Physical Data Flow Diagrams: Lifecycle Management

Objective

• To provide general information about the lifecycle management process for MUIT's physical data flow diagrams

Scope

• Physical data flow diagrams (physical diagrams) map how the flow of information for any application, process, or system occurs, specifying people (positions) involved and software, hardware, firewalls, network devices (firewalls, DNS names, switches, load-balancers, etc.) used in an information flow
• Physical diagrams use defined symbols and short text labels to show data inputs, outputs, storage points, and the routes between destinations
• Physical diagrams are considered the "how" Knowledge documentation that is provided to upper-tier solver teams
  • Offer a single-source of truth during active incident resolution
  • Provide a detailed understanding of the impact of planned changes

User

• Miami University IT Services Staff
• Miami University IT Services Project Teams
• Miami University IT Services Solver Teams

Lifecycle Management Process

1. Creation

• The asset-owning team (Owning Acct/Dept) or subject-matter expert creates and maintains active physical diagrams
• Events necessitating the creation of a physical diagram include:
  • Projects
  • TDX incident ticket
  • Planned changes to physical infrastructure
  • End-of-life or end-of-support events
  • Decommission process
  • Currency review of assets
• Standardized templates and protocols for diagram creation ensure consistency and accuracy across all applications
• Licensed users create and maintain physical diagrams in Lucidchart, the selected diagram tool
  • SSO sign-in: Lucid.app/saml/sso/MiamiOH.edu
  • Licensed users include a select group of managers and senior staff
    • To become a licensed user, contact Em Smith, Knowledge Management

2. Editing and publication

• An established naming convention and version control tracks changes and offers a history of diagram revisions, crucial for audit trails and historical accuracy
• Lucidchart, a collaborative editing tool, allows multiple editors to review and edit diagrams simultaneously, reducing turnaround time
• TDX ticketed request for review and revision of active physical diagrams ensures that all relevant teams are notified of the need for update of information
• Editors transfer and index active physical diagrams to application folders in the Lucidchart tool
• Editors can locate historical physical diagrams in the Google Drive folder, Application-System Representations
  • Historical physical diagrams were edited in the Visio tool and are currently indexed in the application-system folder
• Knowledge Management indexes a PDF of an updated physical diagram in the Google Drive folder, Application-System Representations, and publishes a link to the PDF in the application asset 

3. Security, storage, and sharing

• A secure, encrypted digital storage solution protects sensitive information and ensures the confidentiality and integrity of data
  • Google Drive cloud storage service offers sharing permissions that allow Knowledge Management to limit access to physical diagrams
• ISO deems physical diagrams to be confidential documents and requires careful consideration to access rights
  • Diagrams are made available to project teams to provide a detailed understanding of the impact of planned changes
  • Diagrams are made available to upper-tier solver teams to provide a single-source of truth during active incident resolution
  • Diagrams are sometimes shared with relevant stakeholders, such as University clients, to provide a visualization of how an application works
• Training sessions for diagram lifecycle management practices emphasize the importance of compliance and security

4. Active use and maintenance

• Regular review of active physical diagrams ensures currency and compliance with regulations and organizational policies
  • As an active physical diagram is linked in the asset record, annual review of the diagram as part of the asset record is recommended
  • Configuration Item Owner Handbook (SACM) provides guidance, specific instruction, and tools to configuration item (asset) owners of Enterprise Applications within Solution Delivery to perform this role
    • Recommends regular audit of the asset record for completeness and accuracy by the asset-owning team
• Periodic review and adjustment of Google Drive sharing permissions maintains limited access to physical diagrams

5. Archive and preservation

• Long-term digital preservation ensures that archived diagrams remain accessible over time
• SACM guidelines do not incorporate a disposal practice of configuration item (asset) records at the end of their lifecycle, thus ensuring that archived diagrams are retained for the same duration 

6. Continuous improvement and training

• Knowledge Management K-CAB serves as the established feedback forum by which continuous improvement of diagram lifecycle management will be adapted to leverage new tools and methodologies 
• Documents and videos will cover training for process and tool
  • Process: IT Services Knowledge Base articles
  • Tool: Lucidchart knowledge base videos
    • Getting Started in Lucidchart
    • Lucid Learning Campus: Lucidchart

Note

• Logical data flow diagrams will follow a similar lifecycle management process