Upload File

2012 icsq ia presentation_20121003

15
Who is at the Helm? An Agile Assurance Case Study A particular instance of Agile Assurance analyzed to illustrate Sustainable Security Practices October 31, 2012 David Brown Peter Woodhull 29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Upload: david-brown-cissp-itil-lean-six

Post on 16-Jul-2015

32 views

Category:

Documents


1 download

Report

Tags:

TRANSCRIPT

Page 1: 2012 ICSQ IA Presentation_20121003

Who is at the Helm?

An Agile Assurance Case Study

A particular instance of Agile Assurance analyzed to illustrate Sustainable Security Practices

October 31, 2012David Brown

Peter Woodhull

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Page 2: 2012 ICSQ IA Presentation_20121003

"The most difficult thing is the decision

to act,

the rest is merely tenacity.

The fears are paper tigers, and the procedures, the process are

their own reward.“Amelia Earhart

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Page 3: 2012 ICSQ IA Presentation_20121003

An Exercise in Contrast

Concepts

Issue Resolution

Evolution of the Analyst

New Techniques

Virtual SSP

Agile Management

Goals

Agenda

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals

Page 4: 2012 ICSQ IA Presentation_20121003

Compare & Contrast

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals

Page 5: 2012 ICSQ IA Presentation_20121003

Key Concepts

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

ownership sustainable

program value

cost, schedule,

capability trade-off

upfront assurancenear real-time

decision support

cross-cutting

concerns visualizationinformation →

decision → action

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals

Page 6: 2012 ICSQ IA Presentation_20121003

Action Based Management

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals

Do we care?

Dependable?Actionable?

Page 7: 2012 ICSQ IA Presentation_20121003

Deep Environmental

UnderstandingThe evolution of the Analyst into

a Nexus

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals

Page 8: 2012 ICSQ IA Presentation_20121003

New Techniques

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Shared Ownership →

Modified Assurance

Capability →

Education →

Best Practice, Tools,

Deputized Project Team →

Education Leads…

Results Follow!

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals

Page 9: 2012 ICSQ IA Presentation_20121003

Virtual SSP

• Requirements

• Control Point• Intersections of

Accountability and Authority

• Tooling

• Auditing

• Visualization

• Traceability Matrix

• Validation & Verification

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals

Page 10: 2012 ICSQ IA Presentation_20121003

Agile Management Workstreams

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals

Page 11: 2012 ICSQ IA Presentation_20121003

Agile Management

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals

Page 12: 2012 ICSQ IA Presentation_20121003

Task Management

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Sprints - User Stories - Control Work Items - Workflow

Sprint

Backlog

Project Backlog

Gro

om

ing

Feedback

Working

IncrementTest-driven

Development

N-1

Testing

Product Owner

Delivery

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals

Page 13: 2012 ICSQ IA Presentation_20121003

Agile Goals

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Validation & verification

Replace emotions with facts

Empirical metrics

Collaboration

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals

Page 14: 2012 ICSQ IA Presentation_20121003

“Education is a better safeguard of security

than a standing army.”

Edward Everett

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals

Page 15: 2012 ICSQ IA Presentation_20121003

Target IA Commitment

29-31 Oct 2012 International Conference on Software Quality - ICSQ 2012

the kanban Assurance Manifesto

We are uncovering better ways of providing Assurance by doing it and helping others.

Through this work we have come to value:

Explicit communicationsOver intuitive abilities

Small stepsOver big changes

Quality systemsOver heroic individuals

Requirements driving our understandingOver assumptions in which we must trust

While we appreciate the standard concepts below,

we value the bold principle above.

Contrast | Concepts | Resolution | Analyst | Techniques | Virtual SSP | Management | Goals


Ia konferenz 2012 contentstrategie für social web

2012 Winter IA

Edição dod ia 04/09/2012

Ia 2012 u1

Content Strategy and IA :: IA-Konferenz :: 11. - 12. Mai 2012 :: Essen

Bevezetes a Biokemiaba IA-Egyesitett Anyag-2012

Utp sirn_s1_introduccion ia 2012-2

The Power of Peer Review-Final ICSQ V2.0

e IA IA IA IA IA IA IA IA IA IA IA IA IA IA IA IA IA

Strategic Experience Design - Polish IA Summit 2012

IA Summit 2012 Redux in Tokyo

IA-03890X001-N25-2012 CONSEJO NACIONAL DE CIENCIA Y …2006-2012.conacyt.gob.mx/transparencia/Documents/2012/IA-03890X001-N25... · Servicio de Producción técnica de canales corporativos

Polish IA Summit 2012: Na żywo 2.0

Bordese Ia Famaf 2012

Ucsur - Cirugia 2012 -Ia- 08 -Anestesia- Dr. Canchari

Mason City, IA 2012 Digest

Ia 2012 u2

Ia afghan newsletter march 2012

13th International Conference - ICSQ · 13th International Conference on Software Quality (13ICSQ) Dallas, Texas ... Wednesday) highlighting keynote speakers, invited presentations,

Power of Agile UX - Polish IA Summit 2012

Edição dod ia 23/03/2012

IA 2012 annual report

IA Summit 2012 Redux

Private Fund IA Registration 2012

IA Community (Summer 2012)

COMMISSIONS DAPPEL Juin 2012 Martine PIEROTTI, IEN-IO, IA 74, 2012

IA Summit 2012: Mapping the Experience

IA Booklet v Oct 2012

Senesi Ia Seminar 13-2-2012

IA Institute Salary Survey 2012

NEBOSH iDip July 2012 Unit IA Exam Paper

International Conference on Software Quality (ICSQ 2007 ...rube.asq.org/software/conferences/pdf/2007-isqc.pdf · International Conference on Software Quality 2007 (ICSQ 2007) Lakewood

ICSQ Sample

World Challenges for Software Quality - ASQasq.org/conferences/wcsq/pdf/icsq-2007-panel-presentation.pdf · World Challenges for Software Quality ... • Best practice frameworks

Enabling Change (IA-Konferenz 2012)