Development with seatbelts controlling reqts risk
Sponsored Links
This presentation is the property of its rightful owner.
1 / 27

Development with Seatbelts: Controlling Reqts Risk PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

Development with Seatbelts: Controlling Reqts Risk. David Gelperin ClearSpecs Enterprises [email protected] Controlling Reqts Risk 1. Reqts Risk 2. Risk Mgmt 3. Safety Tactics. Reqts can be Dangerous.

Download Presentation

Development with Seatbelts: Controlling Reqts Risk

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Development with Seatbelts: Controlling Reqts Risk

David Gelperin

ClearSpecs Enterprises

[email protected]

Controlling Reqts Risk1. Reqts Risk2. Risk Mgmt3. Safety Tactics

Reqts can be Dangerous

  • Fred Brooks is still right: The hardest single part of building a … system is deciding precisely what to build

  • Arthur Schlesinger is right: … the possibilities of the future are more various than the human intellect is designed to conceive

Reqts are Dangerous



Reqts Risk

Risk: potential cause of significant harm or loss

Synonyms: danger, hazard, peril

Stakeholders Risk

Implementation Risk


Process Risk

Change Risk

Resources Risk

Defects Risk

Who’s in Peril “from”?

Danger, Will Robinson

  • Project Estimator

  • Product Architect

  • Functional Designer

  • Product Tester

  • Product Developer

  • Documentation Author

  • Product User

  • Bystander

  • Product Customer

6 Types of Reqts Risk

“to” risk

Stakeholders Risk: potential for seriously defective reqts info rooted in inadequate understanding, involvement or inappropriate behavior

Process Risk: potential for seriously defective reqts info rooted in inadequate reqts dev or mgmt processes

Resources Risk: potential for seriously defective reqts info rooted in inadequate time or tools

“from” risk

Implementation Risk: potential for significant problems in implementing a set of one or more good reqts

Change Risk: potential for significant harm or loss rooted in rapidly changing reqts info

Defects Risk: potential for significant harm or loss rooted in defective reqts info

Are Good Reqts Possible?

Some (e.g., in the agile community) believe that large-scale reqts cannot be done effectively – and they may be right. History provides strong evidence for this view.

A different interpretation of history is that just doing the basics is not enough. Proactive mgmt of reqts risk must be included.

Controlling Reqts Risk1. Reqts Risk2. Risk Mgmt3. Safety Tactics

Risk Mgmt is Project Mgmt for Adults

An almost defining characteristic of adulthood is a willingness to confront the unpleasantness of life, from the niggling to the cataclysmic. … You have to face up to unpleasant realities. That’s what it means to be a grown-up.

DeMarco & Lister

SEI Continuous Risk Mgmt

Process includes:

  • identify risk factors i.e., risks, indicators, and root causes

  • classify, assess and prioritize factors

  • develop and executearisk management strategy

  • monitor factors and strategy

  • adjust strategy, journaling causes and adjustments

  • communicate activities and results

Project Risk Factors


  • Sponsors

  • Management

  • Support

  • Skills

  • Head count

  • Under-performance

  • Politics

  • Conflict


  • Requirements

  • Design

  • Interaction with environment

  • Innovation

  • Scale


  • Schedule

  • Budget


  • Turnover

  • Scope creep

Controlling Reqts Risk1. Reqts Risk2. Risk Mgmt3. Safety Tactics (48)

Categories of Safety Tactics

  • Avoid reqts-based failures

  • Mitigate impact of reqts-based problems

  • Minimize reqts-based problems

  • Monitor reqts status

  • Staff for reqts development

  • Plan for reqts risk mgmt

  • Prepare for reqts risk mgmt

  • Compensate for reqts-based problems

Thinking Outside the (Reqts) Box

1. Avoid Reqts-based Failures

  • Reconfirm reality and satisfiability of stated needs

  • Triage and prioritize reqts

  • Manage customer expectations

  • Reconfirm project feasibility

  • Identify and resolve conflicts early

  • Commit incrementally

2. Mitigate Impact of Reqts-based Problems

  • Require frequent demos of understanding

  • Decouple vision from build

  • Prototype unfamiliar functions and interfaces

  • Build in multilane cycles

Mitigation saves money (by definition)

3a. Minimize Comm Problems – part 1

  • Maintain a climate of personal safety and respect

  • Use rich definitions

  • Use algebraic formulas rather than “magic numbers”

Personal Safety and Respect

Acknowledge personality types

No fear of disrespect or reprisal


  • truth telling

  • voicing concerns

  • “don’t knows”

Derived Conditions (modified nouns)

Derived conditions name collections of one or more logical expressions (joined by ANDs and Ors)

potential customer =

bought-many-services or

bought-services-A-and-B or


bought-many-services =

total-invoiced-service-types > 5

bought-services-A-and-B =


and invoiced-for-service-B

bought-a-lot-of-service-C =

invoiced-amount-for-service-C > $500,000.00

Project Glossary

Rich Definitions

Nouns [unmodified]

(customer, service)

Entity profiles

Modified Nouns

(order for service, satisfied customer

potential customer)

Related entities

Quality profiles

Derived values

Derived conditions

Verbs, Post-modified

(identify customers)

Action contracts

Derived tasks

Verbs, Premodified

(accurately identify, reliably process)

Quality profiles


(accurately identify potential customers

for our new web-based order

management system)

Event profiles

Common Definitions

Plain definitions


Algebraic Formulas


TCAS shall provide collision avoidance protection for any two commercial aircraft (excluding the Concorde) closing horizontally at a rate up to


( = 2 max-air-speed; currently max-air-speed = 600 knots)

and vertically at a rate up to


( = max-control-descent + max-climb;

currentlymax-control-descent = 5000 fpm

and max-climb = 4000 fpm)

3a. Minimize Comm Problems – part 2

  • Create user personas

  • Clarify with examples and measures

  • Structure information with spec patterns -- avoid text blocks

  • Picture reqts info

  • Capture context

Structure Info with Models


  • Inter-actors

  • Boundary data flow

  • Interfaces


  • User Stories

  • Use Cases

  • Usage Scenarios

  • Acceptance Tests


  • Decision Tables

  • Trigger-Response Tables

  • State Transition Tables

Picture Reqts Info

  • Diagrams

    • entity

    • entity-relationship

    • concept maps

    • reqts graph

    • usage context

    • usage

    • scenario

    • collaboration

    • sequence

    • activity

    • state

  • Mockups

    • screens

    • data displays

    • reports

  • Simulations

    • process flow (scenario)

    • screen flow

Now What?

Goal: Reduce reqts-related risk by changing stakeholder understanding and thereby behavior

  • Question -- Are your reqts info and process satisfactory? How do you know?

  • Learn (and remember) how to accurately forecastdanger (i.e. what to fear)

  • Use relevant tactics to develop your RRM strategy

  • Monitor reality and adjust

BUT, it won’t be easy

Risk management is the least practiced of all project managementdisciplines across all industry sectors, and nowhere less applied than the IT industry.

Robert Charette

quoting a PMI study


technical papers at


questions and comments to [email protected]

  • Login