Tuesday, February 12, 2002

 
Posted by Mike Tarrani 4:14 PM
Project Management. Project managers may be interested in project budgeting resources, which is a collection of Word and Excel documents. Some of the documentation is scant to nonexistent, but most of the spreadsheets and other tools will be easy for experienced project managers to figure out and quickly use.

Collaborative Frameworks. Anyone involved in group collaboration system design will find the DARPA-sponsored document titled collaborative framework rich in ideas and a highly useful methodology for evaluating collaborative computing systems. This framework applies to collaborative systems engines, such as ThinkingWare (developed by Thinking Minds, Inc.), as well as to architects and analysts developing portals and workflow systems.

Security. Regardless of whether you're an IT security professional or specialize in a different discipline, security is an inescapable concern. In previous entries I've discussed the need to incorporate security into testing, architecture and every other facet of service and applications delivery.

One standard of which every IT professional should be aware is the Common Criteria for IT Security Evaluation (CC). Why? ISO approved and published the CC text as the new International Standard (IS) 15408 on 1 December 1999. The CC started as a NIST initiative (see the original web page). You may find either or both of the two sites I listed overwhelming at first, and may want to get the cocktail party version of the CC (PowerPoint format) before you go exploring.

Two other related PowerPoint presentations are also worth downloading and reading

1. Protection Profile Process Improvement, which discusses the CC protection profiles and how to align the CC to the Systems Security Engineering Capability Maturity Model.
2. Information Security Metrics. This presentation by Bear Stearns gives an auditing approach that incorporates both process and metrics.

For general security awareness you may want to read the PowerPoint presentations on E-security and wireless security, both of which summarize the key issues.

End Notes: Spiked's IT section is a fresh source of IT news that is oriented towards business more than technology. I've also updated Notes from the Field with a few topics that will foster IT professionalism; specifically, a policy and procedures document for software inspections, and an interesting paper on using eXtreme Programming as a core approach for e-business start-up companies.