Development, Frameworks and Methods

Student Name: Myint Oo @ Amirul Hassan

UOG Student Registration ID: 000805763
Coursework Title: Children Support Agency

COMP1648: Development, Frameworks and Methods

Due Date: 11/11/2013
Center: KMD (Yangon, Myanmar)

1
Development, Frameworks and Methods

Table of Content

Section A

A.1 Management Summary …………………………………………………………..….5

A.1.1 Some about current information system……………………...………….….5

A.1.2 Current issues which CSA is facing…………..………………………….…5

A.1.3 What CSA expects from MIS………………………………………….…...5

A.1.4 Management on developing new MIS……………………….……………..6

A.1.5 DSDM is appropriate for MIS project…………….....……………………..6

A.1.6 Advantages of using DSDM…………..……………………………….…...6

A.1.7 Disadvantages of using DSDM…………………………………………......6

Section B

B.1 High Level Requirement

B.1.1 Short explanation of high level requirement requirements………….….….8

B.1.2 Short explanation of functional and non-functional requirement……….…8

B.1.3 Appropriate High level requirements………………………………..…...8-9

B.1.4 Inappropriate High level requirements……………………………….....9-10

B.2 Moscow Prioritization

B.2.1 List of functional and non-functional requirements based on

high level requirement (appropriate)………………………………………….…10

B.2.2 Explanation of setting prioritizing the requirements………………..…11-12

B.2.3 High level requirements shown in three increments………………..…12-14

Section C

C.1 Management Summary (LSEPI Issues based on DPA)

C.1.2 Why Data Controller is important in CSA………………………….….....16

C.1.2 How Data Controller will help overcome LSEPI issues

with two case study examples……………………………………………..…16-17

2
Development, Frameworks and Methods

C.2 Management Summary (BCS Code of conduct)

C.2.1 What professional body do…………...………………………..……..….18

C.2.2 Purpose of professional body…………………………….……………...18

C.2.3 Four professional issues that the system developer

may need to consider ……………...………………………..……....18-19

3
Development, Frameworks and Methods

Section A

4
Development, Frameworks and Methods

Management Summary

Some about current information system

The current information system doesn’t come into use for all fields of CSA. They have to
overcome a lot of obstacles to manage projects with it. The current information system can’t be used
for managing projects as it doesn’t support. It can only be used for the financial transactions in CSA.
The system they run doesn’t gratify all their needs as it’s an off-the-shelf payroll system. So, a new
management information system has become a must to monitor all projects of CSA. CSA is
overcoming various difficulties as it’s lacking an effective MIS. The following are some key issues
that the CSA is facing currently.

Current issues which CSA is facing

- Due to the different approaches and requirements of doing the project by different staff,
the organization doesn’t have a consistent way of doing a project
- Staff are very dependent on each other because of lack of guidance from the SEG
- No systematic way of recording information
- Some staff keep the record of the project using a paper based system
- The current system is not secure
- The Finance Director doesn’t get correct financial data from Area Managers and Regional
Directors sometimes and they information provided was not very clear enough
- There is no hard connection between the Financial system and MIS
- The head of HR have some problems with Area Managers for keeping the record of their
staff
- No clear record of which contracts are presently in force, what resources are needed and
the deadline of each contract etc
- Peter Jackson, Area Manager has to give much time of searching pieces of data and
collecting all the data together

What CSA expects from MIS

As CSA is running 60 different projects at different places, the requirements and issues from all
offices are increasing. The current system can’t help with all. The new MIS will be developed with
these following requirements which are really required by CSA. New MIS will help CSA monitor and
manage all projects.

The new MIS will be able to gather all data from local centers and it can be accessed from all local
offices. It can produce correct report with complete details for SMT, Trustees and funders. It will
contain some standard set of performance indicators which will help measure CSA projects. It can
keep correct financial data and shows how much resource and fund are used for each projects. The
financial data can only be accessed by the authorized person. Apart from financial data, every
department will have access to see the information they need. It will have a standard way of keeping
the data. Entering the same data at the same place will not be allowed. So, the data will become
consistent and correct. It will allow accessing to the sensitive data of CSA to the authorized people
only. It will keep the details of contracts between CSA and funding bodies which is important for
starting a project. It will also save the demographic data of young people and this type of data can be
accessible from local centers depending on their needs. It also helps regional director, area managers
and lead workers manage their respective projects.

5
Development, Frameworks and Methods

Management on developing new MIS

The new MIS will be developed under the instruction of the Administrative Services Director,
Jim Massey and the finance director, Steve Sutherland. These two people have been working in CSA
for a long time and know all about CSA. Jim Massey himself wants to change the current MIS and he
surely knows that current MIS is completely rubbish. He also realizes CSA needs an effective
management information system. He also states that as long as CSA doesn’t change the current
system, there will always be hardship to get new contracts in the future which might impact the whole
organization. Steve Sutherland suggests that the new MIS must include finance management for local
projects and access to financial data should be protected.

DSDM is appropriate for MIS project

According to Sebastian LeFevre, an Information Systems Consultant, he has just had a

contract with CSA to help analysis of what the organization really needs. He reviewed the current
information system and found that it is lack of security and secure storage of data and many more
problems. He also recommends using an agile method, called DSDM.

DSDM is appropriate for developing a new MIS because the MIS will be developed and
managed under a top management group called Administrative Service director and Finance Director.
The high level requirements are already gathered. Functionality is clear enough as the staffs have
already disclosed their needs in the interview, for example, (No clear record of which contracts are
presently in force, what resources are needed and the deadline of each contract etc) discussed by
Julieanne Black.

Advantages of using DSDM

As all the requirements are collected at the beginning, the system is more likely to meet the
business needs for examples; almost all staffs of CSA have identified their respective needs in the
interview. It will increase the speed of development and increase quality because of the end user
involvement. For example, Peter Jackson, Area Manager who has been working in the organization
for 18 years, has a lot of idea concerning the organization needs, is very willing and pleased to be a
part of the development. So, he can give feedback thought prototyping which can make a quality
system delivers the real needs of the organization. Time boxing and cost of system can be fixed by
analyzing the clear and understandable functions or requirements.

Disadvantages of using DSDM

There will be features which need to be reduced due to the time boxing. For examples
Functions which are not very important for the organization will be removed. But for good
information system, these types of requirements are necessary for example “Sending messages to
young people about events in the area”.

Total words for Section A: 988

6
Development, Frameworks and Methods

Section B

7
Development, Frameworks and Methods

A short explanation of high level requirement

High level requirements are the same as business requirements which are better understood by the top
level management. It is only planned to offer guidance to the key issues or problems. This can be split
into functional and non-functional requirements.

A short explanation of functional and non functional requirement

Functional requirements describe what a system is supposed to do. These are always the main
functions of a system to be built. They focus on these criteria such as business rules, validation,
managing finance, reporting requirement etc. Non functional requirements describe further functions
of the system to be built except functionality. It indicates criteria which evaluates the function of a
system instead of exact behaviors. They focus on these criteria such as performance, security,
maintainability, reliability etc.

Remark: I have also taken a few requirements from the interview list in order to get an effective
information system. Without them, the system will be incomplete and unusable. These are excluded in
overall requirements list given at the case study.

B1. High level appropriate and inappropriate requirements

B1.1 High level requirements (Appropriate)

1. Collecting data correctly from local offices

MIS must be able to keep the data about projects from all local centers. If required, it must
offer data immediately. Depending on data, SEG can offer guidance to improve the
performance of employees and projects.

2. Producing management reports for both SMT and Trustees

MIS must produce reports about each project, only then they can estimate for further projects
and make decision what to do next. They can also offer necessary instructions for projects
having problems. Everything they ratify is based on project reports.

3. Adding a standard set of performance indicators into the system in order to measure the
project

MIS will include some standards set of performance indicators for example, the time box of a
project, use of resource, budget, man power, number young people improved in each project
to measure the effectiveness and success of projects.

4. Giving better data as to how finances and resources are allocated

MIS must have this function to get correct financial records from local offices as regional
directors are reluctant to give accurate financial data. It must also be able to offer suggestions
to the Head Office to allocate finance and resources because CSA needs to know the use of
resources and finance for each project running at different offices. Only then they can send
information to their related parties who have asked to see it.

8
Development, Frameworks and Methods

5. Developing a common interface for the Management Information System and external
systems so that data is only entered once

CSA will have hardship to control MIS if it contains the same data at different places. So,
entering the data more than once must be restricted.

6. Can pass the information from on project to another

To get faster performance of the projects, the MIS should provide easy access to information
from one project to another. It increases workload and reduce overheads and saves time.

7. Ensuring the data is protected and it is allowed to use to the right people at different
levels in the organization

A data controller must be appointed to keep data securely. The system must provide access to
sensitive data such as financial information to the authorized person only because there are
many staffs in CSA and the data can be used for illegal purposes.

8. Keeping details of the contracts between CSA and funding bodies for each project

MIS must have this requirement in order to set time boxing, use resources and man power for
each project at CSA. This will help CSA manage projects.

9. Permitting projects to keep demographic data about young people in a standard way,
able to be seen by central offices
The management team of CSA must know demographic data concerning young people
because they have to know what the real needs of young people are. Only then they can know
what types of project are required to start at what area.

B1.2 High Level Requirement (Inappropriate)

10. Containing a simple case management tool to allow project workers to record short
notes in a secure way

This requirement can make the MIS complex and unusable by keeping a lot of detail
information of managing the projects which are not very important for CSA.

11. Developing an enterprise scheduling tool for the managing meetings with staff and
young people

The Management information system will become very large if it contains enterprise
scheduling tools which are not urgently needed by CSA. They just need an effective
management tool to manage projects.

9
Development, Frameworks and Methods

12. Integrating existing data into the system

As CSA doesn’t have a standard way of recording projects information, the existing data
won’t come into use for developing MIS.

13. Developing the system in order to be extendable to contain extra features in the future
This requirement should be thought before development of the MIS but not very important for
CSA to monitor projects. MIS should have only core functions for management (for example
keeping financial records correctly). CSA has just intended to add features of the MIS after it
has been developed.

Word Counts B1= 861

********************************************************************************

Moscow

B2. List of functional and non-functional requirements

B2.1The following are functional and non-functional requirements based on appropriate high
level requirements with prioritization.

Functional Requirements

1. Collecting data correctly from local offices Must Have

2. Producing management reports for both SMT and Trustees Must Have
3. Giving better data as to how finance and resources are allocated Must Have
4. Keeping details of the contracts between CSA and funding Must Have
bodies for each project
5. Adding a standard set of performance indicators into the system
in order to measure projects Must Have
6. Permitting projects to keep demographic data about
young people in a standard way, able to be seen by central offices Must Have
7. Developing a common interface for the Management Information
system and external systems so that data only entered one Could Have

Non-Functional Requirements

8. Ensuring the data is protected and it is allowed to use

to the right people at different levels in the organization Should Have
9. Can pass the information from on project to another Could Have

10
Development, Frameworks and Methods

B2.2 Explanation of setting about prioritization with justification

Functional Requirement

Collecting data correctly from local offices Must Have

This is a must have requirement for developing MIS. As CSA needs MIS to monitor all projects, the
system must be added this requirement to be able to collect correct data about each project from local
offices. Without having this in MIS, CSA will have difficulties to manage projects from head offices
as data about projects are missing which are very important for managing projects.

Producing management reports for both SMT and Trustees Must Have

The requirement must be included in MIS because it must produce reports by showing all
management information for example, progress of project, use of resources and man power used for
each project etc. Both SMT and Trustees need reports to offer necessary guidance and show that the
projects are going well to the funders.

Giving better data as to how finance and resources are allocated Must Have

This is a must have requirement for developing MIS because MIS must have correct financial record
and it should provide data for the use of finance and resource when needed. Only then CSA can
estimate for future projects and avoid unwanted cost.

Keeping details of the contracts between CSA and funding Must Have

bodies for each project

MIS must includes this requirement because MIS must have all information of contracts between
CSA and funding bodies in order to offer contract information to the contract team when required.
With this information, contract team can manage current contracts.

Adding a standard set of performance indicators into the system Must Have

in order to measure projects

This requirement can’t be left because CSA will not able to measure the projects running under it so
that MIS must be added some standard set of performance indicators for example, functions that
calculate use of resources, finance, number of young people improved by each project. This will help
CSA make better projects in the future.

Permitting projects to keep demographic data about

young people in a standard way, able to be seen by central offices Must Have

By keeping demographic data systematically, CSA can easily analyze for future projects based on
these data. So, I selected this requirement as a must have for developing MIS.

11
Development, Frameworks and Methods

Developing a common interface for the Management Information Could Have

system and external systems so that data only entered one

CSA can monitor or manage projects without this requirement as it is related to data input and
restriction of inserting duplicate data. But MIS may include duplicate data if it doesn’t add this
requirement.

Non-Functional Requirements

Ensuring the data is protected and it is allowed to use Should Have

to the right people at different levels in the organization

This is a should have requirement for developing MIS because it’s related to authentication and
security. CSA can run MIS to monitor projects without this requirement. As it’s a non-profit
organization, unauthorized access to data may not effect very much on CSA. This requirement should
be included to prevent unwanted risks.

Can pass the information from on project to another Could Have

This requirement can be left for developing MIS because MIS will be able to collect all information
about project from all local offices. So, authorized people at different local offices will have access to
the data from MIS.

First Increment, Second Increment and Third Increment

Each requirement will be described for how long they will take to be completed.

As the project will be developed by using DSDM, it should be finished during six months. 8
hours for a day and 40 hours for a month and 960 hours for six months. Within 770 hours, all
must have functions will be completed.

These are the must have requirements which will be delivered as the first increment. The MIS will
really be workable with these requirements and employees in CSA can give feedback for each
increment for avoid unwanted errors and meet it their desired requirements.

First Increment

No Requirement Hours Prioritization

1 Collecting data correctly from local offices 120 Must Have
2 Producing management reports for both SMT and 80 Must Have
Trustees
3 Giving better data as to how finance and resources are 100 Must Have
allocated
4 Keeping details of the contracts between CSA and 100 Must Have
funding bodies for each project

5 Adding a standard set of performance indicators into the 80 Must Have

system in order to measure projects

12
Development, Frameworks and Methods

6 Permitting projects to keep demographic data about 80 Must Have

young people in a standard way, able to be seen by
central offices
7 Ensuring the data is protected and it is allowed to use 70
to the right people at different levels in the organization

8 Developing a common interface for the Management 70

Information system and external systems so that data
only entered one
9 Can pass the information from on project to another 70

Total Must have hours= 770

This should have requirement is essential but not very important for the system to contains in the first
increment. So, it will be delivered as the second increment to the users.

Second Increment

No Requirement Hours Prioritization

1 Collecting data correctly from local offices 120 Must Have
2 Producing management reports for both SMT and 80 Must Have
Trustees
3 Giving better data as to how finance and resources are 100 Must Have
allocated
4 Keeping details of the contracts between CSA and 100 Must Have
funding bodies for each project

5 Adding a standard set of performance indicators into the 80 Must Have

system in order to measure projects
6 Permitting projects to keep demographic data about 80 Must Have
young people in a standard way, able to be seen by
central offices
7 Ensuring the data is protected and it is allowed to use 70 Should Have
to the right people at different levels in the organization

8 Developing a common interface for the Management 70

Information system and external systems so that data
only entered one
9 Can pass the information from on project to another 70

Total should have hours = 70

Second Increment total hours = 840

13
Development, Frameworks and Methods

These are could have requirement and these can make MIS better. It could be left if the time box is
not enough. But, MIS will work without any problems.

Third Increment

No Requirement Hours Prioritization

1 Collecting data correctly from local offices 120 Must Have
2 Producing management reports for both SMT and 80 Must Have
Trustees
3 Giving better data as to how finance and resources are 100 Must Have
allocated
4 Keeping details of the contracts between CSA and 100 Must Have
funding bodies for each project

5 Adding a standard set of performance indicators into the 80 Must Have

system in order to measure projects
6 Permitting projects to keep demographic data about 80 Must Have
young people in a standard way, able to be seen by
central offices
7 Ensuring the data is protected and it is allowed to use 70 Should Have
to the right people at different levels in the organization

8 Developing a common interface for the Management 60 Could Have

Information system and external systems so that data
only entered one
9 Can pass the information from on project to another 60 Could Have

Must Have= 770 hours

Should Have= 70 hours

Could Have= 120 hours

Within six months, MIS will be finished. But some unexpected risks may occur, so, there will be
some delays to deliver the system. If the project is likely to be late, should have and could have
requirements could be left.

********************************************************************************

14
Development, Frameworks and Methods

Section C

15
Development, Frameworks and Methods

(C1)

As CSA is a charity organization, it relies on public trust. It’s not possible to make sure that CSA
is 100% safe at all times. So, CSA needs to show that they focus on its responsibilities to keep the
data securely and it is taking balanced measures for protecting personal data from being misused. As
it has 60 different projects at different local offices, data protection has become an issue for it with
large amount of data of young people and funders but although small charity organizations are
possibly to keep personal data on people for example staff, trustees. Currently CSA is facing various
difficulties to collect data as staffs have no awareness of keeping data securely and no professionalism
about dissemination of data. What’s worse is duplication of the same personal data because CSA has
no standard way of keep data related to young people, staff and funders or supporters.

In order for CSA to stand on its existing reputation, it needs to handle all its data securely. CSA
should make sure that the personal information is not misused and doesn’t reach into wrong hands.
So, to keep and manage data securely, a data controller should be appointed who has to process CSA
data under Data Protection Act. DPA is only related to the treatment of personal data. He will be
lawfully in charge for making sure that data processing complies with the DPA. DPA is in relation to
protect people from the misuse of their personal information. In order for data controllers to work at
organization, they need to register with the Information Commissioner by providing details on the
type of data which will be hold and the purpose of processing personal data. DPA states eight
principles that the data controllers must follow them when processing the data.

As Data controllers must follow the eight principles, the data about CSA projects will become secure.
Every local office can access to data within CSA depending on their needs but they must comply with
the data protection act. So, data will be protected and not misused. Public trust for CSA will increase.

The following are the issues that CSA may have to face after developing a centralized management
information system attached what the data controller will have to solve these issues.

Example (One)

CSA has all the personal data of employees, young people and funders. If the government or other
charity organizations ask for the data it holds to use for other purpose, CSA will likely to share the
data to them.

Data controller help overcome this issue according to DPA 1,

- Deciding why the government or other charity organizations needs the personal data and what
they intend to do with it
- Making sure that CSA provides clear and correct privacy notices to employees or young
people for collecting their personal data
 Privacy notice should contain the purpose of processing their personal data
and the processing of their personal information is fair such as who you may
disclose the information to that subject would not expect.

16
Development, Frameworks and Methods

Example (Two)

The system will permit projects to keep demographic data about young people which will be
accessible by central offices. Existing data will also be kept in the new MIS.

According to DPA 3,

- Data controller must make sure that whether the personal information that the CSA holds is
relevant. In order to consider if each is relevant for the purposes this is described in a privacy
notice to the data subject and in notification to the Information Commissioner Organization.

- Data Controller must ensure that the data he holds is too much. The excessive data that he
doesn’t require for his specified purposes, must delete it.

- Data Controller must establish if the data is sufficient to make decisions it informs, decisions
that may have a major impact on the data subject will probably needs a great deal of
information and CSA is often required to make those decisions.

- Making sure that CSA holds the right information is important for both decisions making and
protecting individuals CSA hold data about. It’s ethical and legal responsibilities for both
CSA and data controller to keep their personal data properly.

Word Counts: 700

17
Development, Frameworks and Methods

(C2)

Purpose of the code of conduct for a professional body (BCS)

Today, People around the world are using IT for different purposes. Especially, organizations and
companies are mainly using IT for their daily processing to be smooth and reduce workload. As IT is
on the rise, the IT professionals and universities are also increasing day by day. And, the IT society
will become outrageous because IT professionals and universities are misusing IT and taking
advantages of people who are lack of IT knowledge. Not only in IT but also other fields are like that.
It’s widely regarded that using IT is very expensive in organizations and companies. So, every
organization doesn’t need to have wasted their investment by having unusable systems. So, they need
a professional body to control all these issues. That’s why Professional bodies such as BCS have to
form to handle IT professionals and set the standards and rules for them to work accordingly. Here is
the purpose of BCS

 Promote the study and practice of computing and to advance knowledge of and education in
IT for public’s advantage.
 Sets out the professional standards needed by the society
 Applies to members of all grades (including students)

BCS Code of conduct

Based on the following BCS code of conduct, the four professional issues are done.

(d) “Shall not reveal or allow to be revealed, or use for personal advantage or to profit a third party,
private information apart from the permission of relevant authority, or as needed by legislation”.
(e) “NOT misrepresent or withhold information on the performance of products, systems or services
(unless lawfully bound by a duty of confidentiality not to disclose such information), or take
advantage of the lack of relevant knowledge or inexperience of others”.
(g) “Shall refuse and not make any offer inducement”.
(f) “Shall avoid hurting others, their belongings, reputation, and employment by false” etc.
(b) “Shall avoid any condition which may raise conflict of interest between professionals and
employers and organization”.
(a) “Shall be focus on and careful of public health, safety and environment in professional role”.

Ref: BCS, the Chartered Institute for IT, 8 June 2011. Code of Conduct for BCS members. Trustee
Board Regulations Schedule 3 Volume 4, page 2-3. BCS, UK.

Four Professional Issues

After developing MIS for CSA, the system developer will know all about a charity organization
and have the copy of MIS as he would develop it. If other charity organization may ask him to
develop a similar system for their organization, he may sell the information system of CSA by
adding some necessary functions.

In this condition, the system developer will be in breach of rule (d) and (e) of duty of relevant
authority of the BCS. The case would be clear of disclosing information for personal gains without
letting CSA know and keeping information of the MIS of CSA on the performance of system and
taking benefits from other organization who doesn’t know that the system that the system developer

18
Development, Frameworks and Methods

will deliver to them legally belongs to the CSA. Being a professional, he should seek permission and
provide explanation to CSA before he discloses information. He should also tell other organization
that he has developed the same similar system for CSA. So, he will take some of the functions from it
to develop a system for them.

Some of the main employees in CSA such as Sean McNally, Northern Regional Director isn’t
interested and willing for the new information system because he doesn’t want to have been
supervised from the central office so that he can take benefits with this way. So, he may
probably tell system developer to add some wrong functions by offering bribes to make central
office fail to manage his office.

According to BCS code of conduct, the system developer will be in breach of rule (g) and (f) of
professional competence and integrity and he shouldn’t take any bribe from Sean McNally and other.
Instead, he should tell the management team about that.

As the management information system that CSA wants to have is a large development project,
the system developer may take this an opportunities by giving time for other’s project during
developing CSA project in order to get more money at the same time. So, he will likely to deliver
the system later than the deadline.

In this situation, role (b) of Duty to relevant section of the BCS is the most suitable. This case would
be a plain case of increasing conflicts between system developer and CSA because he will deliver the
system late. As a professional, he should work according the commitment with CSA and finish within
time box or. Time is very important for every organization or company. So, he should not break his
commitment. He should make direct disclosure to the management team of the CSA with the correct
reasons why he fails to deliver the system on time. He should seek advice from them how to move
next.

As the system developer has contracted to CSA to develop an information system, he must
collect personal data about young people, employees and funders and will have all personal data
in his hand. He may likely to use these data when developing similar information systems.

According to BCS code of conduct, the system developer will be in breach of rule (a) of public trust.
As a professional, he should always be careful of public security and privacy. He should not disclose
their data for any purposes without their permission.

Word Counts: 734 (Exclusive of BCS Code of Conduct rules)

19