Benefits RealizedBy Mark Pfefferman | Posted 2011-10-03 Email Print
Standardizing its software processes has improved Western & Southern’s efficiency, compliance, and security.
Thanks to the new system, the application development teams now have a consistent life cycle for open-systems applications that fall under the NAIC Model Audit Rule. Source code control and build processes have been standardized and mechanized across multiple development languages and platforms.
In addition, we eliminated the double keying of work order request information that had been required with separate request submission and project tracking systems. The work request submission interface is dramatically simpler as well. The new system prepopulates much of the user information and requires only six fields to be filled out.
We are pushing all IS requests—such as those involving work orders or new hardware, software or telephones—through a Business Manager applet. In addition, work order submitters now have access to up-to-date work order status information. As work requests move through the status phases of “submitted” to “accepted” to “in progress” to “complete,” up-to-date status is automatically passed to the work order request system.
IS management has improved reporting to determine the types of work being done by category—for example, scorecard project, nonscorecard project, work request and administration—and the work time applied to each category. IS management uses this information to determine resource availability and to balance the workloads of the application teams.
In addition, we eliminated obsolete work request and time tracking systems, reducing support costs and license fees. We also created a privileged-access request system using Business Manager, which allows application developers to request and gain instant access to the production servers they support. These requests are preapproved, based on the application developer’s role, and they expire after a period of time.
This platform has enabled us to remove permanent administrator access that many application teams had, but it still provides emergency access at any time.
We are now exploring the use of Business Manager as a potential help desk replacement. Plus, we are considering extending the Serena Dimensions SCCM (System Center Configuration Manager) product to all open-systems applications, focusing on applications that fall under the NAIC Model Audit Rule.
In sum, Western & Southern has realized significant benefits from standardizing, strengthening and orchestrating our application lifecycle management processes. As we move forward, we plan to continue to enhance this environment and drive even better efficiencies, tighter security and stronger compliance.
Mark Pfefferman is assistant vice president and director of identity and access management for Western & Southern. Mary Beth Peavler, Dorene Farwick and Terri Brown are managers in the Information Services department and contributed to this article.