Conference Presentations

Leaping into the Cloud: Risks and Mitigation Strategies

The cloud has rapidly gone from “that thing I should know something about” to the “centerpiece of our five-year corporate IT strategy.” However, cloud computing is still in its infancy. The marketing materials ignore or gloss over the many risks present today in the cloud-data loss, security leaks, gaps in availability, migration costs, and more. Ken Johnston and Seth Eliot share new research on the successful migrations of corporate IT and web-based companies to the cloud. They lay out the risks to consider and explore the rewards the cloud has to offer when companies employ sound architecture and design approaches. Discover the foibles of poor architecture and design and how to mitigate these challenges through a novel Test Oriented Architecture (TOA) framework.

Ken Johnston, Microsoft Corporation
Risk Identification, Analysis, and Mitigation in Agile Environments

Although risk identification, analysis, and mitigation are critically important parts of any software project effort, agile projects require non-traditional techniques that are much quicker and easier to use than classical risk techniques. James McCaffrey focuses-not on theory-but on realistic risk analysis methods agile teams can readily implement with lightweight tools. James explains and demonstrates how you can employ taxonomy and storyboarding methods to recognize project meta-risks and identify product risks throughout the development lifecycle. Using “central moment” and “PERIL” techniques, you'll learn to analyze these risks and develop management and mitigation strategies dynamically, while the project is underway.

James McCaffrey, Volt VTE
The Risk Management Paradox

The road to the financial ruin experienced on Wall Street during the past two years was paved with ineffective risk management strategies. While risk management theory continues to evolve, implementation of that theory often fails, especially when it comes to software. Though most executives readily acknowledge risk management is an essential practice for software projects, few can point to accomplishments and sustainability of their organization’s software risk efforts. Why is it so difficult to build and sustain effective software risk management? Do risk management’s intellectual demands exceed human capability? Are hidden forces thwarting our efforts to build and sustain good practices? Payson Hall describes the human challenges inherent in developing and sustaining an effective risk management program and why many risk management efforts become paradoxical victims of their own success.

Payson Hall, Catalysis Group
The Power of Risk

Erik Boelen starts his risk-based testing where most others stop. Too often, risk-based test strategies are defined in the initial test plan and are never looked at or used again. Erik explores how a dynamic, living risk-based testing strategy gives testers a vital tool to manage and control testing activities and identify the infrastructure they need to perform these activities. Find out how to use your risk-based testing strategy as a tool for negotiations among the different stakeholders. Take on the important role of risk mediator for all of the parties in the project. The risk-based test strategy is a tool you can use to defend testing’s need for time and resources, especially when late delivery is possible. Use your risk-based strategy to drive and manage exploratory testing sessions.

Erik Boelen, QA Consult Services
Creating the Right Environment for Mobile Applications Testing

Is your organization releasing applications that target multiple mobile devices, platforms, or browsers? If so, you have faced-or soon will face-the challenge of choosing and setting up a test environment for these devices and platforms. Nat Couture shows how to develop a cost-effective application test environment to mitigate the risks associated with deploying mobile applications. He shares his latest research on mobile devices, mobile platforms, and mobile browser usage, and explains in detail what you need to consider when choosing a test environment. Learn how to select a winning combination of device-specific simulation, platform-specific simulation, and browser-specific simulation-coupled with tests on the actual devices. Build a mobile device testing program that reduces cost, increases coverage, and helps achieve the level of confidence you need to release mobile applications into production.

Nat Couture, Professional Quality Assurance Ltd.
Risk Management--It's Not Just For Gamblers Any More

The difference between gamblers and many software managers is that gamblers know there is a good chance they will lose a bet. An intelligent blackjack player can expect to win 45-49 percent of the time; software project success rates have only recently passed the 33 percent mark. Payson Hall argues that a key to project success is improving our ability to identify and manage risks-technology risks, project risks, business risks, and more. Although risk management is an increasingly popular topic in the executive suite, talk alone does not mitigate software risks. Is risk management a fad or a discipline? How does risk affect real project outcomes? Is it worth the investment? What does effective risk management look like? Join Payson Hall as he presents practical strategies for identifying and managing real-world software risks. Learn to identify threats to your projects' success and practical strategies to mitigate those risks.

Payson Hall, Catalysis Group, Inc.
Unintended Consequences of a Capability Maturity Mismatch--Evidence from a Quality Audit

In this presentation Michael Harris describes the findings of a quality assurance audit (PPQA) of the offshore outsourcing arm of a major U.S. software development company in late 2005. As the executive in charge of much of the development and as a member of the PPQA audit team, the Michael has a singular perspective on the expectations and the reality of the project. This presentation explores one particular aspect of the audit findings-the manifestations of the different CMMI® maturity levels of the onshore and offshore organizations. Take away suggestions for taking advantage of this mismatch situation instead of suffering from it.

  • Review a quality assurance audit (PPQA)
  • Explore the different CMMI® maturity levels of onshore and offshore organizations
  • Take advantage of mismatched outsourcing situations
Michael Harris, David Consulting Group
Risk Managment on an Agile Project

Plan-driven software project management is very specific on how to identify and manage risks. When moving to Agile software development practices, what happens to all the risk management activities that project managers used to oversee? Contrary to what many expect, there are Agile risk management practices that reduce risk by providing opportunities for the team to identify, monitor, and control risk events. For each of the traditional risk management areas-identification, analysis, response planning, and monitoring and controlling-you will learn the corresponding Agile approach. In keeping with Agile's strengths, team involvement and collaboration are key inputs into the risk management process. Michele Sliger explains how and when to involve the team in identifying risks, analyzing the opportunities and threats, mitigating as appropriate, and monitoring these risks throughout the lifetime of the Agile project.

Michele Sliger, Rally Software Development
Translating Business Risks into a Risk-Based Test Plan

We all know that testing should be based on business risks. In practice, test managers often go from those risks to test coverage in an ad-hoc, intuitive way. Instead, by taking a step-by-step approach, you can improve coverage and better prioritize your tests. After translating business risks into product risks and establishing the required test coverage, you select the appropriate techniques and estimate test effort. Ruud Teunissen explains that the right test design technique is based on the required coverage, type of functionality, test level, quality characteristics to be tested, available documentation, available resources, and resource skill sets. This risk-based test planning approach enables the test manager to report progress and defects found in terms of the business risks so that stakeholders can make informed decisions about releasing the software into production.

Ruud Teunissen, POLTEQ IT Services BV
SOA and Web Services Testing Involve the Whole Team

Serious enterprise application development is moving to Service Oriented Architectures as companies try to leverage existing applications while meeting new customer demands. Even as the ability to connect Web sites dynamically adds significant new levels of business functionality, it opens up a new point of failure with each connection. Code coverage is becoming far less important than the ability to test every component of your J2EE stack in the same environment as it will be deployed in production. John Michelsen shares the current trends in SOA testing, including unit testing with JUnit, test-driven Development (XP, TDD methods), test script automation, load testing, continuous testing, and much more. Learn about the pitfalls in testing SOA systems and why some companies wrongly give up on even trying.

  • Trends in testing SOA and Web service enabled applications
John Michelsen, iTKO, Inc.


AgileConnection is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.