The Traceability Matrix – hard to trace and seldom understood

Posted on April 25, 2013 by Sri Prakash 2 Comments ↓

By Sri Prakash : April 25, 2013

“The thoroughness of a Traceability Matrix is a key predictor of project success” (in my opinion).

Now before we go ahead, let us sensibly assume for a minute that success to you and me is hearing the customer say “Wow, this is exactly what I asked for” versus “this is nothing like what I asked for”.  And let us assume that project success is our goal.

Not having a Traceability Matrix during the life of a project will in all probability end up in a situation easily explained by the graphic below.

Traceability Matrix - by Sri PrakashIn spite of every software engineering methodology, framework, and ‘best practices’ guide underscoring the importance of a Traceability Matrix – it is still missing in most projects.

So what is the Traceability Matrix and why do unsuccessful projects almost always not have one?

The answer is simple – it is seldom understood and so is never put together.

 What is a Traceability Matrix?

It is a table that represents the cross-linkages between User Requirements and all the other system elements that are produced towards meeting the user requirements.  The table below illustrates what a typical Traceability Matrix looks like.

Sample Traceability Matrix - by Sri Prakash

The above Traceability Matrix establishes the traceability links between the following three system elements:

  1. User requirements,
  2. Functional requirements, and
  3. Test cases

The traceability links in the above table can define:

  1. one-to-one,
  2. one-to-many,
  3. or many-to-many relationships between the three system elements.

What are the benefits in using a Traceability Matrix?

By now you’ve probably already guessed the obvious advantages. But let’s list some of the obvious ones:

  • You can at a glance tell which test cases need to be executed if there is a modification done to the application on the “FN38: Edit a customer”.
  • You can quickly assess the magnitude/impact of a change made by the user to “UR-013 Maintain Customer Information
  • You can quickly tell how long the testing phase of the project is going to last
  • If a test case failed, you can quickly see the impact on the overall user requirement.
  • You can easily tell which functional area a test case is relevant to
  • If there is a change to a functional requirement, you can tell the impact it has on both the user requirement and test cases that are relevant to it. The traceability works both ways.
  • And best of all, it’s a quick way to verify user requirements against actual functionality that you plan to deliver – no nasty surprises at the end.

Key next steps for you as a project stakeholder / customer:

  • Ask your project manager for the Traceability Matrix.
  • Make sure you can identify each of your requirements in that document.
  • Make sure that there are system elements corresponding to each of your requirements during all phases of the project – i.e. analysis & design, development, and testing

Thank you for taking the time to read this post. You can find other posts on my blog related to project management and software engineering.

Feel free to get in touch with me for any help on your projects.

Tagged with: , , ,
Posted in 3. Project Management, 4. Software Development

Connecting the iPad to a TV

Posted on April 11, 2013 by Sri Prakash 1 Comment ↓

By Sri Prakash, Program/Project Manager – E-Com Canada Inc.

A lots of us would like to watch the  videos we view on our iPad on a larger screen i.e. our TV. So how do you get your iPad to display on your TV.ipad to tv connection A

Its as simple as buying the Apple Lightning Digital AV Adapter. It costs $49 on the Apple store.

Steps to connect your iPad to your TV:

  1. Ensure your TV supports HDMI i.e. has an HDMI input
  2. Buy the Apple Lightning Digital AV Adapter
  3. Connect a standard HDMI cable (not provided with the Apple adapter) from the Apple Adapter to your TV
  4. Connect the short cable that is part of the Adapter to your iPad lightning connector
  5. Set-up your iPad video options to output to your TV – and away you go!

ipad to tv connection B

If you found this post useful, you may also be interested in my post on the iPhone 5.

Tagged with: , ,
Posted in 1. New Technology

Big Data – the good, the bad, the ugly

Posted on April 4, 2013 by Sri Prakash Leave a comment ↓

By Sri Prakash, Program/Project Manager – E-Com Canada Inc.

There are reams being written about the benefits and advantages of big data. And I am not disputing any of that. As a Big Data practitioner I don’t need to be sold on Big Data.Big Data Hoarder Inc

However, Big Data is a Big Gun. Its benefits are best realized when it is put into the right hands. Having said that, you probably have already guessed that there is an ugly side to it.

One of the biggest challenges is going to be the fact that a lot of  this unstructured data is in the public domain. This data is being freely funnelled via big data engines into data warehouses that can be used to answer  questions we never previously dreamt could be answered. This data is now going to be available to even those who should not know the answers to some of these questions. It is also going to be available to those who want to know answers to questions that are not in the best interests of society at large. Simply put, big data can be powered for both good and for bad. And fortunately, or unfortunately, the potential to do both good and bad is exponentially high.

In the old world, where Business Intelligence was limited to trend analysis and forecasting etc. and was being generated from an organization’s own historical data carefully collected over the years into a data warehouse, the benefits while being relatively good were rarely ever earth shattering. But in today’s world, where data is a commodity being churned out by just about every street camera, traffic light, goods on a store shelf, field sensors,  mobile phones, electricity meters, trains, buses, and air-planes to name a few, the data is no longer under lock and key – most of it is available to anyone in the public domain to harness. What does this mean? We are rapidly spawning a new class of data gatherers – I call them  “data hoarders”. And not all of these data hoarders could be legitimate operations. They could be operating in the grey and black markets since some of their data may be collected using less than legal methods. This data  will then be sold and resold to anyone and everyone who wants it – no questions asked! Their customers may not just be your business competitors; they could be criminals, rogue states and just about anyone with an agenda that is ugly!

If you enjoyed this post, you may like my other post on “Big Data Architecture“.

Tagged with: , ,
Posted in 1. New Technology, 2. Social Media, 6. Big Data, Risk Management

Buying Software? Vendor Ownership Structure can be a dead give-away

Posted on March 28, 2013 by Sri Prakash Leave a comment ↓

By Sri Prakash, Program/Project Manager – E-Com Canada Inc.

When shopping for enterprise software, glitzy product presentations, lots of sales talk, and left behind swagger can often cloud the buying decision. One of the key criteria to base your purchase decision should be the product’s history and more importantly the product’s future. This is almost always influenced by the ownership structure of the vendor’s organization. I want to share with you one of the ways I look at vendors.

Is the organization public or a privately operated entity? This attests to the size of the company, gives you insights into the long term strategic vision of the company, culture, a truer picture of profitability.  Larger publicly listed software vendors like IBM, SAP, Oracle, Microsoft etc. are generally safer bets and there is really no point in reviewing this aspect of the vendor.

In general, a software company that is funded by a private equity firm with little or no interest or experience in the software industry does not bode well for the company and indirectly for you as the customer; it is usually a target for a sell-off. The private equity firm merely tidies up the company (viewed as an asset) from an operational perceptive, makes the books look good, and flips it to the first bidder who makes a decent offer.  Such an organization will have little or no strategic objectives as far as product positioning or customers satisfaction are concerned.

Software Vendors come in all flavors

If it is a privately held company, with the founder playing an active role in the organization, talk to the owner/s, and get an understanding of what drives them. Look for the signs, and carefully review the history of ownership of the organization. If ownership has changed hands a few times, then that is a sign of trouble. The product will generally be a mish mash of ideas and technologies that you would not want to build your business around.

If the product owner is a reputable / large company but the product was a recent acquisition by way of a buy-out, then that spells trouble too. Such products are usually bought-out with the intention of acquiring the customer base. The new owners will in all probability let go of all the staff of the company they acquired, and eventually phase out the product / kill it.

The ownership structure of the company and the product history within that company are a usually a dead giveaway and will give you an excellent idea of the future of the product you are planning to acquire. So never be wowed by the figurative bells and whistles. Look deep, ask the questions, and find the story.

If you enjoyed this post, you may like my other post on “Risks associated with Open Source Software“.

Tagged with: , , , , , , ,
Posted in 3. Project Management, 4. Software Development, Risk Management, Uncategorized

Selling Security in the Boardroom

Posted on March 9, 2013 by Sri Prakash 1 Comment ↓

By: Sri Prakash
Date: 9th March, 2013

CIOs are often shy of bringing information / data security as a topic for conversation in the boardroom let alone ask for funds. This is partly for the fear of having a non-participative audience, or being a solo-act, or simply because they don’t know how to convey the issue in a manner that translates into business value.

Nevertheless, information security is a risk that cannot be brushed under the rug; it is no longer a small ticket operational budget line item nor is it solely an IS responsibility. Given that information today is an organization’s largest asset, and the threat to it is continual and very real, CIOs have a duty to bring the cost of protecting it to the forefront.

You and I as technology leaders know the threat is very real and that the damage from an incident can have mind numbing ramifications with our customers and stake holders. So how do you go about convincing the board for funds to tackle cyber security issues?

The answer is in a few Dos and Don’t s.

Do…DOs by Sri Prakash

  • Do talk to them about the business
  • Do translate current efforts into business value
  • Do talk to them about what your competitors are doing
  • Do tell them about how much spending is enough
  • Do share “incident” counts BUT in a comparative context (year over year)
  • Do share security metrics in Business Terms
  • Do demonstrate how security initiatives tie back to Business Vision and Strategy

 Don’t…DONTs by Sri Prakash

  • Don’t talk to them about technical Security Metrics
  • Don’t talk to them about the details of the measures you have planned
  • Don’t talk to them about “no amount is good enough”

If you follow the above steps, you are more likely to have a receptive board that is more ready to invest more in security.

Tagged with: , , , , , ,
Posted in 3. Project Management, 4. Software Development, Risk Management, Uncategorized

Google Glass 101 – what you should know

Posted on February 22, 2013 by Sri Prakash 1 Comment ↓

What is Google Glass?Google Glass
It is the outcome of Google’s effort to develop an augmented reality head-mounted display (HMD) named Google Glass. It is developed by Google X Lab, a secret facility run by Google thought to be located somewhere in the Bay Area of Northern California.

What will it do for me?
It will allow you, hands-free interaction with the internet. It will also allow you to capture video (what you see) and use it for a real-time interactive experience with the internet and a live audience. I call that WYSIWGGS “What You See Is What Google Glass Shares”. Remember that I coined that one!

What are its Practical uses?
The uses are limited by your imagination. Wear it to work, school, meetings, playing, watching a show, socializing, the park, the ball game, action adventure – you name it. Whenever and wherever you feel like capturing and sharing the moment with a live audience, Google Glass will help you do that.

  • Home users / surfing the net, research, sharing research, providing live feeds
  • Field news reporters, providing live feeds, better interaction with remote audience
  • Security services, Defence, better interaction with central command stations
  • Medicine – doctors, nurses, volunteers, providing real time support to medical staff in the field
  • Disaster Management – relief workers can work better with a central command station
  • Extreme Sports, live recording

What is Google Glass made up off?
A simple headband / nose bridge to keep it stable on your forehead and face; you’ll feel no more awkward than wearing a pair of shades or seeing glasses. The headband has a HD camera mounted on one side, a microphone, a ear piece, and a 3G /4G based connectivity to the Internet. There will be a small screen that acts as your display.  It will run on the Google Android OS platform.To sum it up, it is basically an interactive computer fitted to your line of sight and allows you to interact by voice commands.

How will you interact with Google Glass?
It is hands-free, and you can interact with the Internet via natural language voice commands.

“OK Glass, take a picture”
“OK Glass, record now.”
“OK Glass, pause recording”
“Find me Times Square”
“What is the weather like in Times Square?”
“Take me to Times Square”

What will it cost you?
Regular users, meaning you and me can get our hands on a pair by end of 2013 for $1,500 a pop.

Subscribe to my blog now to keep up with Google Glass. I’ll be making my next post shortly. Please share this post with your peers.

Tagged with: , , , ,
Posted in 1. New Technology, 2. Social Media, 4. Software Development, Google Glass, Uncategorized

The One-Two-Three approach to developing a Risk Management Strategy

Posted on February 18, 2013 by Sri Prakash 1 Comment ↓

The One-Two-Three approach to developing a risk management strategy:

Why are most risk management initiatives ineffective? Fortunately, there is a single answer to this question. It is because the organization in question does not have a formal risk management strategy.

An organization that has a formal risk management strategy in place is well positioned to review and effectively manage the exposure to and the risks from internal and external sources to its 3 Ps :

  1. People
  2. Products
  3. Processes

The diagram below shows that risks to an organization come from both internal and external sources. Moreover, the risks extend not just to the organization and its immediate customers but also to direct and indirect stakeholders.

Organizational Risks

So where do we start?

Risk Management should start as a project but continue as an organizational process. If you do not have a formal risk management strategy in the organization, consider this a wake-up call. Start simple, start small, and start right.

The One-Two-Three approach to developing a risk management strategy:

ONE – Start a project: Hire a “Risk Management” expert/project manager who has demonstrated experience delivering risk management strategies. You will also eventually need to put in place a risk management database/system to manage and report on your risks; ensure that your project manager has a good understanding of these systems and in procuring and implementing them. Your Project Manager should be able to guide you effectively through steps two and three below.

TWO – Involve your business unit leaders: Involve all business units; this is not a “IT only” or a “manufacturing only” initiative. Risks and risk management affect every department of your organization as well as all of your stakeholders.

THREE – Educate your train your business unit leaders: get educated – ensure that your business unit leaders understand risk management as is relevant to them; for example:

  • Understand what are risks?
  • What is risk management?
  • Who or what do these risks affect?
  • How to evaluate risks?
  • How to quantify risks?
  • How to report risks
  • How to escalate risks?
  • How to mitigate risks?
  • How to prepare for an audit?
  • How to pass an audit?

Your business unit leaders are your champions who will continually reinforce a culture of risk awareness and risk management among your staff. Educating and training them is critical to succeeding in implementing a risk management strategy.

If you found this post useful, and would like to know more and be proactive about establishing a risk management framework for your organization, contact me. My teams have successfully implemented risk management strategies for a number of Canadian organizations. We are positioned to recommend and implement nimble / lite versions of Risk Management Strategies that focus on your specific needs versus a generic and monolithic solution.

Posted in 3. Project Management, PCI DSS Payment Card Standards, Risk Management
Blog Stats
  • 30,292 readers

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 1,256 other followers

Most popular…
Sri on Twitter
Follow

Get every new post delivered to your Inbox.

Join 1,256 other followers

%d bloggers like this: