I measure the success of my 50+ year career in IT by the positive feedback I’ve received from colleagues, stakeholders, students, and readers. I started as a Cobol programmer, progressed to software analyst/designer, and for the last 30 years have performed the role of business analyst. Interspersed in those years I’ve shared what I’d learned through writing, teaching, presenting, and mentoring. This article discusses the top seven “Takeaway Points” from the over-30 BA resources I’ve produced related to requirements for information systems.

If you’re a Business Analyst assigned to a medical device development project, intended for the US market, understanding the FDA’s approval process is critical to ensure that product requirements, documentation, and risk controls are aligned with compliance expectations. This article outlines the FDA’s classification framework, approval pathways (510(k), De Novo, PMA), and the risk management process. It also highlights how a Business Analyst contributes to hazard identification, traceability matrices, and risk control measures, while preparing submissions under FDA regulations and ISO 14971.

Tariffs are not just economic instruments—they’re strategic signals. For business analysts, Trump's latest trade measures are more than policy—they’re a masterclass in navigating disruption, identifying leverage, and transforming systemic friction into strategic insight.

Integrating least privilege into business analysis is critical for developing secure, well-governed systems. When role modeling is handled early, business analysts help reduce unnecessary access, reduce compliance gaps, and improve operational efficiency throughout the organization. Analysts can make substantial contributions to access governance throughout the system lifecycle by leveraging tools like CRUD matrices, role-function overlays, and access review templates. Access modeling, when it is used as part of core business analysis, improves audit readiness, enhances regulatory compliance, and reduces the risk of privilege misuse before it becomes a major issue.

A reader wrote to me with questions regarding a development project that he thought involved too many requirements and too little flexibility around requirement priorities. (You’ve never heard of such a thing before, right?)