Agencies are using many different development tools. Most training is done by individual agencies, but some training classes are shared by multiple agencies. There are currently no user groups.
Applications are developed using a limited number of application software development tools as defined by enterprise standards. IT staff participates in development tool and methodology training classes. User groups exist to share successful development techniques and fundamentals.
Periodically review tools/languages standard.
Establish a forum or user group(s) where developers from agencies periodically meet and/or share information,promote standard toolsets, and identify method to share common code routines and procedures..
Promote onsite training shared across agencies.
2. Standard User Interfaces
Most agencies follow industry standards, but there are no existing enterprise standards. No central usability lab exists. Testing is done by individual agencies.
User interfaces are tested and reviewed in a central usability lab.
Establish usability lab to review and test interfaces.
Define usage procedures for the lab.
3. Application Architecture
Several agencies are starting to develop n-tier applications that are scalable. ITD provides load testing services of web applications to ensure scalability.
Applications are developed based on industry best practices. Applications are scalable across the enterprise to accommodate business growth.
Identify best practices and establish a plan to provide education, training, and processses to implement best practices.
4. Disaster Recovery
The completeness of system documentation varies across state agencies. ITD maintains a disaster recovery plan for mainframe applications. Other applications disaster recovery plans vary across state agencies.
Applications include complete system documentation and disaster recovery plans that follow enterprise standards.
Develop a template for applications disaster recovery plans, including necessary system documentation and recovery test procedures.
Identify how EA interacts with COG (Continuum of Government).
5. Application Security
There are multiple authentication and authorization methods.
Security requirements are sometimes addressed late in the development life cycle.
ITD has implemented a common authentication/authorization method that is currently in use by several applications.
Security requirements are identified early in the development life cycle to ensure security risks and data confidentiality are addressed appropriately. Applications utilize the enterprise security solutions.
Train and educate agency software development staff in the use of enterprise security solutions.
6. Quality Assurance
Segue Software SilkTest, TestManager, and IssueManger have been implemented.
User acceptance testing is currently done manually via test plans/scripts.
ITD provides load testing services for web applications utilizing Mercury Interactive Load Runner. Load testing is done for all web applications deployed at ITD, including agency developed and vendor applications.
ITD has a usability testing software to record and report on user interaction with applications.
Quality Assurance (QA) services are provided by ITD for its applications and as a service to agencies which develop their own applications, including load testing, functional testing, and usability testing. A usability lab will also be established.
Agencies will have dedicated QA staff. Quality assurance testing is performed against dedicated test environments.
Agencies are doing their own functional testing using an automated tool, recording scripts, scheduling the testing of the scripts, and tracking defects.
Load testing is being performed on client/server applications such as PowerBuilder and VB.Net and wireless applications. This involves capturing the calls the client/server or wireless applications are performing and then load testing the calls (Example: Web services calls, database calls, etc.).
Document best practices for functional, load, and usability testing, including but not limited to scripting, reviewing/analyzing test results, and identifying supported operating systems and browsers.
Identify and recommend quality assurance services to be provided by ITD.
Identify and evaluate load testing software for client/server and wireless applications.
7. Service Orientated Architecture
The state has several applications utilizing web services and event driven architecture.
As new applications are being developed at ITD, the application requirements are reviewed and evaluated to determine if and how service oriented concepts could be applied to the application design.
All new applications developed for the state will evaluate Service Oriented Architecture (SOA) and Event Driven Architecture (EDA) concepts and will use SOA/EDA where applicable and cost effective.
Request For Proposals for new applications which are custom developed or COTS solutions will include SOA/EDA language. Vendors will be asked to respond to SOA/EDA, including but not limited to if/how their proposed solution utilizes SOA/EDA or what their long term direction is for SOA/EDA.
Applications are exposing services which are available to other applications within the enterprise or publicly via the Internet.
Define and document when to use SOA and EDA.
Educate state IT staff on SOA/EDA concepts.
Develop SOA/EDA language to include in Request For Proposals.
Document and publish services to be used across the enterprise and/or the public.
A personal firewall (sometimes called a desktop firewall) is a software application to protect a single Internet-connected computer from intruders. A personal firewall works in the background at the device layer to protect the integrity of the system from malicious computer code by controlling Internet connections to-and-from the user's computer.