Want to visit ground-zero for data security? Experts from SANS, MITRE, SAFECode, EMC, Juniper, Microsoft, Nokia, SAP, Symantec, and the U.S. Department of Homeland Security's National Cyber Security Division last week presented a listing of The Top 25 Most Dangerous (Information Security) Programming Errors. Expect to see future government and big-money RFP's mandate these items be addressed.
Mike J. Berry www.RedRockResearch.com
I just finished reading Willie Pietersen's book, Reinventing Strategy: Using Strategic Learning to Create and Sustain Breakthrough Performance
.
Pietersen first sets the stage for the rest of the book by underscoring the need for organizations to be adaptable. He paraphrases Charles Darwin, concluding that is it not the largest, the strongest, or even the most intelligent of species that survive, but the most adaptable to change. He explains that corporations need to start thinking beyond doing things right, to thinking about doing the right things.
He explains that vision is different from insight. Vision is what the leader has in mind for the group. Insight is what the group learns about their customers needs, through studying their customers.
Pietersen describes a four-step process he calls the "Strategic Learning Process:"
- Situation Analysis (Learn)
- Strategic Choices (Focus)
- Align the Organization (Align)
- Implement and Experiment (Execute)
This process provides the basic toolset for gaining insight, and turning that into vision. Continuous learning is essential, Pietersen says, and he quotes Arie de Geus's observation that a company's "ability to learn faster than competitors may be the only sustainable competitive advantage" they have.
He continues, "Nature, in effect, suffers from two massive learning disabilities. When nature fails, it doesn't know why; and when it succeeds, it doesn't know why...therefore strategic learning is at the heart of successful adaptation"
Pieterson's goes on to offer a formula for initiating change. His formula is:
D x V x P > C
D = Dissatisfaction with Current State
V = Clear Vision for Change
P = Process for Getting it Done
C = Cost of Change
His formula suggests that if D,V, or P are not strong enough to collectively overcome C, change will not occur.
Pieterson concludes his book by suggesting Strategic Learning can be applied to our personal lives to enable personal growth. Appling it to such topics as Emotional Intelligence, and Personal Renewal, the Strategic Learning process can help us throughtout our life.
Mike J Berry www.RedRockResearch.com
So I attended our SLC-based agile development forum yesterday. Alistair Cockburn was there, along with some other associates from around the valley. We discussed various successes and challenges with using the Agile Development Model for software development.
One particular topic that became a main discussion point was how to get government agencies to accept Agile Development Model contract bids. Fortunately, executives from several companies were represented in the room that use the Agile Development Model and pursue government contract work. They gave us some insight on how to proceed. The challenge is that the Waterfall Development Model (SDLC) is the traditional project development process for government contract submissions. They like it because it expresses a project in terms of scope, components, time-lines, and milestone dates. All of this is measurable, so it works very well with the government procurement types.
Agile is a less structured methodology--where you build requirements and code more in a module, by module format. These modules, called user-stories, aren't spec'd in detail until they are actually being worked on. Because of this, milestones and time-lines for an Agile project are not as predictable. The Agile Development Model accepts this reality, and suggests that most projects are not really so predictable anyway.
The trick with the Government is to bid your first project as a waterfall project. Then, after you have a relationship, suggest that forthcoming projects have an Agile model. You can also submit a Waterfall project with some additional requirements listed on the contract. ie: "Requirements base-lined at a high-level" or "Progress reported via Project Backlog" or "Prioritization by Need" or "Daily Scrum" or all of these things.
Mike J Berry www.RedRockResearch.com