Business Process Analysis and Development

Business Process Analysis and Development

Cancelled

Job Description

The initial scope of this project will be for the following, with follow to complete the completed work below;

Management and Support Lines of Business and Information Types
Government Resources Management Information
C.3.3 Human Resource Management Information
HR Strategy
Staff Acquisition
Organization & Position Mgmt
Compensation Management
Benefits Management
Employee Performance Mgmt
Employee Relations
Labor Relations
Separation Management
Human Resources Development
*NIST 800-60 Vol2 Rev 1 page 28

I'd like to see the high-level work flow preceding and following the data type selection (identifying system name, description, environment, etc then capturing user name and contact info, etc) as well as the workflow the above data types. This should include a high level workflow and workflow for the data types, including screen mock-ups and database design.

--------------------------Follow-on proposed

We are looking for a skilled team or individuals including but not limited to software developers, information security/assurance professionals and business analysts to convert an existing compliance process into a business process workflow, pseudo code, Visio diagrams and potentially screen mock-ups. The project would require the individual or team to walk through the following documented logical processes;

FIPS-199: http://csrc.nist.gov/publications/fips/fips199/FIPS-PUB-199-final.pdf

Using the additional reference documents;

800-60 Vol II Rev 1 : http://csrc.nist.gov/publications/nistpubs/800-60-rev1/SP800-60_Vol2-Rev1.pdf
OPM BRM: http://www.opm.gov/egov/documents/archives/brm-report.pdf

To generate a final output that will allow for the auto generation of the following completed template;

FedRAMP FIPS 199 Document: www.gsa.gov/graphics/.../FIPS_199_Template_050212_508.doc

The psuedo code, workflows and mock-ups should walk the process as if guiding a user as a web application providing questions and examples, defining if the selection workflow mechanisms (check box, drop-down, radio button, or text box), what data can be stored as variables and reused and all the other logical components required, etc. The workflow should be written in US English.

The psudeo code should also include a logic matrix for mapping information types, to information descriptions, to special factors, recommended impact levels, guidance for impact level adjustments in a MS Excel spreadsheet.

A high-level example of the matrix would include the following in a well organized spreadsheet;

Does the information system store Employee Relations Information?

Employee Relation Information designs, develops, and implements programs that strive to maintain an effective employer-employee relationship that balance the agency’s needs against its employees’ rights. This sub-function includes: addressing employee misconduct; addressing employee performance problems; managing administrative grievances; providing employee accommodation; administering employees assistance programs; participating in administrative third party proceedings; and determining candidate and applicant suitability.

Employee Relations Information Type
-Default Impact Levels:Confidentiality = Low, Integrity = Low, Availability = Low
-Special Factors for Confidentiality: Does this data set include PII or HIPAA data?
(if yes adjust to Confidentiality Impact Level to Moderate)
-Special Factors for Integrity: Would loss of Integrity of the data set cause adverse effects to the agency's mission? (if yes adjust to moderate and ask follow-up question would loss of integrity has serious of life-threatening consequences, if yes adjust to high)
-Special Factor for Availability: None

---
Skills: software-development, graphics, analysis, management, benefits