Description
The Concept Phase begins when the IT governance organization approves the Business Needs Statement to enable a new business process or enhance an existing business process through the application of information technology. The purposes of the Concept Phase are to:

• Identify and validate an opportunity to improve business accomplishments of the organization or to correct a deficiency related to a business need.

• Identify significant assumptions and constraints on solutions relative to that need.

• Explore alternative concepts and methods to satisfy the need.

In the Concept Phase, sufficient requirements detail is developed to support the detailed cost and schedule estimates, alternatives analyses, and other elements of the Business Case and preliminary Project Management Plan. The primary outcome of the Concept Phase is the proposal and approval of the cost, schedule, and performance baselines.

Responsibilities
Business Owner: The Business Owner is responsible for ensuring that adequate financial and business process resources are made available to support the investment once approved, including the designation of the Project Manager.

Project Manager: The Project Manager develops the Business Case and preliminary Project Management Plan.

Critical Partners: Critical Partners review and comment on the Business Case and participate in the Project Selection Review.

• Enterprise Architecture: Establish that the outcomes or results of executing the project are included in the Target Enterprise Architecture and that they are aligned to the HHS IT Strategic Plan. Ascertain that the Alternatives Analysis considers the use of existing systems and/or GOTS/COTS products. Verify that the business processes are modeled in sufficient detail.

• Security: Conclude that all applicable security and privacy standards have been considered in sufficient detail as part of the Business Case. Verify that a high level security analysis and a preliminary risk assessment are complete and justify proceeding to the Planning Phase. Verify that the investment has been appropriately categorized according to FIPS-199 and that an initial accreditation boundary has been established.

• Acquisition: Ascertain if a preliminary Acquisition Plan that is appropriate to the level of the requirements definition is part of the Business Case, and includes performance-based acquisitions. Verify that the overall acquisition strategy includes consideration of internal versus external acquisition, re-use, the use of commercial off-the-shelf technologies, and, if Requests for Information are necessary, how contracting work will be divided, and expected contract types.

• Budget: Establish that the Business Case includes a financing and budgeting plan and that there is sufficient requirements detail to support the detailed cost and schedule estimates needed during the Planning and Requirements Analysis Phases.

• HR: Determine the probability and/or impact of any anticipated workforce disruptions has been reviewed and make certain the need for staffing classifications such as new PDs, grade levels, etc., and potential workforce planning such as employee training or A-76 activities have been evaluated.

• Section 508: Make sure that plans are in place to incorporate Section 508 requirements in the contract(s).

• CPIC: Review the Initial Project Plan and Sub-plan/s to ensure that they are adequately developed. Conclude that the required authority and project structural foundation is in place.

• Performance: Ensure that the approval of the performance baselines is completed. Determine that appropriate potential performance goals are established as part of the Business Case. Conclude that the required authority and project structural foundation is in place.

IT Governance Organization: The IT governance organization conducts the Project Selection Review.

Activities
The following activities are performed as part of the Concept Phase:

• Establish project sponsorship/ownership.

• Identify and establish the Business Case for the proposed project.

• Document the analysis and planning activities.

• Determine IPT staffing requirements for the project.

• Review and approve advancement to the next phase.

Every project must have a responsible organization to execute the project. During the Concept Phase, organizational roles and responsibilities, including designation of the proposed Integrated Project Team (IPT) to move the project forward, are documented in a Project Charter.

The Business Case should identify why a business capability is necessary and what business benefits can be expected by implementing this project. It is important to state the needs or opportunities in business terms. Avoid identifying a specific product or vendor as the solution. The background information provided should be at a level of detail sufficient to familiarize senior managers with the history, issues and customer service opportunities that can be realized through improvements to business processes with the potential support of IT. This background information must not offer or predetermine any specific automated solution, tool, or product.

The Concept Phase involves the appointment of a Project Manager jointly by the Business Owner and CIO who carries both the responsibility and accountability for project planning and execution. For smaller efforts, this may only involve assigning a project to a manager within an existing organization that already has an inherent support structure. For new projects entailing a significant impact on the organization, a completely new organizational element may be formed - requiring the hiring and reassignment of technical and business specialists.

The Project Manager will apply the EPLC framework and other processes and procedures for project activities. These include developing a preliminary Project Management Plan (PMP) that addresses project planning, requirements management, project tracking, contractor management, verification and validation, quality assurance, change management, and risk management.

During the Concept Phase, high-level analysis and preliminary risk assessment are performed on the proposed project to establish the business case for proceeding forward in the life cycle. The business process is modeled and possible business and technical alternatives are identified. High-level system requirements, high-level technical design concept/alternatives and cost estimates are prepared. The overall strategy for acquisition is developed, including consideration of internal versus external acquisition, whether Requests for Information are necessary, how work will be divided, and expected contract types.

The Concept Phase ends with a decision by the IT governance organization of whether or not to approve commitment of the necessary resources to solve the business need.

Exit Criteria
Objective: To determine if the project has been clearly defined and has the supporting organizational structure to proceed with full planning.

Phase Specific Exit Criteria:

• The scope of the project has been adequately described in the Business Case and that the high level requirements meet the business need.

• The project organizational structure is scaled to support the project and the project manager and the project team are qualified [Organizational Mappings support project communication needs.]

• The Preliminary Project Management Plan adequately defines how the project will be executed, monitored and controlled and includes high level estimates of the baselines.

• The high level analysis demonstrates that the outcomes will be aligned with the Target Enterprise Architecture.

• All applicable security and privacy standards have been considered in sufficient detail as part of the Business Case. FIPS-199 categorization and an initial assessment of system accreditation boundary are established.

Stage Gate Review
The Project Selection Review (PSR) is a formal inspection of a proposed IT project by the IT governance organization to determine if it is a sound, viable, and worthy of funding, support and inclusion in the organization's IT Investment Portfolio. This Stage Gate Review is one of the four that cannot be delegated by the IT governance organization.