To complete Assessment 2 you are required to write a business report that seeks to offer solutions aimed at avoiding IT governance and change management shortcomings evident in the operation of a contemporary IT project. It is recommended that you review the instructions for Assessment 2 prior to starting to develop your plan. Some detail on the case study and the report assessment task is provided here as background information for the plan.

To complete this plan you will need to research the case study and be able to summarise it in your own words. You also need to identify and describe the IT Governance and Change Management theories, standards, models, frameworks and concepts that you plan to apply/analyse with reference to the case study in Assessment 2.

The case study

You will be exploring the Identity Access Management (IAM) system commissioned by the WA Health department. Case study details are supplied overleaf.

Background to the task - Guidance on Assessment 2 - The Report

You are to write a business report for Assessment 2 that reviews the IT governance and change management processes evident in the case study nominated for this purpose. Your report should consider the applicability of the various frameworks, models, processes and standards that we examine in the course as possible remedies to the challenges apparent in the case study. Additionally, your report should present a remediation plan keeping in mind the importance of effective IT governance and change management.

Assessment 1: Preparing your plan

The course website contains a template that must be used to prepare your plan. The template poses a range of questions designed to get you engaged in research for your report. You must ensure that you remove all prompts from the plan once you are certain that you have addressed the key points required for each section. The plan will:

• Describe the topic area and objectives of the planned report.

• Provide a detailed structure proposed for the report - similar to a table of contents without page numbers.

• Identify at least five phrases that you will use/have used to search for information via search engines and Library databases.

• List at least five high quality, relevant RMIT business format references that you will draw on when preparing your report - these must not be resources outlined in the case study description overleaf or the course text book. You are required to conduct independent research in addition to using these supplied resources.

Report plan structure:

Topic areaand specific objectives:

Describe the case study and objectives of your report.

• Identify which key course themes (issues) you are going to explore in your report. Check the course guide and assessment guide, if necessary

• List important questions that you anticipate exploring in your report

Anticipated report structure:

Describe in detail what the contents page of your report is going to include. Offering a nonspecific series of general headings will not satisfy this requirement. A satisfactory structure should be informed by the specifics of the case and the decisions you are making concerning a reformed governance structure.

Key phrases used in search engines and library databases:

List here, five to eight keywords or phrases that you have or will be using to search library catalogues, periodical indexes, and search engines in the WWW.

Key information sources that support your project:

List at least five such sources that you believe will support this investigation. These need to be specific citations that signify that you have begun to undertake a serious investigation. [Indicating that you are going to look in the RMIT library, the course textbook, materials identified in the case study briefing or on the Web is not an acceptable response.] At this stage your list will of course only be a starting point.

Case Study - Identity and Access Management

The Identity and Access Management (IAM) system was a project commissioned by the Department of Health in Western Australia. The system aimed to provide staff at the new Fiona Stanley Hospital (FSH) with authorised access to relevant IT systems and buildings (Murphy 2014).

Timeline (Murphy 2014)

• 2008 IAM Project initiated • No business case or project documentation, planned completion 2013

• 2010 IAM software tender

• 2011 First phase of project commenced • Role definition and access levels

• 2012 Business case developed as part of refocused PID • CIO doesn't support it

• 2012-2013 Planned completion pushed back 3 times to a final date of December 2014

• 2013 Development stopped

• 2014 WA Auditor General reviews project

• 2014 Fiona Stanley Hospital opens without IAM in place

Key resource to use as a starting point for research

The WA Auditor General's report

Murphy, C 2014, Information Systems Audit Report, Western Australian Auditor General, viewed 1 February 2016,