Regarding the template for requirements in the DPVCG wiki

Dear all,

here are my two cents about the requirements template:

first of all, I think it might be useful to differentiate between 
several types of requirements. Some example categories could be:

  * functional (big data operations)
  * interoperability
  * data protection / privacy
  * ICT-security
  * UI-support, UI-interface (e.g. for admin-GUI, audits...)

Thereby, it might be reasonable to make choosing multiple categories per 
requirement possible.

Furthermore, I have some suggestions regarding what the template 
structure itself could contain. Any further thoughts from you would be 
appreciated as well:

  * Besides the requirement title, a number or other short identifier
      o This identifier could also entail information about the
        requirement category (e.g. SER-02 for a security requirement, or
        DPL-11 for a data protection law requirement)
      o A brief identifier makes cross-referencing between requirements,
        use cases, and vocabularies easier
      o Moreover, if we want to do this later, it leaves us the option
        to draft a matrix with all requirements to see whether there are
        any overlaps, similarities or even conflicts beween different
        requirements
  * Introduce a label system that states clear whether the fulfilment of
    the requirement is a MUST, SHOULD, OPTIONAL, nice-to-have or
    whatever you think makes sense in the context of the community group
      o In case we come up with a large set of requirements over time,
        this might make prioritization for implementers easier
  * Introduce a section below the requirement description where eventual
    context can be added if needed (e.g. explanations why this
    requirement is relevant, or reference to a standard or anything else)
  * Add a section for initial ideas on solution/realization approaches

That's it for now, looking forward to what you think!

Greetings,
Eva

-- 
Landesbeauftragte für Datenschutz Schleswig-Holstein
Holstenstraße 98, 24103 Kiel, Tel. +49 431 988-1200, Fax -1223
mail@datenschutzzentrum.de - https://www.datenschutzzentrum.de/
Eva Schlehahn, uld67@datenschutzzentrum.de

Informationen über die Verarbeitung der personenbezogenen Daten durch
die Landesbeauftragte für Datenschutz und zur verschlüsselten
E-Mail-Kommunikation: https://datenschutzzentrum.de/datenschutzerklaerung/

Received on Wednesday, 8 August 2018 12:31:22 UTC