338 Matching Annotations
  1. Jun 2020
    1. Both Anderson and Dumitriu were at Microsoft at the time, and they described an abysmal previous state that is likely familiar to most IT practitioners:too long to finish work requested from the business: average lead time was 155 daysdissatisfaction with lateness and long lead times forced IT management to do “more work estimation,” forcing managers to spend all their time building PowerPoints (because business conclusion was that they didn’t do a good job estimating), instead of doing real workwhenever the business asked for anything, the response was “it’ll take 5 months”every task was estimated at 20 days, but no one knew where the other 135 days went

      Sound familiar?

  2. May 2020
    1. It might be considered that Kanban, as a “start with what you do now” method, comes with no agenda as to the type or purpose of the change it initiates. In fact, Kanban recognizes three agendas—

      Three agendas that we've hung on the concept.

    2. The method can-not be applied faithfully without embracing them.

      Hmm... Does every processing method have to have values? I'm a little suspect of the motivation of enumerating these. Was there any mention of these values in the blue book?

  3. Apr 2020
    1. One of thechallengesof good writing, especiallygoodtechnical writing, isto presentseveral par-allellines of astoryoran argument in awaythat weaves them together coherently

      Maybe that's where I've failed. It's not the ideas that people don't like or understand, it's that I've, perhaps, done a not so good job of conveying them.

  4. Feb 2020
    1. If I vote in a party’s primary, am I required to vote for that party’s candidates in the November 6, 2018 general election? No. A voter who votes in the primary is not required to vote for a particular party’s candidates in the succeeding general election.

      You can change your mind. :)

    2. In a county where the Republican and Democratic parties are sharing polling places, the vote must identify what primary they would like to vote in order to ensure they receive the correct ballot and are marked as voting in the correct primary election.

      So you have to say (affiliate) with one party or the other.

    1. With Azure Dev Spaces, you can share your dev space with others on your team. Each developer can work in their own space without fear of breaking others. Also, working together in one space can enable you to test code end-to-end without having to create mocks or simulate dependencies.

      No mocks!

    1. A dev space can be used by anyone with contributor access to the dev space's resource group.

      Contributor access only required.

    1. Azure Dev Spaces intercepts requests that come in with this URL prefix and routes them appropriately.

      Strangler pattern?

    1. VPC Flow Logs capture network flow information for a VPC, subnet, or network interface in Amazon CloudWatch Logs. Flow logs can help you with a number of tasks, such as troubleshooting why specific traffic is not reaching an instance

      Time to implement VPC flow logs...

    1. AF rolls out phased retirement program for eligible civilians By Richard Salomon, Air Force Personnel Center Public Affairs / Published July 14, 2017

      Here we go...

    1. Who have attained their minimum retirement age (between ages 55 and 57 depending on year of birth) or who have at least 20 years of service and who are at least age 60.
  5. Jan 2020
    1. He, Rulifson, and fellow Augmented Research Center engineer Bill Paxton demonstrated how the team used the hypertext system to collaborate.

      The key concept.

    2. explains Jeff Rulifson, the computer scientist who developed much of the software on display at the Mother of All Demos. "The idea was to create tools and then use those tools to improve the tools," Rulifson says. Instead of making the tool once, it would be continually improved, based on the experiences of its users. As the tools improve, they make it possible to make new, more useful tools. Engelbart called the approach "bootstrapping," named for the bootstrap circuit in radar systems.

      Agile, but better, before there was agile.

    1. I'm eager for more powerful writing tools that will make it even easier to gather documents and messages and shape them into a project narrative. By pushing current tools to their limits and beyond, we'll discover what those next-generation tools need to be.

      Twenty years later, our tools don't seem to have progressed much ("it's not the tools"), but more importantly, it seems the utility of a project web remains largely unknown to folks generally. And that is a shame.

    2. A simple Web-accessible repository augmented with brief commentary explaining what has been posted and why turns out to be a powerful team coordination aid.

      It really is that simple. OneNote is a great tool for this.

    3. "As a project manager, I wish I had an authoring interface that has the same ease of use as weblog writing interfaces, but allows for more logical structuring of information, rather than putting everything on a calendar roll."

      Ah, our "user story".

    4. No matter how effective your navigational scheme, there's no substitute for full text search when you need to find something that's vanished from current view.

      OneNote's search is powerful and serves just this purpose well.

  6. Dec 2019
    1. Virtual access to customer data is restricted based on business need by role-based access control, multifactor authentication, minimizing standing access to production data, and other controls. Access to customer data is also strictly logged, and both Microsoft and third parties perform regular audits (as well as sample audits) to attest that any access is appropriate.

      Secret and safe (it would seem).

    1. Only 1 percent of [Defense Industrial Base (DIB)] companies have implemented all 110 controls from the National Institute of Standards and Technology. We need to get to scale where the vast majority of DIB partners can defend themselves from nation state attacks.

      Only 1%! Yikes!

  7. Nov 2019
    1. The power of the viewspecs and jumpcommands is that they can be embedded directly into a URL. This allows a user to pass alongURLs to another user which point to specific locations in a document with a particular viewof that document.

      Such an important concept!

      (Demo'd in PurpleSlurple, via "expand/collapse")

    1. And knowing which version contains what information can only be done by opening every file.

      Ok, good point. (You can diff the Excel versions, within Excel.)

    2. Saving the information in a SharePoint list makes it a single source of truth, all the time, for everyone.

      Why not save the Excel file to SharePoint and turn on versioning?

    3. One of the pain points present in many SharePoint implementations is slow user adoption. There may be any number of reasons for this, but one commonality is an unfamiliarity of how to use SharePoint properly; meaning, how to use it efficiently.

      We can do better.

    1. Indeed a seamless integration of web, email, newsgroup and a searchable document database are the components that make a formidable groupware application.

      20 years on, folks still struggle to grasp the utility of collaboration. Cobbling together one's own system is easy, but as Jon pointed out in his article on the weblog as project management tool - in the end the tools don't matter, what does is that someone has to take the initiative to create/maintain the project web (or champion its use among team members).

    1. According to Raskin, too many people working on hypertext have concentrated on mechanisms instead of on the user interface. It is necessary to look at the entire spectrum of interaction and to do continuous user testing.
  8. Oct 2019
    1. How do I raise the issue of technical debt to ensure it is prioritized alongside value? Can you measure the cost of support? How many workarounds exist in production? What are the costs of the workarounds to the business? Is the current technology easy to update and release for business innovation? What is the cost of not innovating or releasing something your competitor has?
  9. Sep 2019
    1. The Network Time Protocol (NTP) is designed to synchronize time across an IP-based network. NTP has been an Internet standard for over 20 years

      Now 30+ years.

    1. Breaking down functional silos, which traditional organizations tend to have, to form cross-functional silos, which agilists tend to prefer, takes a lot of time and effort. We need to help people become cross functional themselves, what I would call generalizing specialists.

      Yea, this is likely our Achilles heel. We need generalizing specialists

    1. Therefore, if a team is converting to agile work methods, people need to be coached to stretch themselves and learn new things.

      And afforded the opportunity to do so!

    2. A generalizing specialist is someone with one or more technical specialties who actively seeks to gain new skills in both their existing specialties as well as in other areas, including both technical and domain areas.

      "actively seeks"

    1. Recently I was thrilled to learn that the web platform offers such an affordance in the form of the <details> tag.
    1. Let employees write and publish a ‘user manual to me,’ starting by yourself.

      OneNote :)

    2. Create an easily accessible and changeable handbook containing all policies, and make them easy to understand and repeatable.


    3. make the decision smaller, quickly decide, and learn if it is right. If it’s the wrong decision, it’s easy to go back.

      Succeed early, succeed often.

  10. Aug 2019
    1. Montaigne called “On Vanity” one of those essays which, being quite long and not at all confined by the titles he gave them, “require a decision to read them and time set aside.”
    1. Today, everybody knows about this system because the system was not fail-proof, it lacked robustness to deal with erroneous data. As engineers say, “If you feed garbage into a system, garbage will come out.” That's what happened with MCAS, and there was no proper layering around that to prevent catastrophic failure.

      Chaos engineering failure example?

    1. What would it take, I wonder, to post-process the kinds of PDF files that governments typically produce, in order to add Purple Numbers?


  11. Jul 2019
    1. A project blog [19, 19] linked to a project document repository is a potential partial solution to this problem. Instead of sending email when creating or revising documents, project members simply add an entry to the blog. This requires less work than sending email and has other attractive features discussed below. The result is an easily-skimmed chronologically-ordered record of the important information events of a project. These include status changes of project documents in the associated repository. Project blogs are collaborative; any team member can add an entry.
    1. Ensure that everyone understands and agrees to the policies for the work that moves through the system. When are various activities and work items done?

      Have the conversation with your downstream customer regarding what they need from you in the work product you're delivering. What does constitute done? Then deliver it, a high quality product, once. (Have the conversation upstream too, to convey what you need.)

    1. Mr Sette adds that while the world coffee industry sees revenues over $200bn each year, only $20bn reaches producing countries and ultimately, less than 10% of that reaches growers.

      Only a 1 penny of every dollar the coffee industry sees in revenue goes to the grower. What's wrong with this picture?

    1. Virtualization capabilities enabled in BIOS
    2. Windows Sandbox: an isolated, temporary, desktop environment where you can run untrusted software without the fear of lasting impact to your PC. Any software installed in Windows Sandbox stays only in the sandbox and cannot affect your host. Once Windows Sandbox is closed, all the software with all its files and state are permanently deleted.
    1. These capabilities come together to enable Azure Sphere to meet all 7 properties of a highly secured device – making it a first of its kind solution.

      Is this a bug in hypothesis? What's happening here? Why is my hypothesis page served in-line? (See below.)

  12. Jun 2019
    1. IP iterations fulfill another critical role by providing an estimating buffer for meeting PI objectives and enhancing the predictability of PI performance.

      This seems like a bad idea, leading to sloppy estimates or loosely controlled WIP. The work (not IP iteration activities) should be done in the work iterations (not here).

    2. It acts as an estimating buffer for meeting PI Objectives

      What? A buffer? Too finish up unfinished work?

    1. Since the iteration plans did not take into account the story acceptance criteria, it’s likely that adjustments will need to be made to the first and subsequent iteration plans.

      Why are these not considered here, during PI planning?

    1. az network nsg create \--resource-group azuremolchapter5 \--name remotensg

      missing: --location eastus

    2. For developers, you can also enableremote debugging with Visual Studio under the Application Settings area or configureApplication Insights to allow your web application to provide telemetry

      Developers need access to this feature.

    3. FTP username
    4. When you pushed your site with Gitin the previous example, Git wrote the file to this directory. Instead, you could FTPfiles straight to here; but Git offers additional features once you get used to it, such asversioning, history, and branches.

      So why are we still using FTP?

    5. If you create a Windows VM, a rule is added that allows RDP

      Not by default. You must add the rule to allow RDP.

  13. May 2019
    1. Don’t forget that even as a business moves from IaaS toward the PaaS model, theIT pro remains relevant!

      Getting squeezed out.

    2. up to $200 of freecredit. This free credit should be enough to make it through all the chapters andexercises, with room to explore a little and have fun along the way

      So if I don't have a free account (no longer qualify), this is going to cost ~$200?

    3. There are no tools to install on your machine, and you can use any com-puter and OS you wish, provided it supports a modern web browser.

      Nice. We've come a long way.

    4. This book is designed to give you a solid foundation to be successful as a developer orIT engineer in Azure. You learn about both Infrastructure as a Service (IaaS) and Plat-form as a Service (PaaS) solutions, along with when to use each approach. As youwork through the chapters, you learn how to plan appropriately for availability andscale, keep security in mind, and consider cost and performance. By the end of thebook, you should be able to integrate upcoming technologies such as containers andKubernetes, artificial intelligence and machine learning (AI + ML), and the Internetof Things (IoT).

      That's a pretty high bar for 21 days of lunches.

    1. I think it is important to note that the purple number solutions mentioned here are for publishers and authors of content – not for consumers. In other words the publisher must implement the solution or no purple numbers are available for the consumer. Relative to the Web at larger, not many Web sites implement purple numbers.

      Things are finally changing.

    2. Select text to link to, click bookmarklet, optionally add note (something Ahoy doesn’t do)[3].

      QuiP process.

    1. However, SAFe is a flow-based system. Its economics are optimized by job-sequencing rather than theoretical job return on investment (or worse, first-come, first-served job selection, loudest voice, or other historical patterns).

      Depending on one's situation (in the RCMPSP space), FCFS has been shown to be the most efficacious priority rule in terms of project (not portfolio) flow (shortest make span).

    1. Since you can't move annotations between groups in Hypothesis, if students create (possibly many) annotations in the wrong group they need to delete them and manually recreate them one by one.

      Why can't we edit the annotations (en masse preferably) to change group or tags? (Jon has something for editing tags...)

    1. One thing I found with new KM projects is the tendency to dive into complexity. In other words: these projects attempt to slice and dice available knowledge in so many ways that it is almost impossible to understand. This, in my view, can tank a project. My recommendation: Start simple. Get that working and then add complexity when there is demand for it.

      Still valid 17 years later.

    1. Collaboration Tools Employed by this Community

      CIM3 tool set. :) They worked.

    1. The issue of citing particular phrases in web documents has also been raised previously,with paragraph-level identifiers added by the purpleslurple29 tool,
    1. Assuming that we can determine that we are dealing with the same document

      This can be (nearly always) determined using "Matt's Rule of Text" which is as follows: "Any 8 to 10 word string uniquely identifies a document". Yep, mind-boggling, I know.

      Here's an example (for this page): https://www.google.com/search?q=%22Assuming%20that%20we%20can%20determine%20that%20we%20are%22

      Another example for this page: https://www.google.com/search?q=%22this%20fast%20and%20straightforward%20method%20will%20find%20a%22

      And for completeness, one more: https://www.google.com/search?q=%22This%20is%20an%20old%20problem,%20and%20over%20the%22

      Note that the last example returns two results. The second result does not include the quoted ",". The first result is (nearly always) the source document.

      This algorithm has some very important ramifications, I feel. Its use here, in this type of application (e.g. documents returning a 404 could be passed to Google for reattachment of annotations) and another pressing one, determining the source of fake news. There are other uses clearly.

      Please share with those who care. Thank me later. :)

      ASIDE: I "discovered" this algorithm in 2003 during my work with PurpleSlurple and QuIP.

    1. In February 2017, the World Wide Web Consortium, or W3C, the international standards body for the web, formally recommended a web-annotation standard that allows developers to make annotation a native feature of their browsers. So far, none has done so.

      We fight on! (See for example: https://keynet.blogs.com/networks/2004/06/purpleslurple_m.html and https://hyp.is/TpluxHsuEembdFcYuJI8_Q/knutties.livejournal.com/24270.html)

      I do feel some satisfaction :) in the appearance of "purple numbers" in numerous document systems now (Github, Microsoft, for example)

    1. I agree that functionality like this should be natively built into browsers.

      Still not available in 2019.

    1. We don’t have to “move fast and break things.” We can move slowly and build good things to last. We can return to the traditions of architects that built cathedrals to last hundreds of years, mathematicians who have collaborated on imaginary structures for thousands of years, and scientists who have pulled back the curtain on reality since people began to doubt their senses.

      I'll be a stone on which giants might pass.

    2. the web was created by unsophisticated perspectives (Tim Burners-Lee has apologized for missing Engelbart).

      TBL missed Engelbart (what? really?)

    3. Alan admires his former professor Bob Barton. Despite not liking students or teaching, Bob spent the time to do it “for the field.” I think that’s ultimately Alan’s aim in meeting with people like me. Maybe there’s a fraction of a percent chance that I have the potential to help the field and so Alan was there to nurture that chance. In other words, he was getting lunch with me in for pure benevolence. He wants there to be good people in his field (don’t ask him what it should be called unless you have all afternoon), ultimately to further humanity.

      Cool Alan Kay.

    1. What makes it different, though, is that you can export your Collection to Word or Excel, and Microsoft will add a bit of intelligence to make it even more useful: citations within Word

      Finally. Something I've wanted since 2002.

      Automatically creating bibliography, and footnotes (or endnotes) from my clippings. (Planned for but never delivered in PSNotes.)

      For collecting notes, Opera had a very similar capability years and years ago.

      See the image here: https://images.idgesg.net/images/article/2019/05/collections-4-100795598-large.jpg

    1. KayhaswrittenofthefactthatthegenesisofSmalltalklayinthecoincidentalappearanceonhisdeskofbothadistributiontapeofSimulaandacopyofSutherland'sSketch-padthesis[5]

      Noted in Rheingold's "Tools for Thought".

    2. NygaardandDahl'sSimula[7]wastherstconventionalprogramminglanguageincorporatingtheprinciplesofobjectorientation,butSketchpad'simplementationofclassandinstance-basedinheritance(thoughnotcalledobjects)predatedSimulabyseveralyears.

      And both influenced Alan Kay and Smalltalk.

    1. You can't understand where mind-amplifying technology is going unless you understand where it came from.

      So much seems to be crumbling away. Often previous hard earned gains are reinvented. How does one find this knowledge in the flood of information? I'm not sure even Google can help in some cases.

  14. Apr 2019
    1. The budget is ‘the elephant in the room.’ An organization can never be truly agile unless you also address that budget mindset

      Where does this leave us in our "transformation"?

    2. Their success has been less obvious in big top-down siloed, inward-looking hierarchies that are faced with the challenge of delighting external customers.

      Our situation.

    3. As a result, “fixing the budget” usually involves a lot more than fixing the budget. You have to fix a tangle of other big issues if you are really going to make sustained progress.

      "Fixing the budget" then seems nearly insurmountable for the Air Force. If agile (implementation) is truly crippled by this, our agile prospects seem dim.

    4. The notion of throughput accounting, which measures and tracks progress of delivering value to customers, is still unknown in many large organizations.

      Hmm... throughput matters?

    5. Organizational structure: The budget often reflects, reinforces and aggravates the siloed organizational structure, which gets in the way of delivering value to customers. Rather than having truly cross-functional teams, with end-to-end responsibilities to deliver value to customers, Agile teams work within their silo (say Tech) and hand off work to another silo (say Product) to be incorporated in their work program. If Product has yet to embrace Agile, then Product is likely to be working at a slower pace than Tech, so Product–and subsequently Sales–become the key organizational constraints to gaining the real value from Agile.

      Herein lies our problem.

    1. Agile Uprising is a purpose-built network that focuses on the advancement of the agile mindset and global professional networking between leading agilists. We will remain agnostic of certifying bodies and focus purely on the advancement of the agile craft. Our network will evolve over time, and at the core our online community will remain free to join – forever.

      Yea, paying to access the SAFe community... is a prospect that grated on me.

    1. Or they say, that the failures in the SAFe community surround folks who haven’t had enough training (sigh!) or invested in enough SPC qualified consultants (bigger sigh!).


    2. I just can’t be associated any longer with something this big, this focused on pursuing revenue, and this far removed from true agile principles.

      I was a skeptic going in...

    3. It’s too focused on certifications and training – a cash cow.


    4. It creates far too many roles, layers, flows, etc.

      Way too complex. Can't be done without training the troops (i.e. $$ for SAI).

    5. As I looked at the diagram, I imagined $$$ at specific points where the SAFe folks (Scaled Agile proper, consulting firms, SPC consultants, tooling firms, etc.) could “cash in” on SAFe training, consulting, and tooling.In other words, I followed the path and heard an ongoing CHA-CHING in the air!

      This was precisely the impression I had when I took SAFe Implementation training!

    1. Hire and develop the right mix of talent: The report cites Millennials as “particularly well-suited to enhance an Agile enterprise’s talent pool.”

      Out with the old, in with the new.

    2. A huge majority – 83 percent – of leaders surveyed cited their talent mix as being crucial to their organizations increased agility.   Meanwhile, 70 percent of respondents reported that lack of engagement on the part of executives and employees to the main factor to hold back transformational success in their organization.

      Maybe it's who you ask?

    1. The software industry, in general, has become obsessed with measuring the inputs and outputs of Agile at the employee level—an obsession that has resulted in the neglect of the original Agile ethos, and a misguided focus on employee-level work statistics instead of process improvement on the organizational level
    1. Reduce resistance to change when moving to agile by showing critics that agile represents a better way of doing business using the data collected on your projects.

      We need data!

    1. Exploitation Measures:  some suggestions for exploiting agile productivity gains include:

      How do we address these short comings / problems with Enterprise Agile?

    2. Product versus project management conflicts that can raise questions as to who’s in charge.

      Portfolio Kanban.

    3. those firms that use Kanban principles and lean approaches as part of their methodology tend to make better productivity gains because they focus their energy on getting rid of waste and inefficiency.

      Can you say Kanban?

    4. they replace instead of reduce management overhead and bureaucracy with a rebranded set of practices.

      So agile in name only, for management.

    5. It is interesting to note that these software productivity increases are not being realized by those pursuing either large agile projects or enterprise-wide utilization.  These productivity gains, while still advantageous, drop to just 3 to 5 percent better than their previous norms.

      Only 3 to 5 percent better for enterprise wide initiatives.

    1. Percent Complete and Accurate (%C&A).  A quality metric used to measure the degree to which work from an upstream supplier is determined by the downstream customer to be complete and accurate (or error free).  In other words, to what degree does the downstream customer need to:  1) correct information that is incorrect; 2) add missing information that should have been supplied by an upstream supplier; and/or 3) clarify information provided.  Out of 100 “things” passing to the downstream customer, what percentage of them are complete and accurate and do not require one of the three above actions before completing the task?  The number is obtained by asking the immediate, or successive, downstream customer(s) what percentage of the time they receive work that is 100% complete and accurate.

      A critical metric. Each team member in the process chain should strive for 100% (be accountable).

    1. To set themselves up for success, software development and operation teams need to allocate 20% of their schedule (e.g. one day per week or one week per month) to slack time. That is, time they won’t have to spend implementing any new functionality, but rather investing on refactoring, automation, architecture, design, and other non-functional requirements that can improve quality.

      Long live Technical Debt Friday!

    2. The deal [between product owners and] engineering goes like this: Product management takes 20% of the team’s capacity right off the top and gives this to engineering to spend as they see fit. They might use it to rewrite, re-architect, or re-factor problematic parts of the code base…whatever they believe is necessary to avoid ever having to come to the team and say, ‘we need to stop and rewrite [all our code].’ If you’re in really bad shape today, you might need to make this 30% or even more of the resources. However, I get nervous when I find teams that think they can get away with much less than 20%.

      The 20% Rule (of technical debt)

    1. Reckless Accidental debt is the least desirable, since the team has no choice about incurring it and either doesn’t recognize it or cannot correct it once it exists. This quadrant is red, because ideally the team should stop and self-improve (through training, hiring, or whatever other means is available) such that it is able to at least recognize the kind of debt it is incurring currently.

      We can move towards reducing/alleviating Reckless Accidental technical debt through training.

    1. “Where in the organization will Scrum work best, and where will Kanban work best?”

      Choose Your WoW! (Way of Working): https://disciplinedagiledelivery.com/dad-handbook/

    2. When work item size and cycle time are consistent, it becomes relatively easy to forecast how long it will take to complete a known set of work.

      Yep, we might, just maybe, be able to produce reasonable schedules (once we have some real data).

    3. Kanban at the portfolio and program level to visualize and manage the top-level workflow in the product, product, or organization

      Portfolio Management? Yep doable.

    4. Kanban’s greatest strength is that it models anything and is very flexible.

      No special roles required. Start where you are!

    5. Its flow-based approach tolerates rapidly changing priorities much better than a timeboxed approach like Scrum.

      Some would argue (rightly IMO) that Kanban is better suited for our type of work than Scrum. See: DAD Lean Lifecycle: https://hyp.is/ne2_JFb-Eem8rVN2bpUt1g/disciplinedagiledelivery.com/lifecycle/lean-lifecycle/

    6. For a single person managing his or her work alone, a simple Kanban board similar to the one shown in Figure 1 is often all that is necessary.

      Great tool, even if only used in isolation. Because your work is "visualized" and WIP limited, it helps you to defend your time from the boss that wants to pile on everything and alleviates ever having to answer the question: "What's the status" (Simply [re]send your boss the link to the board.)

    7. WIP limits help unburden individuals and optimize flow

      If one's time is at full utilization, queue times to gain access to or assistance from that person are nearly infinite! (See resource utilization and wait time graph: https://hyp.is/ud84tFb2EemKoqfvc4mLJg/itrevolution.com/resource-guide-for-the-phoenix-project-kanbans-part-2/

    8. make the workflow visible

      Make it visible!

    9. Kanban advocates starting with how the work is done today

      Start today! (No new roles/processes needed.)

    10. drive evolutionary change

      It's evolutionary!

    1. Work is difficult to predict in advance. For example, teams that are focused on fixing defects or handling support issues are good candidates for this lifecycle

      Sounds like the work we do for HIH/HRSTS.

  15. Mar 2019
    1. A worksheet for collecting POA&M data is located in Appendix H5.T

      POA&M Data Collection worksheet

    2. For program-level issues,such as those that are enterprise-wide, the maximum time for remediation is five (5)years

      Enterprise wide program level is 5 years for remediation.

    3. controls to monitor and update the POA&M to demonstrate weekly to monthly progress

      Weekly to monthly progress updates

    4. Determining the severity level of the weakness in order to prioritize POA&M efforts according to risk factors

      Severity suggests priority.

    5. Component Information Systems Security Managers (ISSM): Monitor progress of POA&M implementation efforts

      ISSM Monitors progress.

    6. Component Information Systems Security Officers (ISSO): Develop, track, and manage POA&Ms for systems under their control.

      ISSO is responsible to Develop the POA&M (among other tasks).

    1. If an employee receives a Quality Step Increase or takes a Change to Lower Grade, their time before the action still counts toward their next Within-Grade Increase, but the step they are going to determines which waiting period (one, two, or three years) they will be in.

      How about a Quality Step increase?

    1. Temporary service performed after 1989 (FERS only)

      Not creditable towards SCD.

    2. Time not creditable for retirement that may affect the retirement SCD include

      Temporary service is not creditable.

    1. WGIs apply only to GS employees occupying permanent positions. "Permanent position" means a position filled by an employee whose appointment is not designated as temporary

      No WGI for temporary positions.

    2. Employees who occupy permanent positions earn WGIs upon meeting the following three requirements established by law

      Must occupy permanent positions.

    1. BREAK IN SERVICE—The time when an employee is no longer on the payroll of an agency. (In computing creditable service for benefits, e.g., leave accrual and reduction in force retention, a separation of 1, 2, or 3 calendar days is not considered to be a break in service; a separation of 4 or more calendar days is considered to be a break inservice and the days of separation are subtracted from the employee's total creditable service.)

      Break in service

    1. Although it’s nice to plan around the stability that Scrum promises – with a fixed sprint backlog of work – the reality is that teams have to deal with interrupt driven work and absorbing this isn’t a strong characteristic of Scrum.

      Scrum doesn't deal well with expedited workloads (changing priorities).

    2. To be successful at Scrum you have to allocate people roles, train them and arrange your work according to the methodology.

      Scrum requires change.

    3. Firstly it is an evolutionary method to introduce change in an organisation. Meaning that no additional roles or practices are introduced by organisations that adopt the method. Existing roles and processes are kept but are wrapped into Kanban. Workflows are investigated and visualised to provide control around the work but we don’t change how people do their jobs or interact.

      Kanban is evolutionary.

    1. Are suitable for deployment on modern cloud platforms, obviating the need for servers and systems administration;

      No servers or sys admin?

    1. Scrum Masters are servant leaders and coaches for an Agile Team. They help educate the team in Scrum, Extreme Programming (XP), Kanban, and SAFe, ensuring that the agreed Agile process is being followed.

      Scrum Masters are coaches.

  16. dataverse.org dataverse.org
    1. The Institute for Quantitative Social Science (IQSS) collaborates with the Harvard University Library and Harvard University Information Technology organization to make the installation of the Harvard Dataverse openly available to researchers and data collectors worldwide from all disciplines, to deposit data.

      Openly available to "Data collectors worldwide from all disciplines, to deposit data."

    1. Q13:  How do I identify the IAT workforce? A13: Two basic questions can help identify IA Technical (IAT) positions: Does the position require privileged access to a DoD Information System Computing, Network, or Enclave environment? Does the position include any of the functional requirements listed in Chapter 3 of DoD 8570.01-M for that level of the information system architecture? If the answer to both #1 and #2 is yes, the position is an IAT position. If the answer is no to both, then it is not an IAT Position. If the answer is yes to #1 and no to #2, it is not an IAT position. If the answer is no to #1 and yes to #2, it may be an IAM or other IA position

      How do I identify the IAT workforce?

    1. I’ve been there, but it doesn’t need to be this way! It took me literally 2 years to get from “uh what’s tcpdump?” to “I’ve HEARD of tcpdump but I don’t really get it” to “well I can blindly copy from stack overflow and sometimes it works” to, finally, “I can easily use tcpdump to debug firewall issues and I always completely understand the commands I run are doing”.

      Someday... :)

    1. Anytime you hear “cloud hybrid,” “hybrid cloud” or “on-prem plus cloud,” it’s a Strangler Pattern, as the organization must maintain connectivity between its legacy application and the microservices it’s pushing to the cloud.

      LOL. Yea we're using the strangler pattern. :)

    1. HTML, CSV, or JSON to search for matching Hypothesis annotations and display them in one of those formats.

      Export Hypothesis annotations.

    1. One of the natural wonders of this area are the huge strangler vines. They seed in the upper branches of a fig tree and gradually work their way down the tree until they root in the soil. Over many years they grow into fantastic and beautiful shapes, meanwhile strangling and killing the tree that was their host.

      Martin Fowler Strangler Pattern

    1. Instead of usingk-grams, the strings to fingerprint can be chosenby looking for sentences or paragraphs, or by choosing fixed-lengthstrings that begin with “anchor” words [4, 12].

      Or by using Matt's Rule of Text.

    2. even on text data the assumption thatone can always find reasonable sentences is questionable

      I can always find "reasonable sentences" (i.e. one which fingerprints the document), by applying Matt's Rule of Text.

    1. valuing organizational learning

      ... on subjects that matter (not e.g. Acquisition training).

    2. institutionalizing the improvement of daily

      Improve daily work.

    3. Creating fast feedback is critical to achieving quality, reliability, and safety in the technology value stream. We do this by seeing problems as they occur, swarming and solving problems to build new knowledge, pushing quality closer to the source, and continually optimizing for downstream

      Fast Feedback.

    1. David is now working with a new project organization that is based on Kanban teams. He has a core project team that uses Kanban to manage all their project tasks, but also to manage occasional duties for upcoming or past projects. He works with functional teams that use Kanban to manage the work that is coming from several projects at the same time. At the start of the project, capacity for the stream of work is reserved with each of the Kanban teams based on the time-criticality of the project. During the project, he authorizes work to the Kanban teams by replenishing their input queues.

      Is this described in David Anderson's Kanban?

    1. Increased predictability and an ability to respond with confidence to tough questions like “When will you deliver?”, “When should we start a job to deliver by a certain date?”.

      We should have data, and thus better estimates, after first cycle/batch.

      We'll never do so if we continue using PM methods that don't apply to our situation (i.e., a portfolio of product development [cyclical] projects under resource constraints. See: http://sbuweb.tcu.edu/tbrowning/Publications/Browning%20&%20Yassine%20(2016)--Managing%20a%20Portfolio%20of%20PD%20Projects%20under%20Resource%20Constraints%20(preprint).pdf

    1. 7. Specific certificationsMust have: 15%Nice to have: 49%Optional: 36%

      So certification and $3.50 gets you coffee at Starbucks.

    1. Let’s ditch that single person accountability concept and instead have a team of a Product Co-Lead, UX Co-Lead and Engineering Co-Lead all accountable.

      No. We still need the single point of contact (SPOC), but the good SPOC will get input from his "co-leads" to prioritize the backlog. I don't see the good SPOC working in a vacuum.

  17. Feb 2019
    1. A deficit implies that Scrum is not yet being implemented, and that there is likely to be technical debt.

      Done means done.

      Or maybe not: "I believe that the Definition of Done needs to align with the Scrum Team's value stream, and "Done" may very well be "ready for UAT" or "ready for IV&V". However, I do think that, in these cases, the Scrum Team should be careful to actually make sure that the work is done. These events should not find show-stopping issues, although they may result in feedback for future iterations." - Thomas Owens comments below.

    2. allow requirements to be traced to the code implementation such as by clear feature-relevant naming conventions.

      RTM by clear feature-relevant naming conventions.

    3. EXAMPLE DEFINITION OF DONE Remember that a Definition of Done properly applies to an increment.

      We need remember this.

    4. They may need the courage to assert "We are not yet a Scrum Team, we will not pretend we are until the deficit for release we have highlighted is closed, and we will limit any commitments we are prepared to make accordingly".

      Yes, be brave (and demand respect - from management).

    5. a Development Team has the right to refuse to do any work, if they cannot commit to its completion by the end of the Sprint

      And yet we are forced to do this all the time.

    6. the first thing to do with a broken Scrum implementation -- such as a deficit for release -- is to make the problem clear to all.

      Make the problem clear to all.

    7. Of these three, transparency can arguably be said to come first. If a situation is not clear then it can hardly be inspected, and no sensible adaptation will be possible.

      We are clearly lacking in transparency!

    8. Definitions of Done that are of less than release standard have become, more or less, "industry normal".

      Our "done" does not require work be releasable.

    9. Yet any deficit in the standard needed to deploy an increment into production, by the end of a Sprint, really does mean that Scrum is not being implemented.

      So we aren't implementing Scrum.

    10. The problem usually boils down to this: organizational change is hard. When push comes to shove, it is all too often the Scrum Framework which is modified, and only lip service gets paid to the principles.

      So we're changing the framework.

    1. While the concepts of Lean and the Kanban system it uses are very easy to learn, it can be difficult to master the principles of lean flow and maximizing the throughput of the system.

      Baby steps...

    2. Lean does not prescribe this overhead and instead suggests that it be done if and when necessary.

      I hate "standing" meetings (not of the SCRUM sort, these can be valuable, but recurring/planned meetings, ostensibly for progress/status reports). They are seldom useful and generally the information could be better conveyed/updated using Kanban.

    3. a continuous stream of work (instead of fixed iterations)

      Seems like our CRs would better fit this Lean lifecycle.

    1. Teams who have many small, relatively independent requirements (be they change requests or potential defects) and who are working on an existing solution will often adopt this lifecycle.

      Our situation in HIH.

    1. It is important to note that AWS manages physical and logical access controls for the AWS boundary. However, the overall security of your workloads is a shared responsibility, where you are responsible for controlling user access to content on your AWS accounts.

      We got this.

    2. AWS Glue is a fully-managed Extract, Transform and Load (ETL) service that can read data from a JDBC-enabled, on-premise database and transfer the datasets into AWS services like Amazon S3, Amazon Redshift and Amazon RDS.

      Are we using AWS Glue?

    1. Weighted Shortest Job First (WSJF) is a prioritization model used to sequence jobs (eg., Features, Capabilities, and Epics) to produce maximum economic benefit. In SAFe, WSJF is estimated as the Cost of Delay (CoD) divided by job size.

      Any performance studies done on WSJF use in Kanban?

    1. Before you gather all those metrics and show how productive your teams are, ask yourself what value you’re producing. For whom? How do you measure if value is really being generated? How do you know your happy customers are happy? Actually, happy is not enough. Your customers have to be ecstatic about your solution. If they aren’t, metrics are irrelevant.
    2. Do not think of Kanban Project Management as a framework. We encourage you to start where you are and gradually find out what works best in your own context

      It's not a framework! :) Start where you are!

    3. forecasting that’s based on the actual data

      Yay for evidence!

    4. a scalable way to track one or multiple projects using hierarchical Kanban boards.

      So needed.

    5. We aim to provide practical guidance for Project Managers that are seeking ways to improve their workflows without necessarily adding more people or resources.

      Good, because we aren't getting any.

    6. Understanding of the work state and project status.

      What a concept!