Thursday, April 25, 2002
Posted by Anonymous
10:23 AM
In my entry in Notes from the Field today I discussed privacy as it related to presence and availability management. If you read my 25 April entry there you'll see initiatives sponsored by IETF IMPP Working Group and the Presence and Availability Management Forum. Those are not the only two groups that have emerged with privacy-related initiatives and proposed standards. An article titled Implementing privacy/preference policies with P3P introduces the W3C standard titled Platform for Privacy Preferences (P3P). This is an XML standard that describes the privacy and/or user preference policies for a Web site. Personally I applaud the recent activity by these groups to establish standards to assure privacy - something that may be sorely missed if the Liberty and Passport factions proceed unchecked.Mike and Linda frequently write about the ITIL, service delivery and related topics. Until I joined TEAM Zarate-Tarrani my career path was a straight line in the knowledge management and competitive intelligence areas. Since joining the team I've been more involved in the service delivery domain, and it turns out to be a natural fit. Two documents that gave me the points of reference I needed to change direction are Delivering High Quality Service, which explains the goals of the International Service Management Forum, and a PowerPoint presentation on the ITIL essentials. Where my skill base allows me to fit in and to grow as a service delivery professional are the direct connection between managing knowledge and providing support services, and the process analysis and reporting that service level management requires. The latter is similar to competitive intelligence, with the difference being my information gathering and assessment activities will be directed inward towards the service delivery process. In addition, my competitive intelligence background will serve me well in benchmarking to best practices and the security knowledge areas of the ITIL.
An example of how competitive intelligence relates to service delivery is shown in eShopper Modeling and Simulation. This paper is a classic example of the grey area between competitive and business intelligence, but is also an approach that a skilled service delivery professional would take in establishing business patterns that can be used as the basis for service level objectives. Another example is a typical source document that a competitive intelligence specialist would use: Understanding Web Performance. Yet another competitive intelligence source document that is as applicable to service delivery as it is to surveying best practices and trends is Strategy for Exploiting Improvement. The bottom line is that it's not a great leap between the skills and experience I've accured and those that I'll need to perform effectively as a service delivery professional.
Posted by Mike Tarrani
7:26 AM
Ending Notes: Project Management. My last two entries covered various aspects of software project management. I'll end the series (which didn't start out as a series, but managed to become one anyway) with these documents:One of the best books, in my opinion, on software project management is Software Project Management: Unified Approach by Walker Royce. This book is especially valuable if you're using the Rational Unified Process, but will be applicable to any software development project regardless of methodology. My only complaint about the book is the way it addresses work breakdown structures, but I'll go into that particular issue in a future entry in the form of a book review.
Wednesday, April 24, 2002
Posted by Mike Tarrani
3:57 AM
More on Project Management. In my last entry I shared documents that will pave the way to sound software project risk management techniques. In this entry I have documents to share that will further strengthen the foundation of software project management. The context for software projects can be captured in software development rules of thumb and software project success factors. These two documents can effectively serve as primary guidelines for all software projects, and if followed will increase your awareness of what does and does not work. Another document that every project manager should read is Prevent Software Project Surprises. This document ties back to my previous entry about project risk management. Forewarned is forearmed.A good article on the basics of estimating is Unreasonable project estimates: Find the cause, effect a cure by Kurt Linberg (he has authored other project management articles that are well written and hit the mark).
Project management consists of planning (includes estimating), scheduling and control. Success is measured, and for scheduling the document on team-driven scheduling metrics provides sound advice on what needs to be measured. Additional resources on risk, scheduling and control can be found on our old project management newsletter site. This page is no longer updated, but contains a wealth of valuable information.
Tuesday, April 23, 2002
Posted by Mike Tarrani
9:48 AM
Project Risk. Managing software project risks is often discussed, but too often misunderstood. One of the unfortunate problems is that IT professionals side-step the math and assign arbirtary ratings that have no basis in reality. The net result is miscalculated risks with no quantifiable impacts. A starting point is to brush up on probability, and Simple Measures of Success will step you through the basics. This Word document not only covers the fundamentals of probability, but also covers statistical process control charts.After you get up to speed with the relatively simple math, What is Software Risk Management? will nudge you towards applying it in a practical way. The finishing touch is the theme of Software Project Risk Management Practices. These documents will give you the foundation, and are also consistent with project risk management processes that are set forth in the Project Management Body of Knowledge for those who are either certified as a Project Management Professional or pursuing that certification. The material is also consistent with practices used in the UK project management standard, PRINCE2, in addition to suporting requirements of the Capability Maturity Model.
Posted by Mike Tarrani
12:47 AM
Wrap-up. I'm going to wrap the security thread with a PDF presentation on risk analysis. The author of this presentation is Thomas R. Peltier who wrote Information Security Risk Analysis. Linda reviewed this excellent book on Amazon on 25 September 2001, and I reviewed it on 22 April 2001. Read what we had to say - if you're interested in risk analysis from a security perspective this book is worth reading.Shifting Gears. I have two documents that address software project management and software quality management. They're short, to the point and worth sharing with colleagues.
Sunday, April 21, 2002
Posted by Mike Tarrani
11:50 PM
Back to Security. I'm going to sidestep Linda's challenge to continue the ISO thread and refocus on security. I have documents to share that cover two important topics:- Access Controls
- Assurance and Metrics