Business Environment

In the Business Environment section, enter the critical business properties of the application.

All users can view the data in this section. Users assigned one or more of the following roles can edit the data in this section: Business Owner, Technical Owner, or Respondent (when more information is requested).

Figure A-3. Application Business Environment section

Table A-3. Application Business Environment fields



Supported Processes

Zero, one, or more business processes that are supported by the application.

Owning Organization

The name of the organization unit with business ownership of the application. Organization units are created in Project and Portfolio Management Center (PPM). (For instructions for creating organization units, see the Resource Management User Guide.)

Regulatory Requirement

Zero, one, or more compliance requirements for the application.

  • SOX - Sarbanes-Oxley Act. United States regulations for corporate financial accounting.

  • FERC - Federal Energy Regulatory Commission. United States regulations for energy transmission.

  • NERC - North American Electric Reliability Corporation. North American regulations for energy transmission.

  • CPCU - Chartered Property Casualty Underwriter. Professional designation in the insurance industry.

  • CAISO - California Independent System Operator. Regulations for California's power grid.

  • HIPAA - Health Insurance Portability and Accountability Act. Regulations for privacy of personal information.

  • PCI - Payment Card Industry Data Security Standard. Standards for the payment card industry.

Security Classification

The highest security level designated for the components of this application. That is, if the components of this application have different security classifications, select the highest classification.

  • Open - Contains information with no access constraints. Unusual in a business context unless providing support for open source development.

  • Internal - Contains information for which access is restricted to users within an organization.

  • Limited - Contains information for which access is restricted to a defined set of users.

  • Confidential - Contains sensitive corporate information.

  • SECRET - Contains information for which improper release may damage the organization.

  • Top Secret - In a military or government context, contains information for which access is strictly controlled.

  • Above Top Secret - Contains extremely sensitive information.