When security requirements are considered at all during the system life cycle, they tend to be general lists of security features such as password protection, firewalls, virus detection tools, and the like. These are, in fact, not security requirements at all but rather implementation mechanisms that are intended to satisfy unstated requirements, such as authenticated access. As a result, security requirements that are specific to the system and that provide for protection of essential services and assets are often neglected. In addition, the attacker perspective is not considered, with the result that security requirements, when they exist, are likely to be incomplete. We believe that a systematic approach to security requirements engineering will help to avoid the problem of generic lists of features and to take into account the attacker perspective. Several approaches to security requirements engineering are described here and references are provided for additional material that can help you ensure that your products effectively meet security requirements.

This is the last article in this current  “Deep Dive Models in Agile” series and covers Decision Models, which include both Decision Trees and Decision Tables. Decision Models include two RML System models (Decision Trees and Decision Tables) that detail the system logic that either controls user functions or decides what actions a system will take in various circumstances.

The point is, no amount of elegant programming can solve a system problem without someone who understands the overall system architecture, someone who understands how the business works. Attacking systems development without such orchestration, such as one program at a time, will not produce the desired results. That would be like trying to build a bridge without a set of blueprints; it would probably be disjointed and one end would likely not connect with the other in the middle. 

What is Leading with Influence?... It is about the ability to affect the actions, decisions, and thinking of others to accomplish key goals or tasks that you consider to be important. Simply put, leading with influence is about getting people to willingly follow the direction that you provide when you lack organizational authority. It is about leading when you are not in charge. As a Business Analyst, I want delivery partners on a project to follow the guidance I provide without having to demand their compliance.

While BABOK and other sources include Behavioral Characteristics as an essential underlying competency for business analysts, many analysts may have only a vague idea of how it applies to their personal work environment, or even exactly what behavioral characteristics are, so let’s define those first.... The term behavioral characteristics simply refers to an analyst’s workplace ethics and character.