AI07 Install and accredit solutions and changes

focuses on

planning releases to production

testing that applications and infrastructure solutions are fit for the intended purpose and free from errors

is controlled by

AI07.1 Training Train the staff members of the affected user departments and the operations group of the IT function in accordance with the defined training and implementation plan and associated materials, as part of every information systems development, implementation or modification project.

AI07.2 Test Plan Establish a test plan based on organisationwide standards that defines roles, responsibilities, and entry and exit criteria. Ensure that the plan is approved by relevant parties.

AI07.3 Implementation Plan Establish an implementation and fallback/backout plan. Obtain approval from relevant parties.

AI07.4 Test Environment Define and establish a secure test environment representative of the planned operations environment relative to security, internal controls, operational practices, data quality and privacy requirements, and workloads.

AI07.5 System and Data Conversion Plan data conversion and infrastructure migration as part of the organisation´s development methods, including audit trails, rollbacks and fallbacks.

AI07.6 Testing of Changes Test changes independently in accordance with the defined test plan prior to migration to the operational environment. Ensure that the plan considers security and performance.

AI07.7 Final Acceptance Test Ensure that business process owners and IT stakeholders evaluate the outcome of the testing process as determined by the test plan. Remediate significant errors identified in the testing process, having completed the suite of tests identified in the test plan and any ...

AI07.8 Promotion to Production Following testing, control the handover of the changed system to operations, keeping it in line with the implementation plan. Obtain approval of the key stakeholders, such as users, system owner and operational management. Where appropriate, run the system in parallel with the ...

AI07.9 Post-implementation Review Establish procedures in line with the organisational change management standards to require a post-implementation review as set out in the implementation plan.

is part of

Acquire and Implement (AI) To realise the IT strategy, IT solutions need to be identified, developed or acquired, as well as implemented and integrated into the business process.

In addition, changes in and maintenance of existing systems are covered by this domain to make sure the solutions ...

can be mapped to

[09.2] Change management Objective: To ensure all changes are assessed, approved, implemented and reviewed in a controlled manner.

[10.1] Release management process Objective: To deliver, distribute and track one or more changes in a release into the live environment.

Release and Deployment Management the Process responsible for both Release Management and Deployment

Service Validation and Testing process responsible for Validation and Testing of a new or Changed IT Service

Service Validation and Testing ensures that the IT Service matches its Design Specification and will meet the needs of the Business.

supports

Ensure proper use and performance of the applications and technology solutions

Ensure seamless integratation of applications into business processes

Ensure that IT services and infrastructure can properly resist and recover from failures due to error, deliberate attack or disaster

Ensure that automated business transactions and information exchanges can be trusted

Reduce solution and service delivery defects and rework.

Respond to business requirements in alignment with the business strategy