Requirements Analysis (BABOK KA)

I don’t know how many articles I’ve read where the author states requirements should be “what” the user/client needs, not “how” to deliver the solution. They say “A requirement should never specify aspects of physical design, implementation decisions or system architecture”... In my humble opinion, every requirement, even the business level needs, goals and objectives, are just the start of a long march to a solution.

Scope creep (also known as feature creep, requirements creep, featuritis, and creeping featurism), however, refers to the uncontrolled growth of functionality that the team attempts to stuff into an already-full project box. It doesn’t all fit. The continuing churn and expansion of the requirements, coupled with inadequate prioritization, makes it difficult to deliver the most important functionality on schedule. This demand for ever-increasing functionality leads to delays, quality problems, and misdirected energy.  Scope creep is one of the most pervasive challenges of software development. 

 

When security requirements are considered at all during the system life cycle, they tend to be general lists of security features such as password protection, firewalls, virus detection tools, and the like. These are, in fact, not security requirements at all but rather implementation mechanisms that are intended to satisfy unstated requirements, such as authenticated access. As a result, security requirements that are specific to the system and that provide for protection of essential services and assets are often neglected. In addition, the attacker perspective is not considered, with the result that security requirements, when they exist, are likely to be incomplete. We believe that a systematic approach to security requirements engineering will help to avoid the problem of generic lists of features and to take into account the attacker perspective. Several approaches to security requirements engineering are described here and references are provided for additional material that can help you ensure that your products effectively meet security requirements.

The purpose of this brief article is to explain the connection between documenting requirements and contract type. Recently I consulted with a firm eliciting requirements for a new product. In this case, an internal business analyst team was documenting the product requirements by consulting with appropriate stakeholders. The follow-on project intent was to outsource the work to develop the product in the form of a contract.

I bet everyone has, at least once in their career, heard the expression:

iRise gives Business Analysts the tools they need to communicate clearly with both the business and its stakeholders.  They use working previews that can be virtually indistinguishable from the final product.  When business analysts uses iRise to elicit and document requirements: the business analyst becomes a powerful weapon to get to the right answer, ...

We hit a challenge however when we attempt to promote the value of Business Analysis to IT Management or the Business...  The reality is that simply promoting “better requirements” does not sell our value-add in terms that management from an IT or Business perspective understands... So how do we do this? Let me share five lessons learned based on my experience as a senior requirements management consultant. 

A common challenge of enterprise Business Analysts is the discovery, understanding, and description of requirements in the context of implementing packaged solutions. Management assigns us to projects with a predefined solution, and we struggle to figure our role when there seems to be no significant build activity. What are we supposed to do in this situation when there seems to be no need to produce standard requirement deliverables?

 

Put a typical Business Analyst in this environment and do not be surprised to hear the phrase “I’m not sure of my role.” Why do packaged solution projects cause discomfort?

A business analyst is a person who analyzes, organizes, explores, scrutinizes and investigates an organization and documents its business and also assesses the business model and integrates the whole organization with modern technology. The Business Analyst role is mostly about documenting, verifying, recording and gathering the business requirements and its role is mostly associated with the information technology industry.

The difficulty of gathering information and establishing requirements, owing to the chaotic nature of the business world, is clear to see. Every business analyst must overcome their own Mad Tea Party if they are to be successful in carrying out their mission. As Alice is confronted with the unreliability of the Hatter, the March Hare, and the Dormouse, so too is the analyst faced with unreliable stakeholders. In her attempts to gain an understanding of the never-ending tea party, Alice’s use of elicitation is effectively useless in the face of endless riddles, an unconventional sense of time, and undependable characters.  Analysts find themselves in comparable environments with various degrees of chaos and unpredictability. 

We implemented A/B testing into our product 6 months ago. During that time we conducted a variety of A/B tests to generate insights about our user's behaviour. We learnt a lot about our specific product. More generally, we learnt about how to run valuable A/B tests.

Most discussions about software requirements deal with business information systems and similar projects. The world is also full of products that use software to control hardware devices, broadly called embedded systems. Among countless examples are cell phones, television remote controls, kiosks of all sorts, Internet routers, and robot cars.  This is the first article of two that will discuss some of the requirements issues that are especially important to embedded and other real-time systems.

Often I come across situations where a BA is unprepared or under-prepared in approaching the requirements elicitation process. This leads to irritated business users, incomplete requirements, significant delays, reworks, and poor opinion about BA's in general. I decided to put together a list of prerequisites that a BA must complete before commencing requirements elicitation process.

With the rise in popularity of agile methods, business analysts and product owners often use the term “agile requirements” to label their work.  We do not care for the term “agile requirements” because it implies that the requirements for an agile project are somehow qualitatively different from those for projects following other life cycles. A developer needs to know the same information to be able to correctly implement the right functionality regardless of the life cycle being used.

Gathering and documenting requirements to develop software is often seen by business analysts as their core task. Actually, they are there to deliver value to the business—everything else is secondary.