Section A – Management Summary Introduction to DSDM Atern DSDM (Dynamic System Development Method) was launched in 1995 This is a method that focuses primarily on the management of Agile projects DSDM Atern is currently the latest version DSDM operates primarily in the corporate environment and always demonstrates the ability to work efficiently and in addition to the company's processes As a member of Agile methods, the goal of DSDM is to provide time and budget projects while being flexible enough to meet changing needs This is the reason DSDM is suitable for use in TOG because requirements can vary flexibly at any time along the development stages of TOG The Structure of an Atern Project Atern is an independent vendor approach, realizing many projects fail due to human issues rather than technology Atern's goal is to help people work together effectively to achieve their goals Atern is also independent of the tools and techniques that allow it to be used in any business and technical environment without the need to link the business to a particular vendor Atern is an agile project delivery framework that delivers the right solution for every problem Appropriate business solutions are delivered because:  The project team and stakeholders focus on business results  Timely delivery guarantees an early return on investment  Everyone involved in the project work together to provide optimal solutions  Work is prioritized according to the business needs and ability of the user to accommodate changes in the agreed upon time  Atern does not compromise on quality ie the solution is not designed too high or low In addition, Atern harnesses the experience and creativity of users It uses repetitive lifecycle to develop the most appropriate solution to meet the goals of the project By dividing the project and creating a timetable, each project has clear results, the control is done by the Project Manager and the team members There are seven stages for an Atern project: figure Phase Pre-project Feasibility Foundations Exploration Engineering Deployment Post project Key resbonsibilities Start the project, agree with the Terms of Reference for the job it a short phase to assess the viability and the outline business case (justification) Key phase for ensuring the project is understood and defined well enough so that the scope can be baselined at a high level and the technology components and standards agreed, before the development activity begins Iterative development phase during which teams expand on the high level requirements to demonstrate the functionality Iterative development phase where the solution is engineered to be deployable for release For each Increment (set of timeboxes) of the project the solution is made available Assesses the accrued benefits Atern Principles Well-understood principles are better guides than detailed process procedures In Atern principles are used to provide guidance throughout the project.Atern has eight underlying principles and the complete framework can be directly derived from these The principles are based on best practice in its truest sense They define "the way things are done" Breaking one of these principles can lead to failure, as these are the basic building blocks for Atern, and bind together all the other elements of Atern Principal Focus on the Business Need Description Deliver what the business needs when it needs it The true business priorities must be understood with a sound business case Deliver on Time Timeboxes are planned in advance and the timeframe set The dates never change; features are varied depending on business priorities, in order to achieve the deadline Collaborate Never Compromise on Quality Build Incrementally Foundations from Teams work in a spirit of active cooperation and commitment Collaboration encourages understanding, speed and shared ownership The teams must be empowered and include the business representatives A solution has to be "good enough" The level of quality is set at the outset Projects must test early and continuously and review constantly Firm Increments allow the business to take advantage of work before the final product is complete, encouraging stakeholder confidence and feedback This is based on doing just enough upfront analysis to proceed and accepting that detail emerges later Develop Iteratively Communicate Clearly Continuously Demonstrate Control Accept that work is not always right first time Use Timeboxes to allow for change yet continuously confirm that the solution is the right one and Use facilitated workshops, daily standups, modeling, prototyping, presentations and encourage informal face-to-face communication The team needs to be proactive when monitoring and controlling progress in line with Foundations Phase They need to constantly evaluate the project viability based on the business objectives Unlike other methods, Atern repairs Time, Cost and Quality in the early stages of the project Prevention, in the form of lower priority features, ensures that the timely delivery of a viable solution can be achieved by protecting the Minimum Set that can be used and reducing or delaying Lower priority, if necessary, in accordance with MoSCoW rules Section B – High level requirements analysis and MoSCoW prioritisation B1 Review the ‘high level requirements’ list given at the end of Appendix A B1.1 Identify any of the requirements that you feel are not appropriate high level requirements, giving your reasons for this 1.Ben Brode (CFO) We also need the following: * The site should be easy to use and quick to load * We probably need to arrange for this site to actually “be” on the internet answer explain: This is a non-functional requirement because it includes processing and evaluates the system's usability In some cases, non-functional requirements are intangible things that require human judgement such as sensory analysis to implement and test The following are examples of non-functional requirements Laine Conway (Marketing) - We must ensure that people who use the website can register with their e-mail address and and login so we can have their details to send them marketing materials John Oldman (Consultant) - For the most part we can use the system I have already written You just need to write the code to connect the database to the frontend – I’ve already created the database in MS Access Explain : This is a non-functional requirement because it is "reusability" of components, code, design, and even requirements in other systems - The only bit left is to add the part of the system that helps centres manage the charities Explain :This is a non-functional requirement because it is of a managerial nature Paige McMan (Franchise owner) - We need to ensure that a bookkeeping service is built into the new system, as this will make my job easier - My centre also has a juice bar and I would like to be able to manage my stock levels of fresh fruit and vegetables for smoothies and juices, so I can order items from the local supermarket before I run out Explain :This is a non-functional requirement because it is of a managerial nature Sue Thompson (Franchise owner) -Clients can register and log in on the website, and they can pay their membership fees, book classes at my centre, join clubs at my centre, etc Explain :The non-functional requirements include The extent to which the software system is able to couple or facilitate the interface with other systems - Clients can use the system like Facebook, to communicate with each other and build an online community They should be able to find out who are in their classes and contact those people Explain : This is a non-functional requirement because it involves adaptability that software can be modified to adapt to different user environments, configurations, and expectations B1.2 High level request list to build system The system will have some ability to search and browse the product to buy The system has the function of online transaction by credit card The system will allow storage of customer and product information The system has the function of customer support Customers can leave reviews and product reviews through the system The system should allow the center to order marketing materials The system should allow centers to order products for their local stores The system has the ability to track its customers, allowing them to book seats online and pay their membership fees The system can view online sales management reports and compare these reports with sales at the centers themselves 10.The system will be designed with a simple interface that matches the content B2.1 The system will have some ability to search and browse the Must product to buy have 2.The system has the function of online transaction by credit card Must have 3.The system will allow storage of customer and product Should information have 4.The system has the function of customer support Must have 5.Customers can product reviews through the system Could have 6.The system should allow the center to order marketing materials Must have 7.The system should allow centers to order products for their local Should stores have 8.The system has the ability to track its customers, allowing them could to book seats online and pay their membership fees have 9.The system can view online sales management reports and Must compare these reports with sales at the centers themselves have 10 The system will be designed with a simple interface that Must matches the content have B2.2 C1 Legal, Social, Ethical and Professional issues C1 The role of the Data Controller within the organisation A data controller is the individual or the legal person who controls and is responsible for the keeping and use of personal information on computer or in structured manual files Being a data controller carries with it serious legal responsibilities, so you should be quite clear if these responsibilities apply to you or your organisation If your organisation controls and is responsible for the personal data which it holds, then your organisation is a data controller If, on the other hand, you hold the personal data, but some other organisation decides and is responsible for what happens to the data, then that other organisation is the data contoller, and your organisation is a "data processor" Many organisations run a business model which relies on collecting the personal data of its users and under the new regulations these types of business are data controllers Under the new regulations, your organisation is likely either deemed to be a data controller or a data processor The controller has to state how and why data is processed and they may perform the processing themselves, or they might outsource it to a data processor, which must keep records of personal data and how it is processed Part of this new legislation is to provide clarity and accountability when a breach of data happens Under the GDPR controllers are not only liable for breaches of data, but they must also check the processor complies to the legislation as well Even if the processor is responsible for the breach, the controller is still liable Ensuring data is collected lawfully There are seven different justifications to collecting data under GDPR, and controllers must decide which suit them best A person's consent is the top one, but they could easily withdraw their consent too This makes the alternatives attractive as well: where processing is necessary to fulfil a contract, is legally necessary, is necessary to protect a person's "vital interests", is in the public interest, necessary to the controller - or a third party's - legitimate interests.Controllers must also tell people what they are collecting their data for, and what they're doing with it Allowing people to access their data, move their data, change their data and delete their data This means controllers must allow people to update their information, and move it to another service provider if they choose Citizens can request a copy of their data, which must be supplied free of charge and within one month of the request A request to correct data must be completed within a month as well, or two months if the request is complex legal, social, ethical and professional issues that TOG may be faced with When developing any system related to the use of human interaction, there will be some issues of legitimacy, social, ethical and professional Legal and ethical issues The ethical and legal issues that TOG may face are related to privacy For example, when you are a controller, you can read the employee's personal e-mail, as a security measure to ensure that the company's sensitive information is not disclosed Can you track products purchased by your customers? Can read documents and view graphics files stored on a user's computer or in their directory on a file server? A company can have very legitimate rights to track everything that an employee does with their computer equipment As a network administrator or security expert, you have the privilege of allowing you to access most data on systems on your network You can even access encrypted data when you have access to the recovery agent account What you with those capabilities depends in part on your specific job (for example, if employee mailings are part of your official job description) and part of your credibility Your personal ethics on these issues The issue of copyright and intellectual property rights are also important issues that the TOG must consider The development of the Internet as a publishing medium has created a forum where piracy becomes extreme and easy and almost inevitable for many creators The software piracy and battle of copyright holders to control their intellectual property is a battle that takes place on an everyday basis online and in court Social issues and professionalism TOG also looks at the social and professional issues they will face TOG needs to consider before setting up a system that fits into the user object Examples Features that allow some users to access the site, Provides photo and audio replacement solutions for people with disabilities For example, in case a physical feature makes a person unable to use the service, the responsibility of the service provider is to perform actions such as removing the feature or changing it or providing reasonable alternatives to provide services are addressed to persons with disabilities Handling this issue is important because it can affect the quality and reputation of your business In addition, people may be at a loss by disgruntled customers who may be large buyers or may be long-term profitable customers In addition, all materials on a system must be copyrighted unless otherwise specified People should check the permission to use the materials (permission is usually written on the system) Other social issues that may arise are related to system design It depends on the content of the business to build a system that is tailored to the user and ensures that the viewer gets access to your product On the compatibility issue, it can be said that the use of the system,In particular, the commands used to operate the mouse and keyboard operations of a Mac or PC are very different It is important to understand and consider the different operational commands that can be used and tailored to fit all the formats and people of different cultures Also, it can be seen that different cultures adapts to different keyboard layouts Considering the keyboard layout, it is important to use the general keys placed in the same location on the global scale to ensure global compatibility C2 As a professional body the British Computer Society (known as BCS, the Chartered Institute for IT), has a responsibility to set rules and professional standards to direct the behaviour of its members in professional matters It is expected that these rules and professional standards will be higher than those established by the general law and that they will be enforced through disciplinary action which can result in expulsion from membership Interpretation of the BCS Code of Conduct This Code of Conduct:  Sets out the professional standards required by BCS as a condition of membership  Applies to all members, irrespective of their membership grade, the role they fulfil, or the jurisdiction where they are employed or discharge their contractual obligations  Governs the conduct of the individual, not the nature of the business or ethics of any Relevant Authority Public Interest This section has a number of codes to encourage members to be mindful of public safety and the environment as well as the treating everyone with respect and dignity Professional Competence and Integrity Be truthful about your current level of formal qualifications Be open minded Ensure you have training plans on an ongoing basis to remain up to date Have thorough knowledge of legislation relevant to your field Behave in an ethical manner and reject any offers of bribery or other unethical practices Duty to Relevant Authority The relevant authority is usually your employer So act at all times in a professional manner, taking care to look after their interests as long as it is compatible with the public interest For example, keep information confidential Accept responsibility for your own work and the quality of work produced by the people working for you 4 Duty to the Profession As a member of your chosen profession, act at all times to uphold the reputation the institute Do not anything bring the institute into disrepute Encourage fellow members to continue their professional development  ... controllers must allow people to update their information, and move it to another service provider if they choose Citizens can request a copy of their data, which must be supplied free of charge and... continuously confirm that the solution is the right one and Use facilitated workshops, daily standups, modeling, prototyping, presentations and encourage informal face-to-face communication The... levels of fresh fruit and vegetables for smoothies and juices, so I can order items from the local supermarket before I run out Explain :This is a non-functional requirement because it is of a managerial