Aug 19 2010
Use cases as the first step in improving an existing process
I am currently working on a project where the goal is to improve an existing process around test data creation and validation. There have been issues where test data has not been created in time and this has caused projects that are dependent on that data to have to be delayed or implemented without full testing. One of the solutions is just to throw more resources at the problem which has helped some. The better and longer lasting solution is to reengineer the test data creation process so more can be done in the time allotted and errors can be reduced. I have been tasked as a BA on the project to help update the existing process. It is difficult to look at a whole process from end to end and try and find ways to improve it. One of the things that can be done is to break the entire process into smaller sections. I have found that creating use cases is a great w
Aug 18 2010
Introduction:
This month’s blog entry explores the complex relationship between project success and project leadership. Risk of failure is potentially higher for IT projects than commonly acknowledged and, by all accounts, it would appear that success hinges less on strict adherence to methodology than on leadership. Leadership, of course, assumes manifold forms, but in the context of this discussion I narrow it down to its core: the moral/ethical responsibility of project managers to "tell it like it is," so that appropriate decision-makers can make effective decisions in a timely manner.
This entry will be published in 3 parts:
- Part 1 will discusses some of the long-term trends in project management, that have been recorded over the last 15 years. Given the ever-growing emphasis on rigorous management of IT projects, the interpretation of these findings continues being debated, but the conclusions are unambiguous.
- Part 2 will shine the spotlight on ethics in the context of project success. Ethics in project management elude rigid definition, particularly as the PM discipline has evolved to encompass truly global projects, but even so, project management success is not synonymous with project success.
- Part 3 will make the link between success, leadership, and ethics explicit.
I’m curious what experience others have had in this regard. Are there other aspects of leadership that play a pivotal role in your projects? Are ethics a primary driver of decision-making in your organization… or an ancillary consideration? What effect have these played on the successful delivery of your projects?
Please feel free to comment below.
Aug 16 2010
Secure Development Methodologies Overview
Over the last few months, this blog series has focused on the technical details of integrating security during the development phase. While this is the most critical phase, where the proverbial rubber meets the road, developers alone cannot bear the burden of producing secure code. To achieve robust security, it must be integrated into the whole software development lifecycle, from requirements to testing and beyond.
There has been a lot of work in this space recently. This post will attempt to give an overview of the various methodologies and approaches, but it is not designed to be an exhaustive list (and is shown in no particular order).
Aug 03 2010
Three Tips for Better Data Definitions
If business or IT users insist that their definition is good and everyone knows what they mean when in fact that is not the case, the strategies below may help.
1. Provide examples of unclear
vs. clear definitions
Users who are intimately familiar with their business process and
supporting systems may not understand the point of specifying exactly what they need. To them "the ID of the customer" is a 
perfectly acceptable
definition of "Customer ID." Or, the IT representative may give a
definition that works for them but no one else, such as "the primary key
of the customer table". It will help both to see examples of what is
needed in order to have a workable definition to support data warehouse
population and use of the data.
Jul 27 2010
Secure Development - Web Application Top 10 Summary
Since I started this series several months ago, OWASP has released its final version of its latest and greatest Top 10 list for 2010. In today's post, we will use this list to summarize the vulnerabilities covered so far and briefly talk about some of the new additions. For most of these, I have simply linked the title of the vulnerability to the corresponding post in my blog series.