Switchboard (Non Prod) - Tech Stack - Add New System
Tech Stack - Add New System
Business/Technical System Owner or Delegate to Complete
Added Switchboard (Non-Prod) provisioning instructions to the Tech Stack as they were previously not present which caused delays in provisioning ARs.
The Switchboard (Non-Prod) user provisioning is a two step process:
- Okta Admin manually adds user
- Technical owner adds user to Switchboard application
https://gitlab.com/gitlab-com/gl-infra/gitlab-dedicated/team/-/issues/2343
Please do not merge before the Business Systems Analysts have reviewed and approved.
-
Rename this MR's title to [System Name] - Tech Stack - Add New System
General Tech Stack Entry Tasks
-
Link the Procurement Requisition for the new system (if third-party system): - [Requisition link]
-
Populate all data fields for the new system within the 'Changes' tab of this MR. Commit when ready. More instructions are here. - Is this new system replacing an existing system in the Tech Stack?
-
Yes - Delete that existing system's entry from the Tech Stack using this MR as well. Next, create a Tech Stack Offboarding Issue. - [Issue link]
-
No
-
Access Tasks
-
Create an Issue to add the Provisioner(s) of the new system to the appropriate Google/Slack/GitLab groups. Note: If the Provisioner(s) of this system is already part of the Provisioner groups, skip this step. Please replace the [Issue link] placeholder below with N/A - Already in Provisioner groups
.N/A - Already in Provisioner groups
-
Add the new system to one of two Offboarding templates below. More instructions are here. -
Option 1 - Main Team Member Offboarding template - [MR link]
-
Option 2 - Department-level Offboarding template folder - [MR link]
-
Data Warehouse Question
- Does data from the new system need to be integrated into the Enterprise Data Warehouse (EDW) for reporting and analytics?
-
Yes - Create a 'New Data Source' Issue in the Data Project to discuss cost, development, etc. with the Data team. -
No
-
Examples of system data integrated into the EDW:
- The data will be used as part of a new Key Performance Indicator or Performance Indicator.
- The data needs to be part of lead-to-cash analysis.
- The data needs to be joined with Marketo, Salesforce, or NetSuite data for cross-system analysis.
Privacy Team to Complete
If the new system contains Personal Data, has a Privacy Review been completed?:
-
If system contains Orange (internal only)/Red Personal Data: -
Yes - Link a completed Vendor Privacy Review Issue, Coupa approval, or Zip approval -
No - Complete Privacy Review Issue
-
-
If system contains Yellow Personal Data (GitLab Team Member Names/Emails): -
Yes - a Data Processing Agreement (DPA) was executed between GitLab and the Vendor -
No - a DPA is not in place - Privacy Team will be in contact about completing a DPA, which is required for this Tech Stack Addition
-
-
If system contains only Green Data or contains no Personal Data, a Privacy Review is not required.
Security to Complete
-
If applicable, the Security Risk Engineer who created this MR should self-assign and unassign @ndevarajan
-
Create TS Add and BIA Tracking Issue: -
Prior to merging, confirm the associated requisition has passed through all layers of approval for implementation -
@gitlab-com/gl-security/engineering-and-research/security-logging Security Logging Team reviews and follows the Critical Logging Methodology Process - If applicable Add/Change/Remove Logging Issue Request
-
Security Assurance approved
Business Technology to Complete
@marc_disabatino)
To-dos before merging (-
Ensure all sections/action items are completed.
/cc @gitlab-com/internal-audit @disla @gitlab-com/gl-security/security-assurance/security-risk-team
Edited by Marc Di Sabatino