Effective Software Development ProcessWritten by Blane Warrene
There is never a guarantee of project success when endeavoring to build a sophisticated application. However, there are established steps to follow that will ensure a clear, concise scope, support for team involved, and a solid opportunity for successful deployment. Previous experience has shown many project and technical teams that keys to failure can be as follows: * Lack of senior management support and business planning. * Lack of clear and detailed design specifications. * Lack of functional specifications which read as a handbook reference for technical team involved to start writing code. Writing Your Declaration of Dependence A project always starts as an idea which generally provides a solution. Often these are drummed up in brainstorming sessions and scratched out onto legal pads or napkins. It is this step which leads to your project charter, or your declaration of dependence. The key in this phase is to include, from start, all parties involved, including most senior managers impacted by this effort. This means technical team, development manager, project manager, business representatives from impacted departments, and preferably, CIO and a non-technical senior management representative. By utilizing this group in developing charter, there is unity in business plan mission for project from beginning. This is also opportunity to better understand lifecycle on business side for developers and for developers to articulate process they go through to build solution. This provides a forum for business users to discuss processes they use or would use in this application, giving some insight, perhaps, into interface design and application flow. Additionally, technical team can present process for moving from design specification to functional specifications to a test-ready application. A process should also be agreed upon for ongoing status reporting and future resources which will be needed, such as quality assurance staff and alpha/beta testers. Depending upon timeline, these resources may need to be identified and notified at this stage for budgeting and scheduling purposes. This completed document defines entire scope of your project, its mission statement, supporters, reporting processes and ultimate end result with broad timelines. It also clearly reflects interdependencies required to successfully complete initiative. Business Requirements This standard accepted process needs little explanation. However, it is step which will enable technical team to develop design and functional specifications we will discuss later. Most important is to ensure this document is written in user-friendly language and format. This is also document to build your projects glossary and definitions document. It enables a final review of scope by team that built Declaration of Dependence to ensure all aspects are covered before process moves forward to design specifications. It is also important to avoid including design elements in this document. For example, if a data mart will be built and accessed via this application, it is important to define definitions of a record, but not to define field structures, data types and naming conventions. This document will produce necessary definitions of business processes and needs to identify hardware and software specs, as well as components and elements needed inside of design specification. Design Specifications Design specifications are "meat and potatoes" of project for technical team. This is where major system goals will be established and will very likely sound similar to mission statement implemented in Declaration of Dependence or charter. Several reviews of charter and business requirements by technical team will lead to an introductory high-level technical document which ties systems, components and modules, and database needs to business processes and tasks in proposed application. Top Level Design This should be capable of technically describing and defining application without necessarily specifying underlying language to be used. Additionally, this is where all challenges should be identified: * How is overall application to be organized? * Are all systems and sub-systems clearly noted and defined? * Have all functions been defined for component development? * Have all data definitions been converted into data structures and types? * Are there existing systems which can be leveraged for some of this application, or is it 100 percent original development? * What will be built and what will be bought? Cost analysis of components required versus available commercial components. * Limitations of internal resources. * Interfaces and systems outside of internal control, which impacts future change management and application updates.
Information Security PolicyWritten by Blane Warrene
Businesses that do not have clearly written Information Technology security policies and practices in place run risk of being named in legal actions in very near future. Although no current court cases exist, many security experts are warning that if you lose or expose confidential business or customer data, unknowingly distribute viruses or experience a breach of your systems that results in loss of service to your customers, you could be found liable. Computer and network security used to be concern of only largest corporations. Now, however, with high availability of networks, web hosting and Internet applications to even smallest office, tide is turning. Today, a small business with two employees can construct an economical network, share a cable modem and purchase a firewall, which enables remote access using a Virtual Private Network (VPN). This is also a double-edged sword. This new "high availability" has also born a vast breed of crackers.* These individuals can find ways to access, steal and/or destroy data residing on public and private networks. Starting th Process The key to establishing these policies and practices is to not be overwhelmed by complexity of process. Start by taking inventory of your systems, connections to Internet and external providers, method in which you store data and method in which you secure and backup data. During this documentation process, you can identify clear procedures for handling and transfer of this data, as well as new security measures you can use to show due diligence in addressing any potential security risks. The Basics Even smallest network should adhere to following: Never use a computer system for both personal and business use (i.e. family uses for fun, but business is also processed on machine). This is an immediate risk to public disclosure of confidential information and accidental loss of data.