table 1 (Response Time) 1.2 Support Overview The following table demonstrates the minimum support provided to Department of Everything Else Human Resource Project. The help desk function will have correction and feedback database of all trouble tickets. The company will be responsible for system reporting and isolating the problem within government standards Feature Customer Call Coverage 400 monthly Hours of Coverage Days of Coverage Tier 1 Response Tier 2 Response Tier 3 Response Email Support Operating System Support Software Application Support 24 hours Sun – Sat Call Service Call Service Call Service / Site Visit Yes Yes Yes Router / Switches Support Correction and Feedback logs Training Issues Report Remark Any additional call will be increase the monthly cost ex: password reset, connection issues ex: Access DB, PHP, MySQL ex: hardware replacement, Server crash Windows 7 & 8, Server 2008 & 2008R2 PHP, MySQL, Microsoft Office Products (All) Yes Juniper / Cisco *includes VPN* Yes Maintain and report all feedback monthly Yes Provide feedback of training issues Table 2 (Help Desk Coverage)
  • 16. COOP Executive Summary COOP planning is simply a "good business practice" part of the fundamental mission of the DoDEE agency. The agency must have a practical and comprehensive COOP plan which facilitates the DoEE’s critical emergency response mission. With the new implementation of IRIS the DoEE must ensure it has a responsible and reliable continuity of operations to ensure agency emergency response actions for public, government and private institutions are not compromised. COOP planning must be a total individual personnel, interagency and private sector coordination effort. A complete IRIS implementation must include a comprehensive COOP plan to meet the emergency response and changing security threat environments, to include localized acts of nature, accidents, technological emergencies and military or terrorist attack-related incidents. Robust COOP capabilities enable an agency to continue their essential functions across a broad spectrum of emergency responses. Creative Computing believes the following COOP plan will ensure the DoEE has a comprehensive plan ready to implement to ensure continuity of operations for the new IRIS system. This COOP plan will ensures DoEE can activate an alternate IRIS site with within12 hours and is capable of sustaining IRIS operations for a minimum of 30 days. Introduction The implementation of the Interactive Resource Information System (IRIS) version 1.0 is designed to provide DoEE with a sustainable information technology system to execute the disaster recovery mission. This COOP plan shall provide the necessary plans, processes, analysis, documentation, updates, tests, reports and management resource support and maintain at least minimum readiness levels of system availability in accordance with the Federal Information Processing Standards Publication (FIPS) 199. Additionally, this COOP plan ensures the DoEE the IRIS system architecture meets at a minimum the Information Assurance (IA) architecture service requirement for the Mission Assurance Category (MAC) II, Sensitive, Medium Robustness, system configuration, network configuration and partner support requirement identified in accordance with National Institute of Standards Special Publication 800-53 and DoD Directive 8500.01E. This COOP plan ensures the DoEE is complainant with the Secretary of Commerce mandates of the Standards for Security Categorization of Federal Information and Information Systems. The scope and contents of this document will be updated as needed as COOP requirement and standards are upgraded, and as a result of user experience and comment. Purpose This Continuity of Operations Plan establishes policy and guidance to ensure the execution of the mission essential functions of the DoEE in the event that an natural or man-made emergency in the National
  • 17. Capital Region Capitol threatens or incapacitates operations, and the relocation of selected personnel and functions of the DoEE is required. Specifically, this plan is designed to: a)Ensure the DoEE is prepared to respond to emergencies, recover from them, and mitigate against their impacts. b) Ensure the DoEE is prepared to provide critical services in an environment that is threatened, diminished, or incapacitated. c)Ensure the DoEE information technology systems maintain appropriate levels availability and documentation required for MAC II systems. Applicability and Scope a)This document is applicable to the DoEE National Capital Region operations, personnel and facilities. b) Support from other state agencies and local governments as described herein will be coordinated with the responsible office as applicable. c)A separate Continuity of Operations Plan (COOP) will be developed for the DoEE field units outside of the National Capital Region. d) A Continuity of Government (COG), and Concept of Operations (CONOP) Plan will need to be developed for the DoEE units outside of the National Capital Region. Objectives The objective of this COOP is to ensure that a viable capability exists to continue the DoEE’s essential emergency response functions across a wide range of potential emergencies, specifically when the primary facility is either threatened or inaccessible. The objectives of this plan include: a)Ensure the continuous performance of the DoEE’s Interactive Resource Information System (IRIS) version 1.0 essential functions/operations during an emergency; b) Protect essential information technology systems facilities, equipment, records, and other assets; c)Reduce or mitigate disruptions to IRIS operations; d) Reduce loss of life, minimize damage and losses; e)Identify and designate principals and support staff to be relocated; f) Facilitate decision-making for execution of the Plan and the subsequent conduct of operations; and g) Achieve a timely and orderly Interactive Resource Information System (IRIS) version 1.0 recovery from the emergency and resumption of full service to all customers.
  • 18. Essential functions Priority 1 2 3 4 Essential Functions Maintain enterprise-wide automated human resource information services to its manager and key decision makers. Respond to natural and man-made disasters home and abroad Provide direct federal assistances to state, local governments during declared emergencies Provide support to DoD for all infrastructure rebuilding, reconstruction and rehabilitation efforts. Concept of Operations a. Emergencies, or potential emergencies, may affect the ability of the DoEE to perform its mission essential functions from any or all DoEE facilities in the National Capital Region NCR. The following are scenarios that could mandate the activation of the DoEE COOP. • Any primary DoEE or information technology system facility in the NCR is closed to normal business activities as a result of an event or credible threats of an event that would preclude access or use of the DoEE facility and the surrounding area to include information technology systems. • Any facility in the NCR is closed to normal business activities as a result of a widespread utility failure, natural disaster, significant hazardous material incident, civil disturbance, or terrorist or military attacks. Under this scenario there could be uncertainty regarding whether additional events such as secondary explosions, or cascading utility failures could occur. If multiple DoEE facilities are located in impacted areas in the NCR, activation of COOP contingencies to address such scenarios may be necessary. b. In an event so severe that normal operations are interrupted, or if such an incident appears imminent and it would be prudent to evacuate any primary DoEE facility in the NCR as a precaution, the Secretary of DoEE or another authorized designated representative, may activate the DoEE COOP execution. The relevant alternate facility (Alternate facilities will be identified by the DoEE and will be listed in an appendix) will be activated, if necessary and at the discretion of the Secretary of DoEE or another authorized designated representative. c. IRIS Emergency Management Team (IEMT) for the DoEE Human Resource Management Directorate will gather at the alternate facility secure location. The IEMT will ensure the mission essential functions of the closed primary facility are maintained and capable of being performed using the relevant alternate facility until the assumption of full operations is re-established at the primary facility. d. The DoEE IEMT may be supplemented by selected staff from appropriate DoEE directorates, geographically separated field offices or other Federal agencies. Mount Weather Emergency Operation Center in Mount Weather, VA will serve as an initial relocation team for COOP activation
  • 19. or potential activation. The IEMT will either relocate temporarily to the relevant alternate facility, if necessary, or operate remotely from a (Predetermined Secure Location) serving as an assembly site. The IEMT will be responsible to continue mission essential functions of the DoEE Human Resource Management Directorate within 12 hours and for a period up to 30 days pending regaining access to the DoEE primary facility or the occupation of the relevant alternate. e. All DoEE Human Resource, Information Technology and designated Contractor personnel necessary to perform the mission essential functions of the DoEE Human Resources Directorate will need to be contacted and advised to report to either the relevant alternate facility, predetermined secure location, or other location as determined by the CEMT. Clear instructions as to the actions necessary to be performed by activated personnel should be predetermined by the lead CEMT official given the policy guidance provided by the DoEE Emergency Management Group (DEMG). f. Incidents could occur with or without warning and during duty or non-duty hours. Whatever the incident or threat, the DoEE COOP will be executed in response to a full-range of disasters and emergencies, to include natural disasters, terrorist threats and incidents, and technological disruptions and failures. g. It is expected that, in most cases, the DoEE will receive a warning of at least a 4-hours prior to an incident. Under these circumstances, the process of activation would normally enable the partial, limited, or full activation of the DoEE COOP with a complete and orderly alert, notification of all personnel, and activation of the DoEE CEMT. h. Without warning, the process becomes less routine, and potentially more serious and difficult. The ability to execute the DoEE COOP following an incident that occurs with little or no warning will depend on the severity of the incident's impact on the physical facilities, and whether the DoEE personnel are present in the effected NCR facility or in the surrounding area. i. Positive personnel accountability throughout all phases of emergencies, including COOP activation, is of utmost concern, especially if the emergency occurs without warning, during normal duty hours. DoEE facility Safety and Evacuation Plans, Administrative and Emergency Procedures, and Section/Office COOP Implementation Plans should provide for such accountability. Phase I: Activation and Relocation The purpose of a time-phased implementation is to maximize the preservation of life and property in the event of any natural or man-made disaster or threat thereof. The extent to which this will be possible will depend on the emergency, the amount of warning received, whether personnel are on duty or off-duty at home or elsewhere, and possibly, the extent of damage to primary court facilities and their occupants. The Disaster Magnitude Classification definitions may be used to determine the execution level of the DoEE COOP. These levels of disaster are defined as: • Minor Disaster. Any disaster that is likely to be within the response capabilities of local government and results in only minimal need for state or federal assistance.
  • 20. • Major Disaster. Any disaster that will likely exceed local capabilities and require a broad range of state and federal assistance. The Federal Emergency Management Agency (FEMA) will be notified and potential federal assistance will be predominantly recovery-oriented. • Catastrophic Disaster. Any disaster that will require massive state and federal assistance, including immediate military involvement. Federal assistance will involve response as well as recovery needs. In general, the following procedures are to be followed in the execution of the DoEE COOP. The extent to which this will be possible will depend on the emergency, the amount of warning received, whether personnel are on duty or off-duty, and the extent of damage to the effected court facilities and its occupants. This Plan is designed to provide a flexible response to multiple events occurring within a broad spectrum of prevailing conditions. The degree to which this Plan is implemented depends on the type and magnitude of the events or threats thereof. Alert and Notification Procedures a. The DoEE notification process as related to COOP activation should, if necessary, allow for a smooth transition the essential Agency head and staff to an alternate facility to continue the execution of mission essential functions across a wide range of potential emergencies. Notification may be in the form of: (1) A COOP alert to all DoEE Senior Leadership and Staff and all non-essential DoEE employees that relocation is imminent. (2) An announcement of a DoEE COOP activation that directs the COOP Emergency Management Team to report to an assembly site or a designated alternate relocation point (ARP), and provides instructions regarding movement, reporting, and transportation details to an assembly site or a designated ARP. (3) Instructions to the Emergency Operational Team to report for departure and relocation to a designated ARP, when selected and prepared, and instructions to non-essential employees. b. Upon receipt of a COOP alert from the DoEE Secretary or Designated Person or Persons, or a designated successor, the DoEE COOP coordinator notifies all Assistant Administrator Offices who, in turn, notify staff using their internal telephone pyramid notification cascades. Notification may be via personal contact, telephone, cell phone, pager, radio and TV broadcasts, or a combination thereof. c. The DoEE Coop Coordinator or Designated Person or Persons) notifies the appropriate Federal Emergency Operations Center, and the White House Emergency Coordinating Officer that an emergency relocation of the DoEE is anticipated or is in progress. Decision Process a. Authorized DoEE successors to the Secretary are specified in a DoEE Executive Letter to be published. Lines of succession shall be maintained by all DoEE organizational elements, reporting to the DoEE Secretary to ensure continuity of mission essential functions. Successions should be provided to a minimum depth of three at any point where policy and directional functions are carried out.
  • 21. b. Each DoEE organizational element shall pre-delegate authorities for making policy determinations and decisions. All such pre-delegations will specify what the authority covers, what limits may be placed upon exercising it, who (by title) will have the authority, and under what circumstances (This appendix should be developed and included). c. The DoEE Secretary or Other Designated Person or Persons) acting on behalf of the DoEE may order activation of the DoEE COOP Plan. d. The CEMT, if pre-deployed, may be requested by the DoEE Secretary or Other Designated Person or Persons to disseminate DoEE COOP guidance and direction during the activation and relocation phases. Pending the activation of the COOP, the CEMT will monitor the situation and assist in the notification process as necessary. e. When executed, the appropriate Federal Emergency Operations Center (s) should be notified and requested to provide any previously agreed upon assistance to DoEE. Alert, Notification, and Implementation Process a.Alert Procedures. If the situation allows for warning, assistance administrators, other senior leadership and essential staff may be alerted prior to the activation of the COOP. In all situations allowing for an alert the procedures must include notification to the FEMA Regional Emergency Operation Center and the White House Emergency Operations Center. (1) Information and guidance for assistance administrators, other senior leadership and essential staff a will normally be passed telephonically using an emergency notification telephone tree/cascade. The necessary information and means of communicating with agency personnel may be developed and outlined in a separate appendix. Depending on the situation, current information may also be available via: • • • • DoEE hot line if approved and developed. NCR Office Personnel Management web site if developed. Announcements to local radio and TV stations if approved and developed. Other means if approved and developed. (2) Agency personnel should listen for specific instructions. All personnel should remain at their office or home until specific guidance is received. (3) The DoEE Secretary or Other Designated Person or Persons will direct the activation of the DoEE COOP.
  • 22. b. Notification Procedures. Upon notification to activate the DoEE COOP: (1) The Secretary or Other Designated Person or Persons will notify the DoEE COOP Coordinator of the current situation and that the COOP is being activated. (2) The DoEE COOP Coordinator will notify all organizational Assistant Administrator Offices and the External Public Information Officer (PIO) and the primary staff using the telephone tree or other available means of communication. (a) The primary staff then initiates their respective directorate COOP notification cascade and contacts each person in their chain relaying the information and guidance provided by the COOP Coordinator. (b) The primary staff will make a second attempt to contact those individuals who were not initially available. If this attempt is unsuccessful, the primary staff will leave a message or send a page. (c) Once initial contact is made (message left/page sent), primary staff will report status of personnel contacted and those not contacted. (d) The COOP Coordinator will in turn report status to the DoEE Secretary or Other Designated Person or Persons) via telephone or other means of available communication. (e) For personnel not initially contacted, once the message or page is received, they should immediately contact the primary staff who contacted them. (f) Notification may be via personal contact, telephone, cell phone, pager, radio and TV broadcasts, or a combination thereof. (g) When a call or other notification is received by anyone in a calling cascade, the information given by the primary staff should be carefully recorded to ensure that it is passed accurately to the next person in the cascade. (h) The primary staff will notify the COOP Coordinator upon completion of their notification process. (i) The primary staff will report all unsuccessful contact attempts to the COOP Coordinator after relocation has been affected every 30 minutes until 100 percent. Phase II: Alternate Facility Operations i. Mission Critical Systems Establishment of Communications a. The Designated Person or Persons will ensure all necessary and preplanned communications systems are established, adequate, and functioning properly; and b. The Designated Person or Persons will service and correct any faulty or inadequate communications systems.
  • 23. System Name IRIS Current Location DISA Defense Enterprise Computing Center (DECC) ST Louis Mo. DoEE Data Center Washington DC Network Other Locations DISA DECC at Ogden Utah Mount Weather EOC Blue Mount, VA ii. Vital Files, Records, and Databases Vital File, Record, or Database IRIS Human Resource Records DoEE Financial Data Base DoEE Contracting Form of Record (e.g., hardcopy, electronic) Electronic Pre-positioned at Alternate Facility Yes, Access to DISA DECC at St Louis & Ogden Hand Carried to Alternate Facility No DECC at Columbus Ohio Yes No No Electronic Copy Yes, Hard copy No No No Yes No No Pre-positioned at Alternate Facility Hand Carried to Alternate Facility Backed up at Third Location Yes No No Electronic Electronic Yes No No Yes No No Electronic Yes No No Electronic & Hardcopy Electronic & Hardcopy Engineers Microsoft Project Database Electronic Vital File, Record, or Database Form of Record (e.g., hardcopy, electronic) Electronic Engineer Microsoft Visio Database Network Shared Drives Network Intranet Servers SharePoint Servers Backed up at Third Location
  • 24. Phase III: Reconstitution Within 24 hours of an emergency relocation, the Under Secretary for Facilities and Logistics or Designated Person or Persons, will initiate operations to salvage, restore, and recover the effected DoEE facilities after the approval of the local, Federal first responders, law enforcement and emergency services involved. Reconstitution procedures will commence when the Secretary of DoEE Designated Person or Persons ascertain that the emergency situation has ended and is unlikely to recur. Once this determination has been made, one or a combination of the following options may be implemented, depending on the situation. a. Continue to perform mission essential functions at the ARP for up to 30 days. b. Begin an orderly return to the effected court facility and reconstitute full operations. c. Begin to establish a reconstituted DoEE facility in some other facility in the NCR or surrounding vicinity. Procedures Upon a decision by the (Designated Person or Persons) that the court facility can be reoccupied or that a different facility will be established as a new DoEE facility: a. The Under Secretary of Facilities and Logistics or Designated Person or Persons, will oversee the orderly transition of all court functions, personnel, equipment, and records from the ARP to a new or restored court facility. b. Prior to relocating back to the primary court facility or another building, the Under Secretary of Facilities and Logistic or Designated Person or Persons will ensure appropriate security, safety, and health assessments for suitability. b. When necessary equipment and documents are in place at the new or restored DoEE facility, the staff remaining at ARP will transfer mission essential functions and resume normal operations. After-Action Review and Remedial Action Plan a. An After-Action Review information collection process will be initiated prior to the cessation of operations at the ARP. The information to be collected will, at a minimum, include information from any employee working during the DoEE COOP activation and a review of the strengths and weaknesses at the conclusion of the operations. b. The information should be incorporated into a COOP Remedial Action Plan. Recommendations for changes to the DoEECOOP and any accompanying documents will be developed and incorporated into the COOP Annual Review Process.
  • 25. b. COOP Planning Responsibilities Responsibility Approves COOP Plan Appoints COOP Coordinator Oversees COOP Planning & Execution Oversees NCR Alternate Location Planning & Operations Executes COOP Plan On Site IRIS Operations Position Secretary of DoEE Under Secretary for Facilities & Logistics COOP Coordinator DoEE COOP Alternate Location Chief of Operations & Logistics Chief COOP Emergency Management Team Contractor c. Logistics Alternate Location The DoEE alternate COOP relocation facility is at located at the Mount Weather Emergency Operation Center. Mount Weather is about 48 airline miles west of Washington, DC; about 54 miles by road. The facility's address is 19844 Blue Ridge Mountain Rd. (VA Rt. 601). The road runs northeast-southwest along the mountain, roughly on the line between western Loudoun County and eastern Clarke County. Rt. 601 terminates at two major highways: Rt. 7 to the north and Rt. 50/17 to the south. The FEMA facility is approximately halfway along the road. Note: Mount Weather is a secure installation and does not admit unauthorized visitors. There are few places where one can park along Rt. 601, and walking along the road is unsafe due to the lack of a shoulder in most places. From its inception as "High Point" in the 1950s, Mount Weather has been the emergency-operations headquarters for the federal civilian agencies and officials of the Executive Branch. That mission, originally part of the federal Continuity of Government program, continues to this day. Its details are highly classified. Mount Weather is operated by the Federal Emergency Management Agency (FEMA), successor to the Office of Emergency Preparedness. Information released by FEMA focuses on Mount Weather's role in disaster preparedness and mitigation. That mission includes telephone registration of disaster victims seeking assistance, and on-site training of state and local emergency-management officials. Students in these courses are housed on the west side of the property in buildings which appear from the outside like military barracks, but which contain individual rooms furnished like those in a modest motel. An unusual feature is a notice posted in each room, explaining the site's extensive security regulations Interoperable Communications The DoEE COOP alternate site at Mount Weather is a hot site with constant live connection and access to the critical systems previously identified in this COOP plan. The objective of Mount Weather is to ensure the DoEE has access to secure interoperable communications immediately upon activation of the COOP.
  • 26. d. Test, Training, and Exercises The DoEE Under Secretary of Facilities and Logistics is ultimately responsible to the Secretary of DoEE for a comprehensive and practical COOP. The Under Secretary of Facilities and Logistics shall ensure the DoEE is properly equipped and trained to execute the DoEE approved COOP plan. The DoEE COOP Coordinator will execute quarterly training exercises to test the personnel no notice notification and recall capabilities of the COOP. The entire DoEE COOP plan shall be executed annually to include testing of the relocation components of the COOP plan. The Under Secretary of Facilities and Logistics is responsible to the Secretary of DoEE for the following actions: (1) Individual and team training of agency COOP contingency staffs and emergency personnel to ensure currency of knowledge and integration of skills necessary to implement COOP plans and carry out essential functions. Team training should be conducted at least annually for COOP contingency staffs on their respective COOP responsibilities; (2) Internal agency testing and exercising of COOP plans and procedures to ensure the ability to perform essential functions and operate from designated alternate facility(ies). This testing and exercising should occur at least annually; (3) Testing of alert and notification procedures and systems for any type of emergency at least quarterly; (4) Refresher orientation for COOP contingency staffs arriving at an alternate operating facility. The orientation should cover the support and services available at the facility, including communications and information systems for exchanging information if the normal operating facility is still functioning; and administrative matters, including supervision, security, and personnel policies; and, (5) Joint agency exercising of COOP plans, where applicable and feasible. COOP PLAN MAINTENANCE The DoEE COOP plan shall be reviewed and recertified annually by the Under Secretary of Facilities and Logistics. The COOP Coordinator is responsible to the Under Secretary for coordinating with all affected agency components. Additionally, the COOP Coordinator is responsible for coordinating with the alternate relocation facility to schedule site visits and training for exercises and real world events. J. TECHNICAL STANDARDS Once the new comprehensive Human Resource Management Solution entitled IRIS increment 1.0 is delivered; DoEE will need a life-cycle sustainment plan and execution strategy. Life-cycle sustainment planning and execution seamlessly span a system’s life cycle, from Materiel Solution Analysis to disposal. The life-cycle plan should translate the provider’s capability and performance requirements into a tailored product support strategy to achieve specified and evolving life-cycle product support availability, reliability, maintainability, integrated diagnostics and testing and affordability parameters.
  • 27. (Sub-Contractor) proposes an In-Service Engineer Agent (ISEA) technical approach which is flexible, performance-oriented and reflects an evolutionary approach to accommodate modification, upgrades and technical refreshes. The ISEA engineer roles will be in compliance with the requirements identified in the DoEE Statement of Objectives. We propose to provide 100 percent sustainment support for the IRIS increment 1.0 solution. Our cradle to grave approach support includes the design, implementation and transition planning services for all IRIS revision and replacements, augmentation and technical refreshes. Technical Approach - We propose using a management agile approach for the sustainment portion of the system life-cycle versus the traditional System Development Life Cycle (SDLC) approach used during initial IRIS system development. The agile approach is a popular software development approach based on values, principles and core practices. The (insert Sub Contractor Name) will execute the four key values of communication, simplicity, feedback and courage during sustainment software upgrades, technical refreshers and augmentations. In using the management agile approach, we will identify system requirement updates through multiple exploration avenues to include the change management process, help desk service escalation tier process and security upgrade requirements. The second phase of the agile approach referred to as planning the our system analyst and project managers will employ numerous tools to understand the customer upgrade and technical refresh requirements and determine a time frame to deliver solutions. Once we have gathered all software requirements to include Human Computer Interaction (HCI) requirements and analyzed software needs use the data to design and test a software prototype for demonstration. In the third phase of the agile management process iterations to the first release, we will work closely with the users to apply software feedback toward the final upgrade or technical refresh solutions. In the fourth phase of the agile process we will release an upgrade software solution for implementation for the IRIS system. Out technical engineers, trainers and project consultants will be on hand to provide user acceptance training and document any issues or problems discovered during implementation. The final phase of the agile management approach we will provide management and technical oversight to ensure the system is kept running smoothly for operation. Technical engineers are available through the help desk escalation tier process to ensure software issues are researched and resolved as soon as technically possible through patches or upgrades. We will develop a life cycle sustainment plan to identify sustainment and maintenance concepts. The life cycle sustainment plan will identify program performance metrics to ensure metrics to measure system availability, reliability and mean down time are evaluated management Overview of the program support strategy The ISEA sustainment and technical refresh activities will require various staffing to develop, design and sustain the IRIS system. We estimate upgrades and technical refreshes pending design complexity will take approximately 4-months from requirement gather phase to implementation and sustainment phase.
  • 28. Full-Time Equivalent (FTE). The table below identifies estimated efforts of Full-Time Equivalent (FTE) days in months for future upgrades and technical refreshes. Role Number of Staff Required 1 Human Resource SME Project 1 Consultant Project 1 Engineer Project 1 Manager DBA 1 Software 2 Engineer Software 2 Tester Administrator 1 Assistant Training 1 Instructor Data Entry 2 Clerk Technical 1 Writer Figure 1 Full –Time Equivalency First Month 5.5 Second Month 5.5 Third Month 5.5 Fourth Month 5.5 Total 3.0 3.0 3.0 3.0 12 6.5 6.5 6.5 6.5 26 7.5 7.5 7.5 7.5 30 7.5 6.0 7.5 6.0 7.5 6.0 7.5 6.0 30 24 4.0 4.0 4.0 4.0 16 15 15 15 15 60 - - - 15 15 15 15 15 15 60 5.0 5.0 5.0 5.0 80 22 TECHNICAL BASELINE MANAGEMENT Once the new comprehensive Human Resource Management Solution entitled IRIS increment 1.0 is delivered; DoEE will need an affective configuration management plan and execution strategy. Logical network documentation refers to the direction data actually flows on the network within the physical topology. In today’s network environments data flow, logical diagrams include such network elements as network domain architecture, server roles and protocols. Configuration baseline management planning and execution is an integral part of system documentation because it provides a basis to monitor the overall performance of the system. Specifically, baseline is a measure of system performance that indicates how well the system is operating. The purpose of a baseline is to provide a basis for comparison. For example, a comparison of performance can be made between system performance to compare the system baseline information at a time when the system is having a problem against information recorded when the system was operating correctly. Ideally baseline comparisons help to determine if the system has a problem, such as degrading performance, and how significant that problem is and how it impacts users.
  • 29. The correct baseline management strategy should translate to improving system performance support and life-cycle product support to include availability, reliability, maintainability, integrated diagnostics and testing and affordability parameters. Creative Computing Inc proposes using our partner, Software Technology Support Center Inc as an InService Engineer Agent (ISEA) to provide a full service configuration management baseline management technical approach. The full service configuration management service will include the establishment of a set of living documents and databases to establish the initial baseline of the IRIS increment 1.0 system. In addition, our proposal includes establishing control changes to baselines as the system definitions mature. Our baseline management approach ensures baseline management is achieved by placing the “baseline” under configuration control. This process is universally known as Configuration Management and differs from document control in that it further specifies which of the many controlled or authorized documents are currently applicable. Our approach ensures configuration management maintains the “traceability” attribute of the system requirements called configuration control. Configuration control ensures known changes are tracked and funded prior to implementation. Our technical baseline approach will include the functional allocations that define the Work Breakdown Structure that drives cost and schedule planning. Our project consultants will coordinate with our partner’s system engineer functions to control the scope and schedule baselines and ensure they are separate and distinct from the technical baseline. We will use experienced configuration management and software developers professional to select the best software to complement the Human Resource Management Solution entitled IRIS increment 1.0. Our management approach includes stringent document control controls and dissemination documents. Managed baseline documents must be retained in some sort of document control system, either local or external. This function might be given to any part of a project team, including the SE function, and may control many more documents than just those baselined. The ISEA Baseline Management will require various staffing to develop, design and sustain the IRIS system. We estimate configuration managements is an ongoing process and will exist for the length of the system. Full-Time Equivalent (FTE). The table below identifies estimated efforts of Full-Time Equivalent (FTE) days in years for configuration management. Role Human Resource SME Project Consultant Configuration Manager Configuration Specialist Level 3 Number of First Staff Required Year 1 66 Second Year 66 Third Year 66 Fourth Year 66 Fifth Year 66 Total 1 36 36 36 36 36 180 1 240 240 240 240 240 1,200 1 240 240 240 240 240 1,200 330
  • 30. Configuration 1 240 Specialist Level 2 Configuration 1 240 Specialist Level 1 Project 1 90 Manager DBA 1 90 Software 1 72 Engineer Software 1 48 Tester Data Entry 2 180 Clerk Total 12 1,542 Figure 1 Full –Time Equivalency 240 240 240 240 1,200 240 240 240 240 1,200 90 90 90 90 450 90 72 90 72 90 72 90 72 450 360 48 48 48 48 240 180 180 180 180 900 1,542 1,542 1,542 1,542 7,710 Equipment Requirements Equipment & Software Licenses AccuRev 4.5 Software Configuration Management Tools Enterprise Edition e Microsoft Project Quantity Unit Cost Total Cost Description 1 $1,495 $1,495 AccuRev® provides enterprise software configuration management (SCM) and architecturally enabled process model optimization for highly distributed application development. AccuRev's awardwinning SCM architecture has been designed specifically to simplify complex parallel development projects, ensuring optimal team collaboration, outsourcing models, software asset reuse, and time to market that far exceeds the capabilities of legacy SCM tools. 12 $934.49 11,213.88 AccuRev forms the core of a true best-ofbreed application lifecycle management (ALM) solution, with unique capabilities which enhance and extend complementary development tools. This provides you with maximum control by offering the flexibility to choose the best lifecycle tool for your unique requirements, versus being locked in to a tool offered by a single-vendor suite. The result is an ideal mix of productivity with traceability and auditing for distributed and parallel projects and teams of all sizes. Part Number: H30-04073 Royal ID: H30-04073
  • 31. Dell PowerEdge Servers Server R420 1 $1,601.0 0 $1,601.00 6 Dell XPS 10 Tablet Laptop & Tablet $500.00 $3,000.00 Manufacturer: Microsoft Version: OLP Dell PowerEdge Servers; Get an energyefficient, dense 1U server for your applications with the PowerEdge™ R420, featuring next-generation processing and flexible I/O Windows RT means the Dell XPS 10 is instantly on and always up to date with connected standby, so your mail and apps stay in sync and are ready when you are. The Dell XPS 10 also comes with Office Home & Student 2013 RT built in, so you get all the productive power of Word, Excel, PowerPoint, and OneNote included, and a whole world of new apps available from the Windows Store. The Dell XPS 10 works exclusively with apps from the Windows Store (but not other desktop apps). Creative Computing presents the following Other Direct Costs (ODC) in order to enhance our capabilities to develop, implement and sustain IRIS increment 1.0 1. 2. Total ODC Travel for Year (1) through Year (5) is $225,000 2. Total ODC cost for miscellaneous equipment and materials is $775,000. 3. Creative Computing propose total ODC cost for the duration of this contract is 1,000,000. 4. ODC breakout cost listed below: Travel & Per Diem Total Staff Total Trips (5) years Year (1) Year (2) Year (3) Year (4) Year (5) Total Training Project Managers Project consultants Miscellaneous Travel Total Travel Expense 5 2 10 5 $40,000 $10,000 $15,000 $10,000 $15,000 $10,000 $15,000 $10,000 $15,000 $10,000 $100,000 $50,000 2 5 $10,000 $10,000 $10,000 $10,000 $10,000 $50,000 1 5 $5,000 $5,000 $5,000 $5,000 $5,000 $25,000 10 27 $65,000 $40,000 $40,000 $40,000 $40,000 $225,000
  • 32. Miscellaneous Equipment & Materials Training Materials Year (1) Year (2) Year (3) Year (4) Year (5) Total $100,000 $15,000 $15,000 $15,000 $15,000 $160,000 Equipment Maintenance & Repairs $100,000 $100,000 $100,000 $100,000 $100,000 $500,000 Miscellaneous ODC Cost Total Miscellaneous ODC $23,000 $23,000 $223,000 $138,000 $138,000 $138,000 $138,000 $775,000 K. $23,000 $23,000 $23,000 $115,000 Prepare training materials for students. Includes developing, reproducing and shipping costs. Provide costs to repair computer equipment in direct support of IRIS implementation and sustainment. Miscellaneous ODC cost in support of ASSUMPTIONS Creative Computing intends to meet all the program requirements, specifications and instructions identified in the DOEE Statement of Objectives. Creative Computing will identify any technical constraints or shortfalls discovered during system development through feedback with the government Subject Mater Experts (SME) and the Contracting Officer Representative (COR). Additionally, Creative Computing will promptly notify the COR of any constraints discovered during system implementation. Finally, Creative Computing will notify the COR of any constraints discovered sustainment and operations activities. PROGRAMMATIC CONSTRAINTS Creative Computing does not have or anticipate any programmatic constraints based on the DoEE solicitation DOEE-2013-R-0001 GOVERNMENT FURNISHED EQUIPMENT (GFE) Based on the Statement of Objectives identified in solicitation DOEE-2013-R-0001 the Government will provide GFE. Creative Computing will identify in our proposal all equipment costs whether other direct costs or direct costs, required in support of IRIS implementation.
  • 33. GOVERNMENT FURNISHED INFORMATION (GFI) Creative Computing Project Manager will work with the Government COR for access to DoEE reference documents to support this contract effort. Creative Computing understands the Government does not warrant the validity or accuracy of any material unless otherwise noted. Creative Computing reserves the right to notify the Government of any issues or concerns negatively affecting the development or implementation due to incomplete or invalid GFI received from the Government. OTHER PERTINENT INFORMATION OR SPECIAL CONSIDERATIONS a. Identification of Potential Conflicts of Interest (COI): Creative Computing and its subcontractors will meet COI reporting requirements in accordance with FAR Subpart 9.5. b. Identification of Non-Disclosure Requirements: Creative Computing will require all of its staff and/or subcontractor to execute and submit an Employee/Contractor Non-Disclosure Agreement form prior to starting work on this contract effort. We acknowledge receipt of the SF33 in Section I of RFP. c. Government Badge: Creative Computing will work closely with the Government COR to obtain Security forms for completion by all staff member and/or subcontractors to obtain required Secret Clearances. Creative Computing will ensure all forms are properly completed and submitted prior to the start of the contract. We acknowledge and understand the requirements of obtaining a clearance for access to the Government facility. d. Contract Type: Creative Computing acknowledges and understands our contract will be awarded a hybrid of firm fixed price (FFP), cost-plus incentive fee (CPIF) and cost reimbursement (CR). We accept the terms of the award as an indefinite delivery, Indefinite Quantity (IDIQ) per the (FAR), section 16.501 and the distribution of incentive fee pursuant to the incentive fee plan in effect at award. e. Enterprise Software Initiative/COTS Software: Creative Computing will verify the organic availability of COTS software at the Enterprise Software Agreements web site (www.esi.mil) prior to any new procurement activities. Creative Computing will coordinate with the Government PMO to determine if needed software is available for use in support of IRIS. Creative Computing acknowledges it will manage all warranties for repair items delivered in support of the IRIS implementation effort. Creative Computing will act as the intermediary on warranty issues between the Government and the warranty provider on any third party delivered products or services. Finally, upon contract completion shall transfer any remaining warrantee rights for delivered third party products or services to the Government.
  • 34. L. INFORMATION ASSURANCE APPROACH Creative Computing, Inc. will be responsible for all the Information Assurance requirements during the design, acquisition, installation, operation stage. All system will be in compliance with all federal, state, and DoD policies, guidelines, and standards as addressed. Creative Computing, Inc. will be responsible for all the Information Assurance requirements during the design, acquisition, installation, operation stage. All system will be in compliance with all federal, state, and DoD policies, guidelines, and standards as addressed in table L-1. 1.1 System Security Plan Approach The DoEE Human Resource Management System (HRMS) will provide web access to the customers to preform daily task such as time sheet and performance evaluation. The HRMS will follow the Information Assurance Support Environment (IASE) – Defense Information Systems Agency. The following are the minimum required Security Technical Implementation Guide (STIG) that will be followed: 1. Application Security a. MySQL b. Apache c. Internet Explorer d. Anti-Virus e. Microsoft Office 2010 f. Java Run Environment (JRE) g. .NET Framework 2. Operating System a. Windows 7 b. Windows 2008 R2 3. Network a. Router / Switches b. IDPS c. IPSec VPN d. Firewall & IPS/IDS 1.2 IRIS Security Environment The sensitivity of PII information on the database the servers will be maintained in a secure lock location at the Department of Everything Else Head Quarters. The minimum three layer of security environment Operating System (Services Layer & Files Layer) 1.2.1 Services & File Layer
  • 35. The security of the Services in the Operating System will be secure from unauthorized personnel. The following are the minimum procedures for the IRIS system 1. All hardware and Operating System will have password enabled and meet DISA requirements in complexity. 2. The MySQL Server and Apache Server must be located in two different server for security protection. The sensitivity of the information input to the database will be secured in the DoEE HQ facility. 1. All data extracted for achieve will be process by DoEE Employee. 2. All contractors and subcontractors will not be authorized access to DoEE PII information without DoEE writing prior approval. 1.3 IRIS Certification and Accreditation To maintain IRIS Certification and Accreditation, Creative Computing, Inc. will maintain all system up-to-date and secure at all time by following Department of Defense (DoD) Information Assurance Certification d Accreditation Process (DIACAP) DoD 8510.01 instruction. The following are the update system of IRIS. System Update Period Windows 7 Professional Updates Every Tuesday *daily zero day update* Windows 2008 R2 MySQL 5.0.x Updates Every Tuesday *daily zero day update* Latest MySQL update PHP 5.5.x Latest PHP 5.5 update Apache 2.4 Latest Apache 2.4 update All system update and modification will be in a conducted in a controlled environment before deployment to Department of Everything Else. All system will be documented and approved by the Information Assurance Officer, Project Manager, and DoEE HR manager. 1.4 IRIS Management Plan All Creative Computing, Inc. employees and subcontractors will meet all Department of Everything Else training and Department of Defense training as per DoD Manual 8570.01-M 1.4.1 Security Clearance Requirements All relevant Creative Computing, Inc. employees and subcontractors will at a minimum a Secret security clearance. If Department of Everything Else requires specific clearance higher than Secret will be provided. Creative Computing, Inc. and subcontractors is responsible for all clearance requests and updates.
  • 36. 1.4.2 Security Login Processing All relevant Creative Computing, Inc. employees must utilize users names and password with proper authorization. After first login, employees must immediately modify their temporary login passwords, and remain their passwords secrecy until their relevant login rights void by relevant proper authority. 1.4.3 Secrecy Agreement All relevant Creative Computing, Inc. employees must sign secrecy agreement before they formally perform their jobs. Relevant secrecy agreement remain validity until it is naturally expire, modified by proper authority, or within three years after employment termination. 1.4.4 Staffing All relevant Creative Computing, Inc. employees must return relevant HRIS materials, account login user names and passwords to relevant HRIS administration manager before their positions transferring and termination. M. TRAINING Creative Computing, Inc. will develop, implement, and sustain training capabilities for IRIS throughout the duration of the contract. The training for DoEE HRM and HRIS employees will begin approximately 30 days prior to IRIS’s completed implementation. Creative Computing, Inc personnel will provide onsite one-on-one training at DoEE Headquarters. There will also be a one day group class session with duration of 8 hours to familiarize users with IRIS. The class sessions will provide hands on activities with IRIS for DoEE employees. Each employee will be provided with one three-ring loose leaf binder manual at the beginning of the class. In addition, Creative Computing, Inc. will provide an electronic manual that DoEE can place on its Intranet. In the event of any updates to IRIS before the end of contract such as new features, webinars will be conducted through the end of contract. DoEE personnel will be granted access to Creative Computing Inc.’s webinars, online support, discussion forums, and manuals after the end of contract. N. END OF CONTRACT TRANSITION For this transition, Creative Computing, Inc will maintain its existing staff on-site throughout the transition period. No additional staffing requirements are anticipated to complete the transition to DoEE HRM and DoEE HRIS personnel. The transition is expected to take 60 days to complete. Immediately prior to the transition, Creative Computing Inc. will stand up its transition team in order to facilitate the activities necessary for successful transition. DoEE should have its staff on site at the beginning of the 60 day transition period and will establish a similar team to work with Creative Computing, Inc. to coordinate the contract’s complete transition.
  • 37. Creative Computing, Inc. will work closely with DoEE HRM and DoEE HRIS personnel, throughout the duration of the contract, to ensure accurate transfer of information. Creative Computing, Inc. will make the following recommendations: • • • Organize formal and informal discussions with DoEE HRM and DoEE HRIS personnel regarding the steps forward of IRIS. Provide direct and remote access for DoEE personnel to procedural documents and processes prepared and used by the Creative Computing, Inc. Facilitate the transfer of full custody and/or ownership of assets and contract materials to DoEE personnel. Transition Team Organization The following chart illustrates the transition team members from Creative Computing Inc. and DoEE; as well as the roles and responsibilities of each team member. Organzation Title Roles/Responsibilities CC Inc. Transition Project Manager Work with DoEE PMs to coordinate and schedule all transition activities; provide weekly reporting on transition progress; ensure all applicable property and tools are included as part of transition CC Inc. IT Transition Lead Ensure all IT activities are completed during transition; document all IT processes, tasks, and activities for transition to DoEE CC Inc. Configuration Manager DoEE Transition Project Manager Work with CC Inc. PMs; ensure all transition deliverables are received and understood; identify any gaps in transition activities DoEE Contracting Officer Responsible for overseeing all contract actions and deliverables; responsible for ensuring accountability on all funding and budget items pertaining to the contract DoEE. IT Transition Lead Ensure continuity of all IT activities throughout transition; ensure receipt of adequate IT documentation of all processes, tasks, and activities DoEE Configuration Manager Ensure all training documentation received addresses all planned training items; ensure standardization of all transitioned documentation DoEE Transition Project Work with CC Inc. PMs; ensure all transition deliverables are received and understood; identify Ensure all training documentation is complete; ensure completion of user and technical manuals; ensure all documentation is in accordance with DoEE standards; ensure proprietary materials are not part of transition
  • 38. Manager any gaps in transition activities WorkForce Transition All Creative Computing Inc personnel will remain on-site to perform their transition activities until such time that the transition is completed and approved by all parties. DoEE will ensure its required personnel are on site 60 days prior to transition completion. This will allow adequate time to perform all transition activities. Work Executing During Transition Throughout the transition of this contract, work will continue to be performed by Creative Computing, Inc. in accordance with the approved project schedule and work breakdown structure (WBS) in place. The transition management team will ensure that DoEE personnel work alongside their Creative Computing, Inc. counterparts; however, DoEE will maintain all responsibility for tasks and deliverables. At the end of the 60 day transition period, and upon transition approval, DoEE will assume full responsibility for all tasks and deliverables. SubContracts The following chart illustrates the subcontracts in place which are in support of DoEE’s IRIS activitiy. These subcontracts apply to third party tasks to ensure all required cabling and facilities functionality is in place to support the PayBase project. Subcontract # Awarded To Tasks 11-10010 CableQues Perform cabling work within datacenter to support t PayBase database functionality 11-10020 BuildTech Build out existing data center facility to house additional servers to ensure PayBase database functionality Government Furnished Equipment (GFE) As part of this transition, all GFE provided to Creative Computing Inc. under the IRIS contract will be turned in to the government upon completion and approval of the transition phase. GFE includes laptops, computers, all PEDs, flash and external hard drives, and employee ID badges. All electronic devices will be re-imaged by government IT personnel and re-issued to appropriate DoEE personnel. Intellectual Property Per the IRIS contract, all intellectual property which is a direct result of work on the contract deliverables will be transitioned to DoEE in order to ensure the successful completion of the
  • 39. project. The contract pricing takes intellectual property into consideration and as such, any resulting intellectual property will be owned by DoEE. User Accounts and Passwords As part of the contract transition, various user account accesses and authorizations must be created and disabled. Currently Creative Computing, Inc. personnel listed in the chart below possess the user accounts and access necessary for contract deliverables. The listed DoEE personnel will be granted access on the first day of the contract transition phase. Once transition is complete and approved, all Creative Computing Inc. personnel’s user accounts will be disabled. User Account Creative Computing Inc. DoEE SAP Master User IT Transition Lead and Configuration Manager IT Transition Lead and Configuration Manager Database Administrator IT Transition Lead IT Transition Lead Customer Intranet Master User Transition PM and IT Transition Lead Transition PM and IT Transition Lead Knowledge Transfer For this transition, knowledge transfer will occur over the entirety of the 60 day transition period. The knowledge transfer will take place via various methods. The incumbent PM will coordinate two formal classroom tranining sessions to be conducted by incumbent IT Transition Lead. These sessions will focus on the specific IT concerns related to the database activities. The incumbent PM will coordinate two formal classroom sessions to be conducted by the incumbent Configuration Manager. Theses sessions will cover documentation requirements and organizational processes and assets. These sessions will be completed no later than 15 days prior to the end of the 60 day transition period. Additionally, all DoEE HRM and HRIS personnel will work alongside their Creative Computing, Inc. counterparts throughout the 60 day period in order to gain familiarity with the database, tools, processes, and organizational assets. The PMs from Creative Computing Inc. and DoEE will meet no later than 10 days prior to transition completion in order to determine if any further training or knowledge transfer is required. Handover and Acceptance DoEE will make the determination of when transition is completed and will provide formal acceptance indicating such. To do this, DoEE’s transition PM will utlilize the established transition checklist in order to determine that all activities associated with the transition have been completed. The DoEE’s transition PM will also meet with the transition PMs from Creative Computing, Inc. to ensure that all concerns and issues have been met and addressed appropriately. Once the DoEE’s transition PM has formally accepted the transition, the checklist and supporting documentation will be signed and accepted by the DoEE’s project sponsor and human resources director. The last step is the formal acceptance and signature of the DoEE’s
  • 40. contracting officer representative. It is only after all of these approvals and signatures are in place that the transition will be considered complete. O. PROJECT AND DEVELOPMENT SCHEDULE L.5.1.3 (TAB C) HOSTING (OPTIONAL) HOSTING Creative Computing Inc. will utilize the Defense Information Systems Agency’s solution for hosting. A. PROPOSED HOSTING SOLUTIONS B. HOSTING CONFIGURATION APPROVAL C. HOSTING SCHEDULE D. ESTIMATED HOSTING COST L.5.1.4 (TAB D) SMALL BUSINESS SUBCONTRACTING Small Business Participation Plan Background Creative Computing’s inception and development is the direct result of the Federal government’s investment in requiring the use of small businesses. Our company recognizes the tremendous opportunity the Federal government extends to small businesses and we are glad to present this small business plan as a key component of our proposal submission. Small Business Plan Requirements Creative Computing, in accordance with solicitation DOEE-2013-R-0001 will outsources no less than 22% of the contract value from the overall contract award value. Creative Computing will only award outsourced/subcontracted projects to small businesses currently registered with the Defense Central Contractor Registration (CCR). Creative Computing will review no less than two proposals from qualified vendors for each project or task to be outsourced with the goal of awarding no less than 4 to 5 percent of the overall contract value to the following small business categories: Small Disadvantaged Businesses Woman-Owned Businesses Veteran-Owned Small Businesses
  • 41. Service Disabled Veteran-Owned Small Businesses HUBZOne Small Businesses Proposed Small Business Plan The following small businesses have all proven through other partnership opportunities with Creative Computing that they bring critical technical and professional capabilities to ensure success of the IRIS implementation project: NJVC, LLC CAGE#: 1TCQ2 DUNS#: 008385903 Location: Chantilly, VA Categories: Minority Owned Business, Native American Owned STSC SCIENTIFIC & TECHNOLIOGICAL SOLUTIONS COMPANY, INC CAGE #: 3FT40 DUNS#: 131659661 Location: Duluth, GA Categories: Minority Owned Business, Service Disabled Veteran Owned Business, AsianPacific American Owned, Veteran Owned Business. TELESOLV CONSULTING LLC CAGE #: 6WAS8 DUNS#: 033312643 Location: Washington, DC Categories: Minority Owned Business Veteran Owned Business, Black American Owned, SBA Certified Hub Zone Firm, Self-Certified Small Disadvantaged Business
  • 42. M & M TECHNICAL SERVICES CAGE #: 1F6P9 8 DUNS#: 033312643 Location: Washington, DC Categories: Woman Owned Business, Woman Owned Small Business, Black American Owned, SBA Certified Hub Zone Firm, Self-Certified Small Disadvantaged Business , Economically Disadvantaged Women Small Owned Business. Total Percentage/Dollars planned for Large Business $_________ ___78___% Total Percentage/Dollars planned for Small Business $_________ ____22___% Total $_________ ___100__% COST/PRICE L.5.3 (TAB A) FINAL SOLICITATION, OFFER AND AWARD Creative Computing Inc. (CCI) is pleased to present this Final Solicitation, Offer and Award proposal to develop and implement a Human Resource Management solution entitled IRIS increment 1.0. This proposal is being submitted in response to DoEE Solicitation 2013-R-0001. Creative Computing based all cost proposal estimates based on the Period of Performance (PoP) outlined in the DoEE solicitation for this effort Base Period 5 December 2013 thru 28 February 2014 and Option (1) 1 March 2014 thru 30 April 2015. This proposal will be valid for 30 days from the date of this proposal. A summary of proposed cost are listed below. A detail breakdown of costs to include staffing and bill of material are provided in Attachment A of this proposal. Total Price Summary (Attachment A)
  • 43. Attachment A presents all the rolled-up costs for this proposal. This excel spreadsheet shows the staffing, bill of material, and travel cost to develop and implement the Human Resource Management solution entitled IRIS increment 1.0. Type of Cost Staffing Amount $2,387,874.96 BOM Travel Indirect Cost (G & A) Proposal Preparation Cost Proposal Amount . Indirect Costs $203,103.03 $37,000 $525,595.60 $10,000 $3,163,573.59 Creative Computing uses a flat G & A rate of 20% as part of a three-tier method for the calculation and application of indirect costs. The flat rate is a result of a three tire indirect rate cost which include Company site fringe rate, company site overhead rate and other G & A expenses. The indirect calculation rates will be submitted to DCMA if awarded offer for this proposal is accepted. Proposal Preparation In accordance with requests made by the NGA IT/IS Program Team NJVC classifies this proposal to be of “Medium” size and proposal costs are estimated at $10,000. APPENDIX A: RESUMES ALBERT H. KAUFMAN Portland, Oregon albertkaufman@gmail.com OBJECTIVE Seeking a full-time position in Portland, Oregon (or virtual position) in software testing and/or social networking/marketing. 15 years of QA experience, especially strong on web-based systems. TECHNICAL SKILLS INCLUDE • • Windows, MAC and Linux operating systems Software: MS Office Suite, MS VSS, WordPress, Firefox
  • 44. • Databases: Have used and been admin for various bug-tracking databases – currently using Jira • Testing Tools: HP Test Director, Gomez, Stormcloud • E-marketing, viral-marketing, website optimization, writing and research • For an example of a social networking plan I’m implementing, please visit http://albertideation.com/wileyware PROFESSIONAL EXPERIENCE Altres – Portland, Oregon, Quality Assurance Lead Tester 5/11-Present Testing HR and other systems for a Hawaiin-based company. Working closely with a small group of developers on system upgrades and new features. Performing a variety of types of testing. Tools: MS Office Suite, mostly Excel; all current browsers; Environment: Waterfall development setting with multiple development projects coming down the pipeline at any one time. ISITE Design – Portland, Oregon, Quality Assurance 9/10-3/11 Used the latest development tools such as Sitecore, Ektron, Drupal & WordPress CMS’s, Jira bug-tracking software, and the Microsoft Office Suite to plan, test and track large-scale web projects including screen validation, functionality, user-experience and cross-browser testing. Albertideation – Portland, Oregon, Owner 10/08-present. Support clients to further their business goals through social networking sites such as Facebook, Twitter, Linked-in, Biznik, etc. Help clients with website optimization, design and promotion. Please see: http://albertideation.com/clients/ for current client list. Skills for Success – Portland, Oregon, Marketing Director 11/07-11/08. Promoted staff presenters locally and regionally using social-networking (Web 2.0) and marketing techniques. Bonneville Power Administration – Portland, Oregon, QA Engineer 4/06-10/07. Software requirements review and analysis. Tested web-based billing system as part of a multi-million dollar development effort. Tested two bill-archiving systems. Led team effort through software upgrades and a server and data migration including work with SQL Server. Directed and managed product end-users and coordinated with development and project management. Wrote test plans, test scripts and delivered documentation. Utilized HP Testing Tool Suites such as: HP Quality Center (QC). EFI – Vancouver, WA, QA Engineer 4/05-10/05. Tested high-end Xerox printer/copier/scanner and Splash server in a team environment. Focused on printer driver, install, and configuration. Used Siebel’s defect tracking software and performed regression in a cross-platform environment.
  • 45. Vanteon/HP – Vancouver, WA, Software Team Lead 11/04-4/05. Tested HP printers on Mac platform. Installed and tested firmware, and performed localization and configuration testing. Tracked and regressed defects. Oswego Group – Beaverton, OR, Software Tester 5/04-10/04. Tested Nike’s Custom Catalog Creation Software using black-box testing. King County, Housing and Community Development. Seattle, WA, Contract Administrator 4/01-5/02. Administered the Federal county-wide housing programs. Reviewed and administered multi-million dollar housing contracts including site visits. Consultant, Seattle, WA, 5/00-3/01. Supported multiple software-related projects as well as neighborhood planning implementation, website creation and maintenance. Acadio Corporation, Seattle, WA, Software Test Lead 9/99-2/00. Tested e-commerce site acadio.com. Hired and managed test team, participated in management meetings, estimated project testing requirements and equipment needs. Administered defect tracking tool. Utilized tools that were the precursors to Quick Test Pro, WinRunner, and Load Runner. Emercis Inc., Seattle, WA, Test Engineer 2/99-8/99. Tested Catalog Server application, which enabled creation of mid-sized company stores on the web. Sites based on SQL Server 7.0, IIS, Java, VB, NT and MS Site Server. Testing involved load-testing, functionality, UI, various software update scenarios and base file changes. Microsoft Consulting Services/Applied Technology Division, Bellevue, WA, Lead Tester 7/98-12/98. Tested Boeing/Microsoft database application involving HPCs and PCs running W95, NT and CE 2.1, SQL Server 6.5, IIS 4.0, and Access as well as other technologies. Trained Boeing employees on application. bSquare, Bellevue, WA, Quality Assurance Engineer 1/98-4/98. Tested localized fax software for HPCs on Windows CE 1.0 and 2.0. Developed functionality and localization test scripts for two products: bFAX Express and bFAX Pro. Sprynet/Compuserve, Bellevue, WA, Quality Assurance Engineer 5/97 to 10/97. Created test plan and thoroughly tested Sprynet account creation products on Windows and Mac platforms. Also tested Javachat tech support application, MS Exchange Server Administration tool, IE4 and a dual Sprynet/CompuServe account creation vehicle. Device Guys, Inc., Bellevue, WA, Quality Assurance Engineer 3/97 to 5/97. Tested Sharp MFP (multi-functional peripheral). Trained team in setup of hardware and software for testing purposes. Focused on printer driver, installation, scanning, copying and networking issues. Microsoft, Redmond, WA, Quality Assurance Engineer 10/96-3/97. Tested localization and functionality in German and Japanese on IEAK 3.2 (Internet Explorer Administration Kit). Localization team member for MS Commerce Server as well as Active Payment and Address
  • 46. Control for Netscape and Internet Explorer. Used manual and automated tests to check product functionality. Keane, Inc., Seattle, WA, Windows 95 Technical Support Specialist 9/95-6/96. Provided technical support on all aspects of Windows 95. Supported NOW Software products Contact and Up-to-Date. Ruschke & Partners, Munich, Germany, Executive Secretary/Trainer 1991-1994. Managed office, maintained database, translated and wrote correspondence for two German patent attorneys. Created Mac network and trained office on development and use of system. EDUCATION Master of Arts, Political Science, Rutgers University, 1992 Bachelor of Arts, Political Science, minor: Economics, New York University, 1984 Lisa Phillips Resume lisa@grrl.org (415) 935-4726 Technical Operations Leader, Senior MySQL DBA • • Extensive experience in implementation and management of internet services to ensure highest levels of system availability and performance globally Demonstrated ability to adapt to changing technologies and methodologies • Excellent interpersonal skills, confident and poised in interactions with individuals at all levels • Dedicated individual with reputation for consistently going beyond what is required 02/2010 – Present Twitter, Inc – San Francisco, CA and Seattle, WA Senior MySQL DBA • • Manage thousands of MySQL database servers in rapidly growing environment Regular resume review and phone screening for senior candidates • Develop and train new members of DBA team to ensure team’s best practices
  • 47. • Implement MySQL HA solutions, including utilization of hardware load balancing and MHA • Create first backup system with off-site backups, documentation and monitoring • Work with peers and executive team to develop company core values in use by Twitter today 04/2009 – 02/2010 Big Fish Games – Seattle, WA Director of IT • • Technical operations team responsible for availability of Big Fish Games sites, providing over one million game downloads a day Corporate IT team and infrastructure in support of 400 employees and offices across 3 countries • Develop and support budget for multiple data centers, CDN, network infrastructure, and corporate software licenses • Successfully plan and finish Fisher Plaza data center migration, executed under duress of fire and flooding 01/2005 – 04/2009 Six Apart Ltd – San Francisco, CA Director of Operations Engineering/Director of Hosted Services/MySQL DBA • • Manage and lead Senior Operations team responsible for performance and availability of major blogging and social network sites totaling 14 million users Collaborate with the Financial Planning, Product Marketing, Engineering and Business Development teams to ensure the development and delivery of superior products, service and support • Develop and track Service Level Agreements both from 3rd party vendors and hosting partners • Deliver weekly operations updates to the rest of the organization, including executive and board review • Work with enterprise clients like Talking Points Memo on hosted blog solutions for high availability • Successfully plan and execute migration of a 120-server data center from Seattle to San Francisco with minimal downtime
  • 48. • Consult with Tokyo-based corporate partner NIFTY Corporation on MySQL software and architecture upgrades 02/2003 – 01/2005 Danga/Livejournal.com – Seattle, WA Senior Systems Administrator • Primarily responsible for Linux systems maintenance, upgrades, security, hardware installation and configuration in a clustered MySQL, Apache and Apache-SSL environment Manage vendors in network bandwidth, hardware, software and support • Maintain, configure and update F5 load balancing equipment to meet constant growth • Responsible for all physical equipment in co-location facility including racking, cabling, labeling, documentation and monitoring • 09/1999 02/2003 Speakeasy, Inc – Seattle, WA Lead Systems Administrator • • Deliver weekly up time and outage reports Design and implement new web and mail hosting architecture • Troubleshoot and upgrade systems and software for web hosted services • Escalation point for NOC team Commercial Webhosting Lead • • Customer Service, Sales, Administration, and Support of commercial web hosting Training, documentation, and policy recommendations to the company • Escalation point for technical domain hosting concerns 09/1997 – 02/1999 Starnet - Tucson, AZ Technical Account Manager • • Consistently meet and exceed sales goals via phone, email Investigate and facilitate customer web solutions
  • 49. • Contribute toward marketing strategies for Internet products Technologies MySQL, Apache, Ganglia, Mod_Perl, Memcached, Mogilefs, Perlbal, CFEngine, Puppet, Heartbeat, Sendmail, Postgresql, SVN, CVS, Majordomo, Nagios, Cricket, Apache-SSL, F5 Bigip, NetAPP, ISCSI, TCP/IP, FTP, NFS, SMTP, POP, IMAP, SSH References available Jeremiah Stevens Active Security Clearance Expires: August 2017 OBJECTIVE Jeremiah Stevens always seeks to provide a broad spectrum of senior-level technical, managerial and security expertise to organizations in order to establish synergetic enterprise visions, homegrown innovations and customer loyalty. SUMMARY Jeremiah is a certified career security professional with a proven record for stepping up to new challenges and getting the job done. With over 10 years of hands-on technical and security experience, he has always ensured projects of high complexity and visibility achieve their objectives and forecasts. His calling is to ensure all milestones are accomplished under budget throughout a project’s System
  • 50. Development Life Cycle (SDLC) while still meeting and exceeding the stakeholder’s expectations. Furthermore, his record of accomplishment has improved security operations at various Commands within the Department of Defense (DoD), the Maryland State Department and other Federal-based agencies. Extensive background in developing, implementing and managing strategic, technical and operational security plans that are aligned with business goals and objectives, diverse security architectures (e.g., people, processes, technology), systematic and structured risk management strategies, as well as properly aligning security programs that meet not only the demands of an entire organization, but are perfectly postured to withstand even the most rigorous of rule, regulation or guideline inspections (i.e., ISO, Command Post Inspection (CPI), Enhanced Compliance Validation (ECV), Inspector General, etc.). Information Assurance (IA) DoD expertise, with emphasis on Federal Information Security Management Act (FISMA) processes to include, but not limited to: DoD Information Technology Security Certification and Accreditation Process (DITSCAP – 8500 series) DoD Information Assurance Certification and Accreditation Process (DIACAP – 8510.01) and National Institute for Standards and Technology (NIST) 800-series special publications. TECHNICAL PROFICIENCIES Proven ability to remain flexible, but task oriented in order to overcome scope creep challenges commonly associated with project development. Successfully lead and obtained Certification and Accreditation (C&A) system and application Authorities to Operate (ATO), through both DITSCAP and DIACAP, on legacy, Research Development Test and Evaluation (RDT&E) and Navy/Marine Corps Intranet (NMCI) networks. Hands-on security experience with the following FISMA C&A processes: System Security Authorization Agreement (SSAA) development, Concept of Operations (CONOPS) development, System Rules of Behavior development, Security Test and Evaluation (ST&E) from both a documentation (i.e., Security Requirements Traceability Matrix (SRTM) and overall risk assessment plan construction) and a technical (vulnerability scanning and analysis) standpoint, Incident Response planning, SDLC planning, DIACAP transition planning, Contingency, Disaster Recovery, and Continuity of Operations (CP/DRP/COOP) planning, Project of Action and Milestones (POA&M) development and execution as well as conducting Privacy Impact Assessments. Familiar with the following security-centric products: McAfee and Norton Anti-virus/Ad-aware, Retina, Nessus, Snort, Host-Based Security System (HBSS), Defense Information Systems Agency (DISA) Field Security Operations (FSO) Gold Disk and Security Readiness Scripts (SRRs). Experienced in implementing, monitoring and troubleshooting the following operating systems and devices: Microsoft XP Workstation, Microsoft NT Workstation / Server, Windows 95/98, Windows 2000 Workstation / Server, UNIX (Hewlett-Packard, Red Hat and SuSE Linux), CISCO firewalls, switches, and routers. Comfortable giving impromptu and planned oral presentations to small, medium and large sized audiences. EDUCATION / CERTIFICATIONS Bachelor of Information Technology in Computer Forensics August 2010 American InterContinental University Hoffman Estates, IL GPA: 4.0 with Summa Cum Laude honors ______________________________________________________________ Associate of Science Computer Science May 2000 Vincennes University Jasper Jasper, IN ______________________________________________________________ Certified Symantec Endpoint Protection 12.1 Administrator October 2012 Prometric Test Center ______________________________________________________________ UNIX SRR Certified July 2012 DISA FSO ______________________________________________________________
  • 51. Web Platform SRR Certified May 2012 DISA FSO ______________________________________________________________ Application Security and Development SRR Certified April 2012 DISA FSO ______________________________________________________________ Symantec Sales Expert+ (Symantec Endpoint Protection) April 2012 Symantec ______________________________________________________________ Certified Information Systems Manager (CISM) February 2012 Certification Code: 1218780 ISACA ______________________________________________________________ Certified in Risk and Information Systems Control (CRISC) July 2011 Certification Code: 1111258 ISACA ______________________________________________________________ Capturing Federal Business June 2011 L-3 Communications – Shipley Associates Reston, VA ______________________________________________________________ CNSS: 4012 – National Standards for Senior System Administrators & April 2011 CNSS: 4015 – National Standards for System Certifiers Norfolk, VA IA2 – SPA ______________________________________________________________ Department of Navy Validator March 2011 Navy Certification Authority ______________________________________________________________ Marine Corps Enterprise Network (MCEN) Validator July 2010 Designated Accrediting Authority, Headquarters Marine Corps, Command, Control Communications and Computers (C4) ______________________________________________________________ Linux+ CompTIA Certified October 2010 Certification Code: LHYCXWLDLG11134T Greenbelt, MD Prometric Test Center ______________________________________________________________ Certified FISMA Compliance Practitioner (CFCP) February 2010 Certification Code: 112998 Columbia, MD FISMA Center ______________________________________________________________ Certified Information Systems Security Professional (CISSP) Training December 2007 Anne Arundel Community College Arnold, MD ______________________________________________________________ Security+ CompTIA Certified September 2007 Certification Code: QNYJKVXBDCFE1YF4 Greenbelt, MD Prometric Test Center ______________________________________________________________ Security+ Accreditation Course: Network Security Fundamentals May 2007 Anne Arundel Community College Arnold, MD ______________________________________________________________ Help Desk Training Course: “Pleasing Your Hard-To-Please Customers” June 2002 Naval Surface Warfare Center Crane, IN ______________________________________________________________ NMCI Customer Service Representative Training (Field Technician) June 2002 Naval Surface Warfare Center Crane, IN ______________________________________________________________ Interconnecting Cisco Network Devices July 2001
  • 52. New Horizons Louisville, KY ______________________________________________________________ Impromptu 6.0 Report Building and Administration May 2001 COGNOS Training Facility Mason, OH ______________________________________________________________ A+ CompTIA Certified February 2001 Certification Code: 4Q96H9ZDJPRQ196E Evansville, IN Automated Office Solutions ______________________________________________________________ HP-UX Systems and Networking Administration June 1999 Hewlett Packard Training Facility Atlanta, GA ______________________________________________________________ Fundamentals of UNIX May 1998 Hewlett Packard Washington, DC ______________________________________________________________ PROFESSIONAL EXPERIENCE Senior Information Assurance Engineer November 28, 2012 - Present DISA/Superlative Technologies (SuprTEK) Ft. Meade, Maryland Apply enterprise level IA best practices and regulations to a wide variety of Defense Information Systems Agency (DISA) projects. Examples: McAfee Host Based Security System (HBSS), Tenable Assurance Compliance Assessment Solution (ACAS), DoD enterprise wide Microsoft Windows Server Update Services (WSUS), and eEye Retina/Retina Enterprise Manager (REM). Provide over a decade of hands-on senior-level subject matter auditing expertise on Operating System, Application, Network, Database, Security Technical Implementation Guide (STIG) requirements. Manually apply STIG settings to each product or underlying OS and test these settings to ensure the project functions as expected in a DISA-approved environment. Maintain several Vulnerability Management Systems (VMS) assets for DIACAP purposes. Function as the “go-to” person for guidance on the Application Security and Development STIG. Cross trained several members of the team on the Security Content Automation Protocol (SCAP) Compliance Checker (SCC) tool. Administer Oracle/Sun Solaris and Red Hat Linux systems within the virtual and physical lab environments. Competed and won the right to become a part of the Symantec End Point Certification program within SuprTEK. Received by-name accolades from our DISA government customer on an enterprise level application that flawlessly passed a critical DISA Field Security Officer (FSO) inspection. Technical Program Manager/Information Assurance Officer May 06, 2006 – November 25, 2012 L-3 Communications and Engility Corporation Maryland Participated in the opportunity assessment and marketing positioning (capture), win strategy development, programming concept refinement, bid development (to include blue, pink, red and gold team reviews), postsubmittal and post-award proposal processes for multi-million dollar contracts. Maintained and managed the National Institute for Literacy/Literacy Information and Communication System project from both a Project Manager (PM) and Information Assurance Officer (IAO) perspective. Prepared annual operating plans and forecasts as well as provided invoice reconciliation and approvals for a Firm Fixed Price (FFP) contract. Successfully obtained six three-year ATOs for the Department of Navy (DON). Participated on an Information Assurance team that not only achieved stellar remarks from the Navy CIO, but also “set the bar” for all other Navy Command Cyber Readiness Inspections (CCRI) from both a technical and documentation standpoint. Function as a liaison for the program managers, system administrators, user representatives and developers to complete an entire C&A package in a timely, professional and organized manner. This includes, but is not limited to: Gathering and organizing technical information about an organization’s
  • 53. mission goals and needs, existing security products, and on-going programs in the security arena. Defining and analyzing security requirements. Designing, developing, engineering and implementing security solutions to achieve business objectives. Performing risk analyses to include, identifying and periodically evaluating information security controls and countermeasures to mitigate risk to acceptable levels as well as reporting significant changes in information risk to appropriate levels of management for acceptance on both a periodic and event-driven basis. Responsible for evaluating ST&E plans, traceability matrices, and residual risk assessments that were constructed based on the instructions presented in FISMA, DoDI 8500.2 (DITSCAP), DoDI 8510.01 (DIACAP) and NIST 800-series publications. These duties include, but are not limited to assisting clients with system security hardening and baseline development, analysis, and auditing as well as analyzing detailed system design documents, network topologies, operational procedures, and other security centric documentation in order to obtain and maintain an ATO in their industry. Develop Standard Operating Procedures (SOP) and related documentation for clients. Examples: Business Impact Assessments (BIA), Computer Incident Response Team (CIRT), Contingency Planning and Information Operations Condition (INFOCON) SOPs. Validate applications through the DON Application and Database Management System (DADMS) process. Prepare and deliver oral IA-focused presentations to technical and non-technical groups. Assist in writing proposals and Requests for Information (RFI) for a wide variety of security-centric projects. Completed an extensive FISMA security assessment for the State of Maryland. Appointed by the Marine Corps Designated Approving Authority (DAA) as a Marine Corps Enterprise Network (MCEN) Validator. Appointed by the Navy Operational Designated Approving Authority (ODAA) as a Navy Validator. Received by-name accolades from our government customer (i.e., Navy Information Assurance Manager) and various government Project Managers (PM) throughout my tenure. System Security Accreditation Lead Apr 2003 – Nov 2005 Tri Star Engineering and SAIC Crane, IN Developed SSAAs for all of Naval Surface Warfare Centers’ RDT&E applications and servers. This included, but was not limited to the construction of Security CONOPS, Certification Test Procedures, Incident Report Planning and Procedures, Maintenance Planning and Procedures, Risk Assessments, Data Flows, Security Procedures, Contingency Plans, Configuration Management Plans, Security Requirements Traceability Matrices and Security Test and Evaluation Plans. Ensured Command wide understanding of the high-level aspects of the DITSCAP (8510.1-M) through oral presentations and on-site visits. Conducted C&A briefings and presentations at beginner, intermediate, and advanced levels of expertise. Mentored a team in order to ensure C&A packages were completed in a prioritized manner. Performed extensive vulnerability scans and penetration tests against every system to ensure FISMA and DITSCAP compliancy. Worked with systems administrators to ensure new hardware that was placed on the RDT&E network was thoroughly scanned for vulnerabilities. Implemented new intrusion detection systems and rules in order to mitigate future risks to the RDT&E network. Investigated, quarantined and resolved intrusions detected on the RDT&E network. Asset Management Lead / Tier III Technician Feb 2002 – April 2003 Tri Star Engineering Crane, IN Analyzed and tracked NMCI assets for billing / inventory purposes. Documented, researched and tested operating system images that were deployed to over 3000 personal computers. This involved extensive testing of applications on multiple platforms. Prepared new user accounts, machine associations and e-mail addresses in Active Directory / Remedy.
  • 54. Analyzed, solved and thoroughly documented complicated network and application errors between two separate networks. (NMCI and RDT&E networks) Provided Tier III Help Desk and Technical Support for a dynamic network with multiple platforms. Functioned as a liaison between end users, Tier I, Tier II and Tier III support. Worked in Tivoli (remote desktop) and Remedy (enterprise logistics management) on a daily basis. Organized and lead weekly team meetings while we transitioned managers. Point of Sales Technician August 2001 KFORCE.com Indianapolis, IN Implemented a Point of Sale system (Windows 2000) for Advanced Auto Parts. Coordinated work instructions effectively with everyone on the project. Systems Analyst July 2000 – July 2001 JOFCO International Jasper, IN Contributed to all aspects of decision, budget and project making within the IT department. Managed a four month, company wide, Internet Protocol renumbering project in order for the company to successfully connect to the Internet. Functioned as a liaison to establish several successful relationships with third party vendors in order to help the company implement major technical projects. Reviewed multiple computer systems capabilities, workflow and scheduling limitations in order to increase productivity. Wrote detailed descriptions of user needs, program functions and steps required to develop a computer program or project. Maintained security and the overall data integrity within the company’s computer systems. Setup Cisco routers, switches and firewalls. Oversaw the implementation of the following products for the entire company: Microsoft NT Workstation and Server, Track-IT!, Microsoft Office, Norton Antivirus, Mdaemon, Arcserve and Diskshare. Night shift Computer Operator Nov 1998 – July 2000 Kimball International Jasper, IN Provided tier one help desk support for a global network. This included, but was not limited to: Assisting users with their password resets, troubleshooting problems on various applications and operating systems, escalating calls when necessary to the tier two support members, and documenting every call in Tivoli for reference purposes. Executed reports on a nightly basis and distributed them to the various departments. Monitored, executed and scripted batch jobs on MVS, Windows NT and UNIX based operating systems. Maintained, installed and tested different applications on Windows 95/98, UNIX, and Windows NT based operating systems. Wrote technical instructions and documents using Microsoft Word TOM BAKER CERTIFIED PROJECT MANAGER 120 Virginia Avenue ♦ San Francisco, CA 94110 (650) 799-0456 ♦ tom_baker@ tommywillb.com ♦ resume.tommywillb.com ROLES & RESPONSIBILITIES Team & Technical Project Management Led small and large teams receiving exceptional employee and customer feedback Certified Project Manager for Web site design, search, content management, and server upgrade projects
  • 55. Led concurrent projects and project teams and delivered results on time Web Application Development 10 years of experience building content-rich web sites; usability and information architecture Technical Design and development of dynamic Web applications; HR job postings and resume collection Implemented and developed with Interwoven TeamSite and other Content Management Systems Infrastructure System Support Supported multi-server clustered Web environments hosted in multiple firewall protected data centers Responsible for hardware upgrades, scale planning, Apache configuration, and production support SKILLS & TECHNOLOGIES Management Tools Microsoft Project Server/Visio/Office/SharePoint/InfoPath, Documentum eRoom, Serena TeamTrack, Intuit QuickBase, Remedy, Brio, Six Sigma/PMI-PMBOK/RUP Process Methodologies Web Application Development HTML, Perl, PHP, JavaScript, ColdFusion, SQL, and Photoshop Interwoven TeamSite/LiveSite/OpenDeploy CMS, Apache, IIS, SunOne, SQL Server, Oracle database, TextPad, BBedit, Dreamweaver, Contribute, Eclipse, Visual Source Safe, CVS, RCS LDAP(S), XML over HTTP(S), SSL, SSH tunnels, multi-network firewalls, and MIME email Web Systems and Infrastructure Apache configuration including VirtualHosts, HTTPS, and redirection Load balancing, log analysis, system uptime and page response time monitoring, and tool development EMPLOYMENT HISTORY THOUGHTMATRIX: December 2007 – Present Palm Inc. –Project Manager/Technical Lead (www.palm.com & euro.palm.com) Managing extension of USA TeamSite implementation out to European operations SAPPHIRE TECHNOLOGIES: June 2006 – November 2007 Charles Schwab & Company – Contract Technical Project Manager (Schweb.schwab.com Intranet) Project Managed $500k Schweb Infrastructure Upgrade project using STech PMO RUP methodologies Guided HR & Schwab Bank business-driven projects through CTO, STech, and TIS GLOW processes Infrastructure Rationalization Solaris to Linux/Windows system simplification and support cost savings Improved offshore request processes for improved productivity and business requestor satisfaction Projects Delivered: Schweb Infrastructure Upgrade RUP Inception and Elaboration project phases Implemented LiveSite business content contributor self-service tool for HR Deferred Compensation Extended LiveSite for use on Schwab Bank and the Schweb Stock Equity Unit Fund sites Upgraded Schweb WebTrends analytics tool to meet CTO technology standards and simplify support Migrating of Schweb Solaris SunOne and TeamSite applications to Apache and Red Hat Linux Initiated Schweb FastSearch upgrade; created initial project plan used by new project manager Updated Schweb infrastructure documentation in MySupport, DCO Portal, and Wipro SMTD's ROBERT HALF TECHNOLOGY: August 2005 - December 2005 Carat Advertising – Contract Project Manager and Web Developer (Carat.com) Project Managed and developed content management for winstarcasinos.com & xmodsrc.com Gumas Advertising – Contract Web Developer (Gumas.com) Web development for various client web sites and advertising campaigns
  • 56. INTUIT INC.: 1995-2005 November 2003 - June 2005 – Technical Project Manager (Intuit.com and TeamSite functionality) Project Managed enterprise system hardware and software upgrades Concurrently managed multiple project teams of 4-8 direct contributors with budgets up to $500k Projects Delivered: Web site redesigns for www.intuit.com and www.turbotax.com Annual scaling of www.turbotax.com for Tax season traffic TeamSite/OpenDeploy upgraded from 5.0 to 5.5 & integrated with Siebel August 2000- June 2005 – Web Development Manager (Intuit.com, Intranet and TeamSite) Managed large team of 22 people; Including Project Managers, Developers/Engineers, and QA Controlled a $1.3 Million budget for staff and hardware; Saved $100k with optimized hardware Led Reorganization to split Project Management, Development, and QA Led Engineering process improvement efforts and contributed to Six Sigma Projects Delivered: Implemented "Rapid Development" and "Custom Development" processes Intuit.com, turbotax.com and Intranet site redesigns and Fulcrum search Internet and Intranet Web servers migrated from Netscape to Apache Implemented TeamSite as enterprise system; Shared by 150+ Intuit Internet/Intranet Web sites Upgraded TeamSite from 4.5 to 5.0; "Self-Service" content updates Internet and Intranet Business Continuity Plans (disaster recovery) October 1995 - August 2000 – Individual Contributor Roles Web Production Lead: Prioritized and assigned development assignments Web Production Specialist: Development of HTML, ColdFusion, Perl applications using TeamSite Contract Web Production Specialist: Developer for Intuit.com, QFN.com, and Turbotax.com sites Projects Delivered: Led Y2K Remediation; Web servers migrated to Sun hardware Implemented Job Search and other Web Applications; InQuery Search Provided requirements for in-house CMS and selected Interwoven TeamSite as replacement Initial launch of intuit.com and qfn.com (Quicken portal) Web sites Educated senior management on privacy implications of "Web beacons" RED SKY INTERACTIVE – Contract Interactive Developer: April 1995 - October 1995 Multimedia Authoring with Macromedia Director and Shockwave Web Site Development TLA PRODUCTIONS – Audio Recording Studio Client Services: 1993-1994 RUSSIAN HILL RECORDING – Audio Recording Studio Assistant: 1992-1993 EDUCATION Certified Project Manager: PMI/PMBOK PMI preparation studies - UC Berkeley Extension Web and Programming Courses - University of California Extension Bachelor of Arts Communications - San Francisco State University
  • 57. REFERENCES: Campbell, G. (2011). The Complete Idiot’s Guide to Project Management. New York, NY: Penguin Group Cooke, H. (2011). The McGraw-Hill 36-Hour Course Project Management (2 nd ed.). New York, NY: The McGrawhill Companies, Inc. DoD Instruction 8500.2 –Information Assurance (IA) Implementation. (2012). DOD Issuances. Retrieved from www.dtic.mil/whs/directives/ DoD Instruction 8510.01 –DoD Information Assurance Certification and Accreditation Process (DIACAP). (2012). DOD Issuances. Retrieved from www.dtic.mil/whs/directives/ Kemp, S. (2004). Project Management Demystified: A SELF TEACHING GUIDE. New York, NY: The McGraw Hill Companies, Inc. Lewis, J. (2007). Fundamentals of Project Management. New York, NY: American Management Assocation Minimum Security Requirements for Federal Information and Information Systems. (2006). FIPS PUB 200. Retrieved from http://csrc.nist.gov/publications/fips/fips200/FIPS-200-final-march.pdf Piscopo, M. (2013). Transition Out Plan. Retrieved from http://www.projectmanagementdocs.com/
  • 58. Project-closing-templates/transition-out-plan.html Russel, D. (2011). Succeeding in the Project Management Jungle. New York, NY: American Management Assocation