Database Management System

Organization - Summary of problem

Inadequate booking and reservation process for room rent

Inefficient collection and maintenance of customer booking
information
Inaccurate and inefficient financial and operations reporting
Manual paper-based billing and collection operations
Risk of unauthorized modification of customer and operational
data
Lack of access control to confidential information
Data entry error
Lack of adequate security for customer data

2
 Organization Affected Department
Department Impact of current problems
Hotel Directorate Inaccurate and late reporting affects strategic planning and control operations.
Incomplete documentation affects management response to operational risk issues.

Hotel Manager Inaccurate room rent data affect hotel operation management, planning and control.
Inadequate documentation and approval for supply services leads to loss of funds.
Inefficient payment processing leads to third party settlement risk.
Inadequate documentation leads to loss of income due to missing customer booking and
leads to reputational risk

Employee Inadequate reporting makes management accounting reporting difficult.

(Account/Audit) Inadequate documentation causes difficulty in settlement of payables and collection of
receivables.
Inadequate activity reporting will make financial report unreliable.
Delay in activity reporting will affect budgeting process
Incomplete reporting will incur the cost for investigation of discrepancies

Employee (Customer Manual paper-based booking process is time-consuming and with risk of error
service) Data error during call in booking process.
Duplicated data leading to loss of income due to loss of occupancy reporting
Loss of data confidentiality and integrity

3
 Hardware and Software requirements
Hardware
1 Switch: for traffic transmission
between local network systems
1 Router: for traffic routing between
one hotel LAN and other hotel WAN
2 Firewalls: for network access control
to the LAN
2 Application servers: to install
supporting applications such as the
Reservation Management System
Software
Reservation application: to manage customer
reservation and booking operations
Server operating system: to manage LAN
systems operations and connectivity
Desktop operating system: to manage host
connectivity and front end operations

2 Web servers: to manage web

application and serve customer
browsers

2 Database servers: to install and

protect DBMS

5 Workstations/Laptops: for system

operation to conduct job functions and
serve customers

4 Tape for back up: for backup and

9 recovery operations
disaster

 Enterprise System Architecture

1
0
 Operating rules
Requirement Format Provider Table Constraint
Identification nvarchar(5 System generated Must be unique
number 0)
Hotel nvarchar(5 Hotel catalog Hotel Must be
information 0) embossed on the
invoice
Customer nvarchar(5 Guest and retrieve Customer First letter of
information 0) from names must be
in capital letter

Lastname first

Firstname last
Description of nvarchar(5 Employee Booking (Booking ID, Booking ID is
services 0) (restaurant and Room No, Room mandatory
customer service) type)
Restaurant
(Restaurant service)
Date Date Guest Booking (Booking Booking date is
date) mandatory
Amount Amount Manager Hotel Amount must be
Bill (calculated total presented in
amount) Dollar : Cent

1
2
 Law Ethic and Security
PCIDSS
Requirements of the standard are enumerated below:
Install and maintain a firewall configuration to protect
cardholder data
Do not use vendor-supplied defaults for system passwords
and other security parameters
Protect stored cardholder data
Encrypt transmission of cardholder data across open, public
networks
Use and regularly update anti-virus software
Develop and maintain secure systems and applications
Restrict access to cardholder data by business need-to-know
Assign a unique ID to each person with computer access
Restrict physical access to cardholder data
Track and monitor all access to network resources and
cardholder data
Regularly test security systems and processes
Maintain a policy that addresses information security
https://www.pcisecuritystandards.org
1
4
 Security Need of Solution
Security Hotel security needs Front Desk security needs
classification
Policy Develop and disseminate information Read and comply with information
security policy and procedures security policy
Investigate and resolve non-compliance with Comply with the procedures to
policy complete a job duties
Implement industry and legal regulations
Physical Pre-employment background check Computer safety and protection,
security Security awareness screen protection
Doors, locks, keys, Fire extinguisher, CCTV, Reporting suspicious person,
and lightings activities and missing items
Logical Data encryption, firewall, intrusion Use strong password, collect
security detection/prevention system, anti-virus, accurate and reliable data, reconcile
vulnerability assessment, data loss data, policy compliance,
prevention and system development
methodology

1
5
 Project development and management plan
Task Name Duration
Raging River Hotel Database System Project 270 days
Initiation 30 days
Develop/Approve project charter 30 day
Planning 110 days
Manage scope 15 days
Create/Approve scope document 15 days
Manage requirement gathering 33 days
Create/Approve requirement document 33 day
Develop project plan 62 days
Create task list/schedule/milestone/budget 27 days
Review/Approve project plan 5 days
Design tests 30 days
Design, develop and approve unit/integration/acceptance test 30 days
Execute Plan 105 days
Identify stakeholders and communicate project information 15 days
Design, develop, monitor quality, risk and perform QA 90 days
Manage deployment 20 days
Create change control document 10 day
Approve go live 5 days
Go live 5 day
Close project 5 days
Perform impact analysis, document lesson learnt 5 days