[IT Foundations][GXS EDI Managed Service/1190]

Go/No Go Readiness Report

IT Division

Simple IT Operating Model Version 1.0

As At: 11 11 2013Version: v0.3Prepared by: Oluyomi Adeleke

Phase 1 (Pre-Christmas Delivery)

Slide 2 Printed 19/04/23 Confidential

Section 1: Programme/Project Overview

Project Overview/ObjectiveSponsor: Colin Denny

Business Area: Application Services

The business wants to implement a number of modifications to the EDI Managed Service in order to stabilise the GXS solution and ensure that the service is fully HMRC compliant. The modifications cover the components below:

Application Integrator – The current GXS EDI solution utilises Application Integrator version 5.0. This is an older version of Application Integrator and requires GXS to manually check the SSL EDI solution on a weekly basis.

Shared Data Bridge – The current EDI solution involves SSL using a shared data bridge. This causes an impact on service when other GXS clients utilising the same bridge transmit particularly large files.

Invoice Validation – Currently there are differences in the validation of Foods and Non-Foods invoices which is not compliant to HMRC.

The project aims to deliver:-  Increased stability of the EDI Managed Service by mobilising the recommendations of GXS and SSL

Application Support team.

An EDI solution that that has same validation for all invoices.

The project has been split into two phases: Phase 1 – GXS to upgrade the application integrator from 5.0 to 5.2 and implement a dedicated bridge for

Sainsbury’s.

Phase 2 – Implement a solution so the solution is HMRC compliant and review the long term strategy of JS EDI management.

Slide 3 Printed 19/04/23 Confidential

The Release

This Release This release covers phase 1 as described in the previous slide. The changes to be made are all on the

GXS environment and no changes on the JS side. The changes will provide: Fixes for known bugs

Swift Plugin for supporting financial services

Native xml/xlst mapping

Allows for more flexibility in data formats and modifications

Non-proprietary format

Oracle HA rack environment, which will

Increase supportability and reliability

Provide separation from translator file system

Give Redundancy

Provide future enhancements around reporting

A dedicated bridge that will provide a better service that is not impacted by load from other suppliers.

Status Summary GXS have completed their testing of 30 days data from production on 5.2 AI with no issues.

JS have completed testing of 7 days data (16,500 files) with no issues.

The dedicated bridge can’t be tested due to the setup but this is a BAU process that happens all the time and transparent to clients/users.

Slide 4 Printed 19/04/23 Confidential

The Release

RFCs raised AI Upgrade - CRQ14246(5th November)

Dedicated Bridge - CRQ14353(11th November)

Implementation Plans

Trading Partner migration list

Microsoft Office Word Document

Microsoft Office Excel Worksheet

Microsoft Office Excel Worksheet

The Plan to Live

Slide 5 Printed 19/04/23 Confidential

Slide 6 Printed 19/04/23 Confidential

Key Milestones

Historic

Friday 25th October 2013: GXS testing completed

Wednesday 30th October 2013: JS Testing completed

Wednesday 30th October 2013: CAB

Friday 1st November 2013: Final Go/No-Go meeting (AI Upgrade)

Tuesday 5th November 2013: Go Live (AI Upgrade)

Wednesday 6th November 2013: CAB (Dedicated Bridge)

Ahead

Monday 11th November 2013: Final Go/No-Go meeting (Dedicated Bridge)

Monday 11th November 2013: Go Live

Section 2: The 8 Big Questions GREEN RAG:

The Questions Owner Explanation of RAG and actions/date to go green RAG Now

RAG Last

1. Has the Cutover Process been proven? Implementation Approach, Plans, walked through and verified (*)Cutover Control procedures and Governance agreed Support rotas in place for implementationHave the RFCs been raised (use Placeholders as early as possible)

Yes. Script used to migrate 16 Trading partners already with no issues.CAB, Senior CAB and Change buster approvals received.

G G

2. Have the Regression/Fall Forward processes been proven? Regression Plans agreed and verified (*) All regression points identified and tested Fall forward workarounds identified, resourced, agreed & communicated (*) Any communications required in event of regression/workaround agreed

Yes. Script reverts the configuration back to old brigde.

G G

3. Has the Target Environment been proven? Have the SAT and V&P test phase closure reports been signed off (*) Has the End to End test closure report been signed off (*) 3rd Party system changes complete Production and DR environments ready for cutover (*)

G G

4. Have the Critical Business Processes been proven? Critical business processes proven Transitional Business processes agreed User acceptance testing complete & signed off (state defect position) (*) Go Live verification activity agreed

G G

5. Are the Business ready for Target Operations? Target areas ready for this changeOperational processes in place and Operational proving completed (*) Training undertaken & Post Implementation Support in place (*)Go Live Recruitment in place Internal Communications complete & co-ordinated with Air Traffic Control Periods of greatest impact (e.g. Xmas) been taken into account (*)

G G

6. Is IT Ready for Target Operations? ITSD Deskdrop complete and signed off (*) Service acceptance and service support in place (incl KT) (*) Deployment and Warranty Pack complete and 3rd party support in placeAll Pre Gate 6 Deliverables on the Project Deliverables Matrix complete and signed off , including Service Readiness plan and workarounds (*)

G G

7. Have we completed all required internal and External Comms? User and IT communications complete (incl IT Service Library) Other stakeholder communications, including 3rd Parties, complete

G G

8. Has the quality of the Migrated Data been proven? Data conversion and reconciliation process proved in integration testing Data reconciliation process proved in UAT (*) Target Op Environment data reconciled ready for entry to Cutover process

G G

Implementation Date: 11/11/2013 RFC No. CRQ14353

Slide 8 Printed 19/04/23 Confidential

2.1. Has the Cutover Process been proven?GRAG Status

N/A“Return to Green” Date

Milestone (from Project Plan) Baseline Date

Current Forecast

RAG Comments

Commentary (Ensure that the reason for any Red or Amber status is clear together with remedial Actions/Dates/Owners)

* Please add in Major Milestones: eg. Implementation plan signed off. If the original date is missed then set to Amber. Once a new date is agreed the milestone may be returned to green. If no new date

is agreed or set then the line item should be set to red.

Slide 9 Printed 19/04/23 Confidential

2.2. Has the Regression/Fall Forward processes been proven?GRAG Status

N/A“Return to Green” Date

Milestone (from Project Plan) Baseline Date

Current Forecast

RAG Comments

Commentary (Ensure that the reason for any Red or Amber status is clear together with remedial Actions/Dates/Owners)

* Please add in Major Milestones: eg. Regression plan signed off. If the original date is missed then set to Amber. Once a new date is agreed the milestone may be returned to green. If no new date is agreed

or set then the line item should be set to red.

Slide 10 Printed 19/04/23 Confidential

2.3. Has the Target Environment been proven?GRAG Status

N/A“Return to Green” Date

Milestone (from Project Plan) Baseline Date

Current Forecast

RAG Comments

Commentary (Ensure that the reason for any Red or Amber status is clear together with remedial Actions/Dates/Owners)

* Please add in Major Milestones: eg. V&P signed off. If the original date is missed then set to Amber. Once a new date is agreed the milestone may be returned to green. If no new date is agreed or set

then the line item should be set to red.

Slide 11 Printed 19/04/23 Confidential

2.4. Has the Critical Business Processes been proven?GRAG Status

N/A“Return to Green” Date

Milestone (from Project Plan) Baseline Date

Current Forecast

RAG Comments

Commentary (Ensure that the reason for any Red or Amber status is clear together with remedial Actions/Dates/Owners)

* Please add in Major Milestones: eg. UAT signed off. If the original date is missed then set to Amber. Once a new date is agreed the milestone may be returned to green. If no new date is agreed or set

then the line item should be set to red.

Slide 12 Printed 19/04/23 Confidential

2.5. Are the Business ready for the Target Operations?GRAG Status

N/A“Return to Green” Date

Milestone (from Project Plan) Baseline Date

Current Forecast

RAG Comments

Commentary (Ensure that the reason for any Red or Amber status is clear together with remedial Actions/Dates/Owners)

* Please add in Major Milestones: eg. Business Training Plans signed off. If the original date is missed then set to Amber. Once a new date is agreed the milestone may be returned to green. If no new date

is agreed or set then the line item should be set to red.

Slide 13 Printed 19/04/23 Confidential

2.6. Are IT Ready for Target Operations?GRAG Status

N/A“Return to Green” Date

Milestone (from Project Plan) Baseline Date

Current Forecast

RAG Comments

Commentary (Ensure that the reason for any Red or Amber status is clear together with remedial Actions/Dates/Owners)

* Please add in Major Milestones: eg. Service Model signed off. If the original date is missed then set to Amber. Once a new date is agreed the milestone may be returned to green. If no new date is agreed or

set then the line item should be set to red.

Slide 14 Printed 19/04/23 Confidential

2.7. Have we completed all required Comms? (Internal and external)

GRAG StatusN/A“Return to Green” Date

Milestone (from Project Plan) Baseline Date

Current Forecast

RAG Comments

Commentary (Ensure that the reason for any Red or Amber status is clear together with remedial Actions/Dates/Owners)

* Please add in Major Milestones: eg. Business owners signed off Go Live Date. If the original date is missed then set to Amber. Once a new date is agreed the milestone may be returned to green. If no

new date is agreed or set then the line item should be set to red.

Slide 15 Printed 19/04/23 Confidential

2.8. Has the Quality of the Migrated Data been proven?GRAG Status

N/A“Return to Green” Date

Milestone (from Project Plan) Baseline Date

Current Forecast

RAG Comments

Commentary (Ensure that the reason for any Red or Amber status is clear together with remedial Actions/Dates/Owners)

* Please add in Major Milestones: eg. Data Migration signed off. If the original date is missed then set to Amber. Once a new date is agreed the milestone may be returned to green. If no new date is agreed

or set then the line item should be set to red.

Slide 16 Printed 19/04/23 Confidential

Meeting Tracker (* Service transition will manage this tracker)

= Not Requireda = Attendeda = Not presentD = Delegated

Key

Slide 17 Printed 19/04/23 Confidential

Section 3: Confirmation to Proceed - Summary of Residual Business Risk at Go/No Go

The Questions Residual Risk Mitigating Actions and Dates Owner Risk H/M/L

1. Has the Cutover Process been proved?

2. Have the Regression/Fall Forward processes been proven?

3. Has the Target Environment been proved?

4. Have the business critical processes been proved?

5. Are the Business Ready for Target Operations?

6. Are IT Ready for Target Operations?

7. Have we completed all required Comms? (Internal and external)

8. Has the quality of the migrated data been proved?

* Service Transition to Complete this section: allocating actions to be completed prior and post Go Live against action owners.

Appendix A: The 8 Big Questions Guidance

The Questions Notes1. Has the Cutover Process been proven? Implementation Plans agreed, walked through and verified (*) Cutover Control procedures and Governance agreed Support rotas in place for implementation

This will include both Business and IT Support rotas, contact details and onsite attendance schedules in place, It include Data tracking, conversion and load into target, Financial & Operational reconciliation, IT and business schedule of events, Sign Off.

2. Have the Regression/Fall Forward processes been proven? Regression Plans agreed and verified (*) All regression points identified and tested Fall forward workarounds identified, resourced, agreed and communicated (*) Any comms required in event of regression/workaround agreed

This includes all activities required to ensure continuity of operation as a result of system or infrastructure failure, both within IT and within the Business

3. Has the Target Environment been proven? Have the OAT and V&P test phase closure reports been signed off (*) Has the End to End test closure report been signed off (*) 3rd Party system changes complete Production and DR environments ready for cutover (*)

All system and infrastructure testing completed (including connectivity, hosted services, batch components, documentation). Includes all business owned systems and interfaces, all Non-functional testing, including security

4. Have the Critical Business Processes been Proven? Critical business processes proven Transitional Business processes agreed User acceptance testing complete, UAT signed off (*) Go Live verification activity agreed

Includes all necessary dry-runs, Live running verification processes and responsibilities proven, training, User Acceptance testing and sign-off, manual operations and workarounds, post-live clinics, sign-off of residual business process risk or issues,

5. Are the Business Ready for Target Operations? Target site ready for this change. H&S assessments made. Operational processes in place and Operational proving complete (*) Training undertaken & Post Implementation Support in place (*) Go Live Recruitment arranged Internal Communications complete Have windows of greatest impact (e.g. Xmas) been taken into a count (*)

Target site ready for this change - Have any necessary business audit checks needed for change been carried out? Have any business operation model changes been communicated? Has the timing of Go live been agreed with the customer? Have all impact assessments been carried out in line with H&S?

Operational processes in place and Operational proving complete– testing of business processes including ‘dry runs’ and associated roles & responsibilities and signed

A statement of known defects (Including performance), signed off by the Business and including Impact statements and workarounds and have been communicated to business users, support staff and management.

6. Is IT Ready for Target Operations?ITSD Deskdrop complete and signed off (*) Operational acceptance and service support in place (incl KT) (*) Deployment and Warranty Pack complete and 3rd party support in placeAll Pre Gate 6 Deliverables on the Project Deliverables Matrix complete and signed off , including Service Readiness plan and workarounds (*)

Relates to ensuring IT can support the target operations; that staff are trained, deployed and communicated to; workarounds are in place, all documentation required by support and operations is in place.

Ensuring that incident management is in place, that the call directing system been updated to include this delivery. These operations must have been tested and technical processes proved, including warranties and third party support and maintenance. Any residual risk affecting IT Operations must be signed off. A Service Readiness plan, Service Model and Deployment and Warranty pack will have been produced (if requires) and signed off.

7. Have we completed all required Internal and external Comms? (*) User and IT communications complete Other stakeholder communications, including 3rd Party, complete

This includes all the required communications internally to users, support staff and (potentially) customers. Also externally to third parties/regulatory bodies and any regulatory sign-offs received.

8. Has the Quality of the Migrated Data been proven? Data conversion and reconciliation process proved in integration testing Data reconciliation process proved in UAT (*) Target Op Environment data reconciled ready for entry to Cutover process (*)

This includes sufficient proof that the migrated data is fit for purpose, that data assurance has been undertaken and signed off and that the process of reconciliation has been proven (in UAT) and roles and responsibilities assigned and scheduled.

Slide 19 Printed 19/04/23 Confidential

Readiness Reporting

Readiness Reporting, (or the 8 Key Questions) is an assurance process carried out by all projects approaching Stage Gate 6 & deployment

Commenced eight weeks prior to Go/No Go and carried out in conjunction with the Service Transition Lead and ITPMO, this process: Provides a sharp focus on the critical aspects of delivery to ensure a problem-free transition into live production Supports communication with stakeholders to ensure they are prepared for Go Live and hold a shared view of readiness Informs the final Go / No-Go meeting, which determines whether the solution/project is ready to be deployed The first Go / No-Go meeting (typically 8 weeks out) to run through the draft readiness report should be an IT only stakeholder meeting.

Project Manager submits first ‘8 Key Questions’ Readiness Report 8 weeks prior to Go Live

PM, key stakeholders and Service Transition Lead must decide whether full or ‘skinny’ reporting is required

At a minimum, a skinny report should be submitted and a follow-up Readiness Review conducted 4 weeks prior to Go Live

Final Readiness Report submitted

Final Go / No Go meeting to determine readiness to Go Live, attended by the PM, key stakeholders (including the business) and the Service Transition Lead

Go Live

Go / No Go – 8Wks – 7Wks – 6Wks – 5Wks – 4Wks – 3Wks – 2Wks – 1Wk Go / No Go

Reports should then be submitted to ITPMO and Service Transition Lead on a weekly basis

Major, high risk projects or those with ongoing issues should hold weekly stakeholder meetings to review the Readiness Report

For simple projects with no issues the frequency can be altered

Weekly reports to be submitted to ITPMO and Service Transition Lead

Distinction between high risk and simple projects as before

Change Control Key Forums

Stage Gate

Approval

Readiness Reporting

Small Projects

Approval & Funding

Process & Timeline

Slide 20 Printed 19/04/23 Confidential

Change Log – To be used by Project to track history of meetings the report has been presented to

Version Nos

Date Changes made by:

History

0.6 9/3/09 Doug Elliott Q3: “Performance testing” changed to “Volume & performance testing” Q3: “Security testing complete” added

0.7 16/3/09 Doug Elliott Q1: “Command & Control” changed to “Cutover Control” Q3: “Security testing complete” changed to “Non functional testing (incl. Security) complete” Q3 & 5: “3rd Party system changes complete” moved from Q5 to Q3

0.8 23/03/09 Andy Lewis Q7: “Customer communications” changed to “User communications“ Q7: “3rd Party communication” changed to “Other stakeholder communications, including 3rd Party,”

0.91 03/04/09 Andy Lewis Q6 ‘ITSD Service Readiness deliverables been completed and signed off’ added Q5 Site readiness, ATC and H&S assessments added Appendix A. Issues pages added Appendix B. 8 big questions guidance notes added

1.0 16/04/09 Andy Lewis Includes Previous RAG, New Forecast Date, Owner

1.1 03/06/09 Andy Lewis Include Current Live Date

1.2 8/6/2009 Andy Lewis Incorporation of Cutover Governance in 8 Big Questions

2.0 2/7/09 Doug Elliott Q2 adjusted to more accurately reflect Sainsbury’s approach

3.1 5/10/10 Clive Shewring

Changes to reflect the new Operating Model (v2)

3.2 15/10/12 John Lacey Updated as part of Simple IT Operating Model version 1.0