The Incremental Commitment Spiral Model describes a process model generator. InfoQ interviewed the authors about the principles underlying the Incremental Commitment Spiral Model (ICSM), applying the ICSM, benefits that organization can get from it, and how organizations can use the ICSM to determine under what conditions to use software-intensive agile frameworks like Scrum, DSDM, SAFe, or DAD.
The challenge of knowing whether we are on track to deliver haunts projectmanagers and developmentmanagers at various levels as their organizations take on agile approaches to product and project development. Driving towards smaller work items and lower work in process brings the benefits of both better project risk management as well as more effective agile execution and learning.
Commitment is a graphical business novel about managing project risks with “Real Options”, a way to improve decision making. InfoQ spoke with the authors about decisions, risks and technical debt. 1
Building on their work on Real Options, Chris Matts and Olav Maassen are writing a graphic novel to explain the concepts and share their knowledge. They discussed the novel and the process with InfoQ.
One category of risk that project teams need to ensure they address is business value failure – delivering a product that fails to provide value for the business investor. 3
In this IEEE article, author Danny Dhillon discusses a developer-driven threat modeling approach to identify threats based on the dataflow diagrams for assessing and mitigating the security risks. 3
Risk management is a crucial discipline for projects, and finding ways to do effective risk management on agile projects will spell the difference between Agile scaling into the enterprise or failing. 5
In this IEEE article, author John Diamant talks about improving security quality of software applications using techniques like security requirements gap analysis and architectural threat analysis.
InfoQ spoke with Rich Caralli from SEI's Resilient Enterprise Management Team about Resilience Management Model used for managing operational resilience in complex, risk-evolving environments.
In this IEEE article, John Stouby Persson and Lars Mathiassen discuss a process for managing risks associated in managing the distributed software projects. 2
Static code analysis gives developers ability to review their code to uncover security vulnerabilities. InfoQ spoke with Brian Chess about static analysis and how it compares with other techniques.