ロンドン大学で MSc Computer Science: Information Systems モジュールを履修中。

講義内容に関して記録した個人的なスタディノートです。

全 12 週のうち 6〜12 週目の内容を記録します。（6 週目開始：2024 年 11 月 18 日 / 12 週目終了：2025 年 1 月 6 日）

Week 6: Scrum Methodology II – Core Concepts #

概要

This topic continues the description of the Scrum development module initiated in Topic 5 and introduces students to further core concepts in Scrum environment. This includes the documentation of user requirements in the form of user stories, and the centrality of the product backlog in the Scrum methodology.

キーコンセプト

This topic includes:

• Timeboxing in Agile projects
• Scrum sprints
• User Stories
• Practical challenges for an organisation using Scrum

レクチャーリスト

• Timeboxing
  • Lecture 1: Timeboxing and Definition of Done
• User Stories
  • Lecture 2: User stories
• Scrum Concepts
  • Lecture 3: Scrum concepts and challenges

Lecture 1: Timeboxing and Definition of Done #

In Scrum, all activities are timeboxed

Time-boxing allows for frequent checkpoints, and puts a boundary on error: it allows activities to be wrong in a small way.

• fixed duration (usually 2-4 weeks)
• fixed team size (8-10 people)
• fixed goal

Definition of done (DoD)

is a checklist of the work that the team is expected to complete successfully before declaring a “potentially shippable increment”

• DoD is agreed by team and PO, and applicable to all user stories
• DoD depends on various factors (e.g. the type of product being built)
• DoD is different for user stories and sprints

Example of DoD

• Code completed
• Code commented, checked in, refactored
• Code inspected (peer reviewed) and meeting development standards
• Builds without errors
• Unit test successful
• Integration test successful
• System test successful
• Regression tests successful
• Platform tests successful
• Build/deployment/configuration changes implemented documented/communicated
• Documentation produced and/or updated

Lecture 2: User stories #

Theme > Epic, Epic, Epic...
Epic > User Story, User Story, User Story...
User Story > Task, Task, Task...

• themes: collections of related features or stories
• epics: large, big-picture view of the need - months/years of effort
• features: medium requirements - weeks/months of effort
• sprintable stories: succinct statement of need - day of effort
• tasks: specific activities to be completed - hours/days of effort

Product backlog

• the product backlog is a central a central artefact in Scrum and is the repository of all requirements - functional and non-functional - in the form of a prioritised list
• it provides a centralised and shared understanding of what is to be built, and in what order
• the product backlog comprises product backlog items (PBIs) - which start out as placeholders for vague/unknown requirements
• each PBI has a size estimate in “story points” or levels of complexity
• PBIs are eventually broken down into “user stories” that feed into the sprint backlog

PIB type

• Feature: e.g. “As a field service engineer I want to create a ticket for a customer support issue so that I can manage a customer’s request for support”
• Change: e.g. “As a field service engineer I want the default ordering of search results to be by surname instead of ticket number so that it’s easier to find support ticket”
• Defect: “Fix defect no. 212 so that special characters in search terms won’t make searches crash”
• Technical Improvement: e.g. “Move to latest version of Oracle DBMS”
• Knowledge Acquisition: “Create a proof of concept ot two architectures and run three test to determine best fit for product”

User stories

short, simple descriptions of a business need told from user’s perspective

As a <type of user>, I want <some goal> so that <I achieve some business benefit>

User stories are hard to write so the “INVEST” criteria are used as a guideline to assess quality of a user story.

• I - Independent: User story should be self-contained, with no direct dependency on another user story
• N - Negotiable: Until part of a sprint, a story can always be changed and rewritten
• V - Valuable: A user story must deliver value to the end user
• E - Estimable: A user story must be sufficiently defined to be estimable
• S - Sized appropriately: User stories should be reasonably sized in order to prioritise and estimate with certainty. Break bigger “epics” into smaller stories
• T - Testable: A user story must provide the necessary information to verify that its work can be accepted by the product owner

Lecture 3: Scrum concepts and challenges #

• minimum viable product (MVP): a technique to collect feedback by exposing basic “workable” version that helps refine solution
• technical debt: implied cost of additional rework caused by choosing an easy solution now instead of using a better approach that would take longer
• refactoring: refining code to make it simpler and more concise in order to improve maintainability/performance.

Scrum challenges

Distributed scrum:

• agile methods emphasise close engagement between Scrum team and user
• …but distributed development i the norm for some large organisations
• language and cultural differences across distributed Scrum teams

Mixed methodologies:

Sometimes not feasible or practical to use pure Scrum or Agile approach (e.g. no Scrum skills in-house; business demands waterfall approach; compliance …). This can cause conflict in development process, business process and for people.

• waterfall up-front: usually in response to project approval hurdles and demand for comprehensive documentation
• waterfall at-end: usually in response to requirement for dedicated testing activities (e.g. by operations teas)
• waterfall in-tandem: usually to meet skill deficit or risk aversion by business

Week 7: Conversion, Roll-out and Operations #

概要

This topic covers the activities involved in managing the build/configuration phase of the SDLC (phase IV), and the subsequent ‘roll-out’ of the completed system. It highlights the importance of ‘change management’ during this phase of the development process. Students are also introduced to the activities and skills required to conduct efficient operations of the live system.

キーコンセプト

This topic includes:

• Implementing/Configuring a new EIS
• Project management disciplines in EIS development and implementation
• EIS development testing phases and types
• Change management of technology-driven change
• IT operations tools and techniques

レクチャーリスト

• Managing the implementation and go live activity and running the system in live mode
  • Lecture 1: Implementation challenges
• Construct/Configure
  • Lecture 2: Building/configuring and testing the system
• Conversion and Change Management
  • Lecture 3: Conversion and Change Management
• IT Operations
  • Lecture 4: IT operations

Lecture 1: Implementation challenges #

The most challenging aspects of project management concern “people”:

• manage people with different skills, expertise, personality
• motivate team
• communicate effectively to all stakeholders
• negotiate with individuals
• balance personal and professional demands across team
• provide moral support, guidance, advice…
• accommodate cultural differences, time zones, language difference
• manage everyone’s expectations

Further material

• Thomas, M. ‘How can software be so hard?’ Gresham College.
  • https://www.gresham.ac.uk/watch-now/how-can-software-be-so-hard

Lecture 2: Building/configuring and testing the system #

詳細省略。主にはテストの種類について。ユニットテストやシステムテスト、ユーザ受け入れテストなど。

Lecture 3: Conversion and Change Management #

Why introducing change is hard

• a new IS can be disruptive and frustrating for uses
• learning a new system involves effort and investment of personal tie - and loss of previous investment
• as a result, people are often hostile to introduction of new systems

Change management

• change management is the process of introducing a new system/processes with as little disruption as possible
• it involves managing people’s expectations - and training them to use the new system
• effective change management usually requires a proactive sponsor and can be facilitated by lead adopters (“champions”)

Conversion

• conversion is the point at which the new system replaces the old system
• it can be phased or all at once (“big-bang”)
• in most cases, detailed planning is required to make conversion happen seamlessly

After conversion

• Waterfall: Post-Implementation Review (RIR) - identifies what went well and what did’t & assesses whether projected benefits achieved
• Scrum: Retrospective - determines what was successful/unsuccessful and assesses lessons learnt

Lecture 4: IT operations #

Operations

• Processes: Incident Management; Change Management; Capacity Management etc. - rigorous, checklist-driven (particularly during incident management)
• Methodologies: ITIL; DevOps and tools;
• Governance: Service Level Agreement (SLA) - contract between external IT operations service provider and enterprise; Operation Level Agreement (OLA) - contract between internal IT operations provider and internal department in an enterprise

Week 8: Freedom of Information, Data Protection and Intellectual Property #

概要

This topic introduces the first elements in the professional issues in computing part of the module. It covers freedom of information, data protection and intellectual property, all of which have general relevance in society and particular relevance for IS practitioners.

キーコンセプト

This topic includes:

• Data protection, data privacy, GDPR
• Freedom of information
• Intellectual property – Patents, Copyright, Trademark

レクチャーリスト

• Freedom of Information
  • Lecture 1: The purpose of Freedom of Information legislation
• Data Protection
  • Lecture 2: Data protection and the GDPR
• Intellectual property
  • Lecture 3: Intellectual property

Lecture 1: The purpose of Freedom of Information legislation #

Freedom of Information (FoI) laws exist in many countries to provide citizen access to information held by public authorities - e.g. USA (Freedom of Information Act), UK (Freedom of Information Act 2000); EU (Regulation 1049/2001)…

These laws are designed to make public organisations more open and accountable - introduces a public “right to know” in relation to public bodies.

Most FoI laws have similar provisions around process (making a request), obligations (such as timeframe in which public body must reply) and remedies (complaint process and related obligations)

Lecture 2: Data protection and the GDPR #

Rationale for Data Protection laws

Privacy is seen as a fundamental human right - e.g. European Convention on Human Rights: “Everyone has the right to respect for his private and family life, his home and his correspondence.”

Privacy extends to privacy of information, including electronically held (or transmitted) information.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is a European Union law that aims to:

• give control to data subjects (people) over their personal data
• simplify the regulatory environment for business by unifying the regulation
• govern circumstances when personal data is exported outside EU and EEA

GDPR applies to processing carried out by organisations operating in the EU - including organisations outside the EU that offer goods or services to individuals in the EU.

Lecture 3: Intellectual property #

Intellectual property (IP) is the name given to creative works, inventions and commercial goodwill. IP:

• has value
• is something intangible
• is subject to theft and abuse, like physical property
• can be stolen by copying it (or even by reading or listening to it)

Software and Copyright

Google LLC v. Oracle America, Inc. - US supreme Court decision regarding copyright of software (April, 2021)

• “literal elements of programs” are subject to copyright - written code such as source code/object code
• “non-literal elements of programs” are not subject to copyright - functionality of the code (e.g. user interface, calculation, functions…)

Further material #

• US Supreme Court’s decision in the case of Oracle v Google.
  • https://www.supremecourt.gov/opinions/20pdf/18-956_d18f.pdf
• Patent absurdity - how software patents broke the system (2012)
  • https://www.youtube.com/watch?v=_RPKtMTjXHg

Week 9: Contracts, Defective Software and Cybercrime #

概要

This topic continues the analysis of professional issues and discusses IT contracts and defective software, and looks at the issue of liability in this context. It also provides a general overview of cybercrime and its importance and relevance to IS professionals.

キーコンセプト

This topic includes:

• IT contracts (bespoke and outsourcing contracts)
• The nature of defective software
• Malware and its impact
• Malware as a weapon
• Computer misuse legislation

レクチャーリスト

• IT Contracts
  • Lecture 1: IT contracts
• Defective software and liability
  • Lecture 2: Defective software
• Computer Misuse and Cybercrime
  • Lecture 3: Malware, cybercrime and computer misuse

Lecture 1: IT contracts #

What is a contract?

A contract is voluntary agreement between two or more parties that is enforceable by law

Examples of IS contracts:

• Contracts to build bespoke software
• Software licence agreement
• IT consulting contracts
• IT outsourcing contracts

Type of Commercial Arrangements for IS contracts

• Fixed price
• Time and materials
• Usage based

Lecture 2: Defective software #

Defective software is software that is unusable or has bugs or has known/accepted limitations … in other words - most software!

Lecture 3: Malware, cybercrime and computer misuse #

Cyber crime

Cyber crime can include “traditional” crimes conducted online such as theft or blackmail and “advanced” cybercrime - sophisticated computer-enabled attacks

Computer misuse

Computer misuse is a crime in many countries - for example: UK - Computer Misuse Act 1990, Network and Information Systems Regulations 2018; USA - Computer Fraud and Abuse Act (18 U.S. Code 1030)

Further material #

• Thomas, M. ‘Computers, people and the real world’, Gresham College (2016).
  • https://www.gresham.ac.uk/watch-now/computers-people-and-real-world
• TED talk: Facebook’s role in Brexit – and the threat to democracy
  • https://www.ted.com/talks/carole_cadwalladr_facebook_s_role_in_brexit_and_the_threat_to_democracy

Week 10: Digital Surveillance, Ethical Issues in Computing and Business Planning #

概要

In this final topic we address some of the most important issues facing the IS professional. First, we discuss digital surveillance and the challenges faced in society in striking the right balance between security and privacy. We then review the broader topic of ethical computing, and consider ethical issues arising from the use of digital technology. Finally, we present an outline of the basic elements of a business plan.

キーコンセプト

This topic includes:

• Digital surveillance in the workplace and in public
• Digital surveillance by the state agencies
• Computer ethics
• IS ethical guidelines and codes of practice for IS professionals
• A basic business plan

レクチャーリスト

• Digital surveillance
  • Lecture 1: Overview of digital surveillance
• Concerns and legislation governing digital surveillance
  • Lecture 2: Concerns raised by digital surveillance
• Ethical issues in computing
  • Lecture 3: Ethical issues in computing
• Business planning for IT professionals
  • Lecture 4: What is a business plan?

Lecture 1: Overview of digital surveillance #

Forms of digital surveillance

Commercial organisations conduct surveillance in various ways and for various purposes.

• routine collection of transactional data (e.g. electronic payments in stores)
• automated surveillance in public places (e.g. CCTV, in-store cameras)
• biometric tracking (e.g. personal fitness tracker data)
• geo- or location-based surveillance (e.g. GPS tracking)
• workplace surveillance (e.g. employee email audit trail)
• public-body surveillance (e.g. welfare claim history)
• platform data-driven surveillance (e.g. algorithmic inference by social media networks)

…in return, the citizen allows some instruction of privacy. But where is the line drawn between what is necessary for the state to conduct its affairs and the level of intrusion acceptable to citizens?

Lecture 2: Concerns raised by digital surveillance #

Why are ethics important in computing?

IS are ubiquitous and have a profound impact on all aspects of human existence - and like all technology, can have good and bad (or unforeseen) consequences.

Some ethical issues posed by widespread use of IT:

• Automation puts people out of work
• Social media takes and sells your personal data
• The internet is a perfect vector for creating and spreading fake news
• There is a significant gender imbalance in the IT industry
• Bitcoin mining has a devastating impact on the environment
• Large IT corporations seek to pay little or no tax
• The digital divide is increasing inequality between developed and developing countries

Machine learning/artificial intelligence poses new and complicated ethical issues.

Lecture 3: Ethical issues in computing #

（内容省略）

Lecture 4: What is a business plan? #

Business Planning

A business plan is a formal description of what a company intends to do and how it intends to do it.

it is used for:

• management and planning
• raising funds from investors
• benchmarking progress

Week 11, 12 #

最終課題の期間。ある企業の CIO の立場として、COBOL で開発されたレガシーな社内決済システムを SaaS のシステムに移行するプロジェクトを率いる。この際、取締役会に対して以下の４つの資料を作成する。

1. ウォーターフォールで開発するのか、アジャイルで開発するのかの選定とその理由。プレゼンテーションスライド 12 枚で作成。
2. ユーザ要求を収集、文書化するにあたって課題、障害となりそうな事柄を説明する。800 ワードのレポートで作成。
3. 社内他システムとの統合にあたって課題、障害となりそうな事柄を説明する。800 ワードのレポートで作成。
4. 自社がサイバー犯罪の被害者になる可能性のある状況と、それらに対処することが難しい理由。。プレゼンテーションスライド 12 枚で作成。