This page is powered by Blogger.





Contacting Us
Mike Tarrani
Linda Zarate
Kate Hartshorn

Who We Are
TEAM Zarate-Tarrani

Our main weblog
Notes from the Field

Our other pages
Mike's home page
Linda's home page
Kate's home page

Simpatico [we]blogs
Dan Gilmore
Robert X. Cringely
Jakob Nielsen
Julian Bond
Deborah Branscum
Lisa Rein
Ed Yourdon


Saturday, May 18, 2002


Business As Usual. In my 16 May entry I provided links to topics that span the IT and business domains, and are excellent resources for business systems analysts for understanding their business process owner constituents. One of the resources was a PowerPoint presentation on TQM, lean methods and 6-sigma. If that presentation piqued your interest you'll love iSixSigma, which is a portal devoted to 6-sigma. If the term has you scratching your head, you can check the short definition or a longer description.

One of the portal's highlights is the collection of articles that cover every industry and topic. For example, if you're a software engineer or project manager, the article titled Is Software Inspection Value Added? will be of interest. If you're more concerned with business or technical process improvement, the article titled DMAIC Versus DMADV gives insights as to which approach to take. DMAIC stands for Define, Measure, Analyze, Improve and Control. DMADV stands for Define, Measure, Analyze, Design and Verify. While they seem to be nearly identical there are major differences and the article explains them and gives situations in which to use one over the other.

Other interesting resources that business systems analysts, other IT professionals and project managers will find useful include:

The truth is out there. Enjoy the weekend.

Friday, May 17, 2002


Service and Strategy. I have once again fallen into that vortex of competing priorities swirling around and a negative time warp where I seem to be moving backwards in time with respect to the things I need to accomplish. The good news is this is going to be a terse entry that provides presentations and documents, but little commentary.

Service. The three presentations on service level management vary in depth and quality, but each is worth downloading and reading:

  1. Service Level Management.
  2. Making SLAs Work.
  3. Customer Service Management Architecture for the Internet.
Since my last entry opened the door to business-to-IT alignment, the following three presentations fit that topic area:
  1. Shangrila of ROI.
  2. Performance Measures for IT.
  3. Linkage of Performance to Business.
Good things do come in three's. Enjoy your weekend.

Thursday, May 16, 2002


First Things First. I've been searching for a Visio diagram that depicts the PRINCE2 Process flow and finally found it. Unfortunately, I do not know the name of the author who took the time to create this excellent resource, and who had the goodness of heart to share it. If you are the author, please let me know so I can give proper credit. I also have a WBS Reference Guide that shows how to develop work breakdown structures, which should be the foundation of any project plan.

More About ERP. Actually, the following presentations and documents are only loosely related to ERP, but are excellent resources for business systems analysts and will bridge that chasm between IT and business by providing insights into the processes with which the business side is concerned:

I sincerely hope that you find this material useful and it promotes closer business-to-IT alignment.

Wednesday, May 15, 2002


I've written more than a few entries about project management in the past two weeks. This entry is going to combine project management with ERP, and is appropriate because too many ERP projects either fail or cost far more than anticipated. The dependent variable in many cases is project management.

Allen Web's ERP Project Management Basics is a good starting point. He also has an informative page on planning ERP projects and a step-by-step recipe for succeeding in ERP projects. I also like his discussion about project failures and how to avoid them. Overall, the site is filled with general information that anyone who is implementing an ERP system will appreciate. If you're involved in a SAP R/3 implementation you'll want to carefully read his article on SAP R/3 Implementation Concerns.

If ERP architectures interest you the Purdue Enterprise Reference Architecture page is a discussion of the basic concepts for design and execution of enterprise and related systems of all types.

There are a few books that I highly recommend. They cover ERP in general, with no particular bias towards any of the systems on the market. My recommendations are:

Tuesday, May 14, 2002


I found three excellent project management resources while following up on some of the links that Mike provided last week:
  1. 9 Essential Project Management Success Factors.
  2. Project Management KnowledgeBank.
  3., which has online courses, articles and links that are interesting and worth investigating.

Monday, May 13, 2002


Mike has been covering a wide range of topics lately, but his 11 May entry inspired me to give my thoughts about a few of the books he mentioned.

One, CyberRegs, is a complete primer on intellectual property and its value to the enterprise. Key issues that are addressed include:

  • Digital Millennium Copyright Act (DMCA)- this is probably the most important discussion in the book because it continues to be controversial.
  • Complete discussions of all aspects of intellectual property law as it pertains to cyberspace. The clarification of the protections afforded to patent holders that are not given to trademark holders is invaluable. In addition, I learned much about the value of patents and how a business model can be developed around patents alone. I particularly liked the discussion of patent ownership (employee inventor vs. company to which the patent was assigned). This alone makes the book worth reading.
  • Case studies - many of the case studies which are used throughout the book focused on pending court cases when the book was published. Many have now been resolved, the resolution of which open more questions and further cloud issues. I'd like to see an update or second edition that provides closure.
  • Excellent introduction to technical issues. The author has a knack for reducing the key elements into easy-to-understand chunks of information that teach non-technical readers quite a lot about technology.
If you buy one book on intellectual property law from a cyber-business perspective, this is the one to get.

Probably the most influential book, and the one that covers the widest range of topics is Bruce Schneier's classic, Secrets and Lies. This book introduces security and privacy to technical and non-technical readers alike. What I especially like are:

  • Social aspects of security and privacy are addressed using the motives of attackers and broad profiles of attacker types, analysis of threats and countermeasures, and what it all means from legal and social perspectives.
  • Easy introduction to security infrastructures. The author imparts a good deal of technical knowledge without overwhelming non-technical readers.
This book may initially disappoint technical readers who have read Mr. Schneier's earlier book (Applied Cryptography), but I can assure you that the technical underpinnings are only part of the picture. This book gives a complete view of all aspects of security, and is invaluable because it raises awareness of all issues. It's all the more valuable because it can be read and understood by a broad audience. There are two other books that I recommend in addition to this one:
  1. Know Your Enemy: Revealing the Security Tools, Tactics, and Motives of the Blackhat Community (Mr. Schneier wrote the preface to this book, which Mike reviewed on 11 April 2002 on Amazon).
  2. Richard Hunter's World Without Secrets: Business, Crime and Privacy in the Age of Ubiquitous Computing, which I reviewed on 21 April on Amazon.

Additional material that is related to these books include:

In closing I want to echo Mike's sentiments: we miss you Kate!


Random Thoughts. This entry has two fuzzy objectives: (1) a warm-up exercise for some work that I need to get done, and (2) fill in missing pieces from the previous entries.

As-Is and To-Be. One mistake I see in one project after another is the quest to document existing systems before defining its replacement. Here are some rules-of-thumb that I use to determine whether or not the 'as-is' analysis needs to be performed. If:

  • The new system (or business process) represents a revolutionary approach (completely toss out the old for something radically different), the 'as-is analysis is wasted effort. Reason: If conditions and requirements have so changed that a revolutionary approach makes sense the last thing you want to do is replicate old methods and processes in the new system. A better approach is to elicit and prioritize requirements for the new system, and these requirements should reflect business functions and imperatives that are driving the need for a revolutionary approach. In other words, approach the requirements phase within the context of business rules and features/functions that are required. If you approach it this way you'll be getting a fresh perspective and making a clean break from the past. Of course, there are technical aspects that need to be analyzed, such as system interdependencies, data structures, operational requirements and the such because rarely will an old system be tossed out and a new one magically take its place. Therefore, the 'as-is' analysis will support requirements for data conversion, batch job synchronization and comparing resource requirements between the old and new system (impact on network, service levels and up- and down-stream systems that will remain).
  • The new system (or business process) is evolutionary (i.e., process improvement, upgrade, etc.), then the 'as-is' analysis does need to be performed to determine how to best improve processes and the way upgrades will require changes in processes or infrastructure.
Considering that many projects are revolutionary in nature time, resources and money are wasted documenting something that is being replaced.

Another fallacy is to document the status quo in preparation for a brand new system or business process. Don't waste your time - it only provides revenue for consultants. The time and money are better spent on tracing requirements to business imperatives and going forward from there.

One other fallacy is to spend time developing documentation for systems when commercial documentation is available. During one engagement I was tasked with writing database administration policies and procedures. At my billing rate the final product ran into the tens of thousands of dollars. Aside from the fact that the document shortly became shelfware, the client could have purchased any of a number of excellent books in the $40-60.00 price range, and decreed that the procedures contained within were to be followed as a matter of policy. Selecting and recommending the best book from the many that were in a local book store would have saved a significant amount of money. Even better would have been to ask the DBAs to agree on the best commercially-available book and use it. The sorry fact is that, as I write this, there are consultants who are developing UNIX, Oracle and [pick your favorite application, database or operating system] documentation when excellent books may already be available.

Learning to Think. The point to the above is that thinking is required. Not problem solving - thinking in a critical manner. Question the status quo and don't be misled by misdirection, fallacious arguments that have logical flaws or appeal to emotion. Perform a mental sanity check on approaches that are normal practices, but waste resources and shareholder value. A few months ago I read a book titled Turning Numbers Into Knowledge: Mastering the Art of Problem Solving. I was expecting a book about quantitative methods and advanced problem solving techniques. What I got, instead, was a book that didn't even discuss numbers until page 111 of a 221 page book, and it was lite on problem solving techniques. Although it was not what I expected it turned out to be one of those rare books that deeply influences and provides fresh perspectives. The book led me on a journey that broke the process of critical thinking into manageable steps. Among the things I learned were:

  • Examine key factors, such as information, attention and action within the context of a cycle of actions that begins with goals, and moves through execution, how events in the external world influence the meeting of those goals, an evaluation and refinement of goals. Then the process starts anew.
  • Structured methods for getting organized. The techniques given are simple, yet powerful.
  • How to collect and critically analyze data and information, common fallacies and how to spot them. Two of my favorite parts that reinforce these are then single-page chart titled "What Scientists Say, and What They Mean", and Chapter 20 (Uncertainty Principle and the Mass Media).
  • The straightforward process of numerical analysis, using relatively simple math techniques to make sense of numbers and turn them into knowledge, is priceless. What makes this part of the book valuable is that the author integrates the preceding chapters that lead you to a critical thinking mindset with common sense and techniques that are within the grasp of high school students. It looks easy, but is testimony to the author's exceptional ability to communicate and inspire.
Overall this book is one of my personal favorites and one that I recommend to colleagues. Another book that complements this one nicely is Systems Thinking: Managing Chaos and Complexity. See Kate's 22 March entry for details about this book.

On that note I am officially starting my workweek. Best regards from Tustin, California.

Sunday, May 12, 2002


More Project Management Resources. In response to my 9 May entry a few readers recommended the following books, none of which I've read:I have read and reviewed the following books, which I think are important:Late Note 09:06 12 May. For work breakdown structures, as well as general functional decomposition an inexpensive product called B-Liner will simplify what is an onerous task. The web site for this application also has interesting tutorials about work breakdown structure development and project scheduling, as well as how B-Liner can be effectively used.


Kate's Influence. Although Kate Hartshorn is engaged in other endeavors at the moment and won't be contributing her insights, her influence here has been significant. I am going to attempt to address topics that are in her expertise domain, but more importantly, want to assure everyone that she's doing exceptionally well. If you enjoyed her contributions here and want to show it, you can always surprise her with something from her wish list. Who knows, it may hasten her return.

Among Kate's areas of expertise are copyrights, trademarks and intellectual property. I've collected a number of books and software applications that either explain these important topics or assist in the management of the underlying processes, or both. For background material for the following software applications I strongly recommend that you read CyberRegs: A Business Guide to Web Property, Privacy, and Patents by Bill Zoellick (see Kate's 8 November 2001 review on Amazon for why this book is important) and Cyberlaw and E-Commerce by J. Carl Poindexter and David L. Baumer (see my 18 April 2002 Amazon review for details). These two books will give you the fundamentals of copyright and trademark law in particular, and the much larger picture of intellectual property in general. If copyrights or patents are topics of interest, then you'll want to consider one or both of the following software applications:

  • Official Copyright Software 1.53 by Official Software, LLC. This application makes applying for copyrights as painless as possible (the process will still be painful regardless, but at least you'll be avoiding a large portion of it). This package shields you from the legal mumbo jumbo and leads you through an interactive process of applying for a copyright. It does this using an interviewing process and assists with the completion of the following forms: PA, PA/S, TX, TX/S, VA, VA/S and Form SR, all of which are important and all of which can be completed interactively on your system. You also get Form CA for Corrections & Amplifications, and Form CON Continuation Sheet in the package.
    It also gives key information from Copyright Office circulars to assist you when filling in the form fields, and this is why your finished forms should be checked by an attorney before submission. The value of this program is that you can save many hours of expensive attorney time by doing the up-front work, which will minimize the legal costs of preparing and submitting a copyright application. As an added bonus this program also provides advice about how to use the copyright. The publisher also has specific online forms that can be used with this package that cover everything from music to architecture.
    It also covers copyrights for online works & websites.
  • Official Trademark Software 1.0, also by Official Software, LLC. It uses an interactive interviewing function to step you through the trademark process. The function selects the correct forms that you need, and identifies the classification under which you need to file and lets you know what needs to be included in the submission package.
    It also comes with editable forms from the USPTO, and advice (also from USPTO) for filling in the forms. As you fill in the forms using the interactive interview process you'll be building your submission package. The program also does online searches to ensure that your trademark is available.
If you're interested in both copyrights and patents, you can save by purchasing Official Intellectual Property Suite, which is both of the above programs bundled together. I want to add a caveat - these products allow you to do a lot of the groundwork yourself, but do not replace professional advice of an attorney (I am NOT an attorney, but certainly know better than to wade into shark infested waters without the benefit of legal advice).

If you do web or software development, or contract for these services, you'll greatly benefit from Web and Software Development: A Legal Guide. This book/CD ROM combination covers intellectual property from a developer's (and buyer's) perspective. It is both a tutorial in the basics and is filled with useful advice about all relevant issues, including employee and contractor agreements, trade secret protection, copyright rights (assignment, ownership and related issues), and how to protect all parties in a fair and equitable manner.

It covers contemporary issues such as domain names, web content and multimedia, making it especially useful to technical and non-technical readers.

In addition to clear explanations of complex topics and sound advice, this book comes with a CD ROM with a wealth of forms in RTF format (which can be edited in Microsoft Word and most other word processing programs). These 30 forms cover employee and contractor agreements, software and web development agreements, nondisclosure agreements, copyright assignments and license agreements and how to handle publicity releases and promotional materials in multimedia format. The latter is particularly challenging because not only are names involved, but photos and often voice and video files for which you need permission to use if you don't own it or it becomes a privacy issue. If you perform or contract for web or software development, including content, then you need this book.

If you're only doing software development, a better book is Copyright Your Software because it focuses solely on what you need to know about software copyrights and how to go about obtaining one. In addition to covering the basics of copyrights, you're shown how to sell copyrights, what to do in the event of infringement, and the limits of protection that a copyright affords you. Note that patents offer much stronger protection. This book comes with the following forms:

  • Copyright Application for Software (Forms PA, VA and CA, Request for Special Handling, continuation forms, search request forms and cover sheets that are explained in the book and are required to file for a copyright.
  • Eight sample forms in electronic format that are covered in the book.
The book is up-to-date (published in late 2001), easy to read, especially considering the thorny legal issues involved, and is complete enough to assure some degree of due diligence when researching copyright issues and making business decisions based on that research.

It's not enough to know how to protect your own work, you also need to know how to get permission to use the work of others, which is increasingly important in view of the issues surrounding deep linking and related challenges in a world where a simple HTML tag to someone else's work can bring legal problems. Getting Permission: How to License and Clear Copyrighted Materials Online and Off provides expert guidance that covers how to obtain permission, copyright research, what constitutes fair use, and how to legally use trademarks.

The book also clarifies the definition of "public domain" and what needs to be in a license agreement.

What makes this book especially valuable is that it comes with 32 forms that range from standard photo use and test use permission to linking agreements, interview releases, art for hire and more.

The other side of obtaining permission is controlling permission. We've all signed a nondisclosure agreement at one time or another, but did we understand what we were signing? Another gap is making presentations or providing information that discloses trade secrets, or business-sensitive information that you should be protecting with a nondisclosure agreement. Nondisclosure Agreements: Protect Your Trade Secrets and More covers the topic of NDAs as they are affectionately called in detail. This book explains how to protect you from both employees and competitors, as well as from potential business alliances (contractor/subcontractor, suitors in a merger or acquisition to whom you expose sensitive information, and clients to whom you make presentations and reveal processes and other sensitive information).

Key topics of importance that this book covers include:

  • How much protection an NDA affords you.
  • Remedies available to you in the NDA is violated.
  • Alternatives to NDAs.
It also covers non-compete agreements and their limitations, especially in certain states, and gives example NDAs for specific situations such as beta testing, customer data, etc. The accompanying CD ROM provides fifteen sample forms that can be used with little or no modification (although I recommend that all be checked by an attorney who specializes in intellectual property law and is familiar with nuances of the law in your state).

We're almost coming full circle with NDAs, because the next natural topic is privacy. Kate reviewed Secrets and Lies: Digital Security in a Networked World in 8 November 2001 that I thought was far more cogent and insightful than the 3 January 2001 review that I wrote. If you want to read a book that examples the technical and human aspects of security, this is the best there is. It certainly addresses privacy issues, but that isn't the main theme of the book. A better book on threats to privacy is World Without Secrets: Business, Crime and Privacy in the Age of Ubiquitous Computing, which Linda reviewed on Amazon on 21 April 2002. Where Secrets and Lies covered the social and technical issues, and took a threat identification and risk management approach, World Without Secrets is more focused on social issues surrounding privacy.

Matt Curtin is the author of a book titled Developing Trust: Online Privacy and Security that blends the best of Secrets and Lies and World Without Secrets. This book examines the social, legal and technical issues surrounding online privacy. Not only is the consumer side of privacy examined, but the business side from a marketing point of view is also discussed to present a balanced view of the key issues from both sides of the equation.

Mr. Curtin is an expert in privacy and security issues, as well as cryptography and security technology. The approach he takes in the book is to explain both the theory and concepts of privacy in social and legal contexts, and to examine the threats and exposures. From there he leads you through the design of a solution that starts with principles, then a thorough examination of the underlying online technologies and how they work for and against you. An obvious example of one technical element that works for and against is the 'cookie' which can provide a major convenience (it remembers you and your preferences) and an invasion of your privacy (it remembers you and your preferences - and can also 'stalk' you in a manner of speaking). How to best balance the strengths and weaknesses of not only the technology, but the business imperatives driving commercial uses of the internet are addressed.

This is an important book and earns a solid place alongside the popular Secrets and Lies, and the newer World Without Secrets.

Kate, we miss you.