Theory of constraints Basic

Here are the basic principles of TOC that find there application in the critical chain management:

  • Eliminate Safeties from Each Task
  • Management Must Not Insist on Each Task Starting & Finishing “On Time”
  • Stagger Tasks in the Schedule Using Finish to Start Constraints
  • Start Right Jobs at Right Time Using Prioritized Task List
  • Focus on Meeting Milestone Dates, Not Task Dates
  • Single Integrated Schedule
  • Update Official Schedules Daily with Actual Starts, Remaining Duration, & Actual Finishes
  • Predict Milestones Based on Buffer Penetration
  • Focus on Task Throughput, NOT on Task Costs
  • Counter Parkinson’s Law
  • Conserve Available Float/Slack on Each Task, Reduce Time Available
  • Counter Student Syndrome
  • Start Each Task As Early As Possible
  • Claim Early Finishes Immediately
  • When Problems Occur, Solve the Problem vice Starting New Task
  • Decrease Frequency & Duration of Meetings
  • Resolve Conflicts Immediately at the Jobsite
  • Eliminate Bad Multi-tasking
  • Resources Focus on One Job at a Time, Work to Completion
  • Keep WIP Low!
  • Request Only Resources Necessary to Accommodate Priority Work
  • Request Only Overtime Necessary to Recover Buffer on Priority Work
  • Move Resources When Work is Done to Next Priority Work Quickly
  • Work Right Jobs instead of Easy Jobs
  • Plan for New Work & Scope Changes vice Complaining About it



Kaspersky released two paper which are really interesting in order to understand the level of sophistication cyber criminal reached. Here are the links

I strongly suggest to read them, some parts are technical, but some other are understandable and gives serious insight on modern cyber-crime.

Creation of a shared vision in IT

This article is following the one where I highlighted some attention points to take care when changing job, but it specifies the aspect in relation to a team of IT professionals.

Here I would like to focus on the importance of a vision, an idea a final point which will drive us to what we want to reach with the team.

I would like to stress that creating your own vision is a fundamental task which usually takes a lot of time and involves both personal (what gives me the highest satisfaction in my work) and professional (where i want to be) aspects. Additionally this isn’t a static process, but it will be normal that your vision will change as your career and personal life will progress.

Our own vision will be the result of a personal work, that we will build during or after the analysis of the situation where we will be working. However this is not enough, our idea of what we will be must be shared with our team and (most difficult) it has not to be against the one of our company. For this reason after a personal work, we must follow with a confrontation phase with our bosses and our team.

A good practice is to discuss first with our executive and then keep one or two brainstorming session with our team, later we will close the sessions with a clear commitment for getting the objectives that were agreed.

Continue reading Creation of a shared vision in IT

Risk Avoidance right from the start

Once the scope and a draft of the plan are defined, we need to star the project risk analysis.
The idea of risk is strictly related to the idea of a project: a project without risks doesn’t exist. For this reason along the whole project duration, we need to apply the correct techniques of risk management.

When we do a correct risk management, in order to reduce/eliminate the risk we found, we often need to reconsider some decisions we took during the definition/planning phase.

For this reason it is clear that deleting the risks since the beginning of the project its quite important in term of added value. Indeed, in this phase the cost of one change is still very low, since the status of many document is still open and many decision are still to be taken.

This big TO-DO list should help us in the initial phases, since it gives some ideas to find and reduce the risks related to the most importat project areas (scope, planning, resources). Maybe many of you will take it as obvious things, but, at the end, it is usually on this obvious things that we find the biggest problems.

Continue reading Risk Avoidance right from the start

Some Links

In my company I recently have been working on the preparation for a penetration test to be performed by an external team. For this reason I had to refresh my knowledge. I found quite useful the following links:

Let me know if you find other useful frameworks.

Requirement Elicitation

Following a list of some of the best elicitation (collecting intelligence information) techniques:

  • introspection: what would I want/need/desire if I were a user of the proposed system?
  • brainstorming: free association and generation of ideas for the proposed system
  • Post-It notes and white board: create, modify, group, and rearrange statements of needs and desires
  • paper prototypes: construct interfaces and operational scenarios.
  • questionnaires: which of the following features do you need/desire?
  • observation: watch people performing their work tasks
  • open-ended interviews: tell me how you would use the proposed system
  • focus groups: please tell us what you would want/need/desire in the proposed system
  • operational walkthroughs: development of scenarios by interacting with users (UML)
  • demonstrations: how to you like this interface? what should be added/removed/changed?
  • protocol analysis: document the tasks users perform and the features they would need in the proposed system
  • business case analysis: what features are needed to support the operations of our business?
  • JAD (joint application development) sessions: facilitated meetings with users
  • Work with the users: it is not always possible, but this technique gives the best result

How to define a project … without killing yourself.

In this article I will present some hints to consider when starting a project, so that we will be able to avoid “unpleasant surprise” once the work will be started. We can consider some of this points in our contract or simply keep them as project risks, but surely we shouldn’t ignore them.

This sequence is naturally applied when products of project are IT applications or are IT related, but in my opinion, many of the observation are good even in case of not-IT projects.

Sponsors and Stakeholder Expectations

Along the whole project duration we need to manage the expectations of our clients. However, the most critical moment in this task happens at the beginning of the project, when we are defining the roles, the project expectation, the deliverables and the project economics

  • Identify as soon as possible the key sponsor, the target user and other stakeholders group. We need to have clearly closed the following list early in the project:
    • who pays for the project
    • who is representing the user groups
    • “internal” users – who, inside the organzation will use the product
    • “external” users – clients of the organization that interacts with the product
    • “indirect” users – these users do not interact with the product but use what the application produces
    • support groups that later will have to maintain the product
  • Understand and document the goals and expectations from the sponsors and other key stakeholders
  • Understand and document concerns from the sponsors and other key stakeholders, and ensure that the project has a plan to address them.
  • Understand the role of each stakeholder and the influence he/she has on the project’s success.

Continue reading How to define a project … without killing yourself.

Preparing Project Financial Plans

Please consider this article as a draft that will be enhanced during the time with additional experience and with any comment.

The aim is to define a series of steps and attention points to follow when preparing a project financial plan, for later using it in the control phase

  • Identify People Costs

Usually specific financial management tools shoud be used to aggregate the effort by resource type (or individual). After this it is possible to obtain the total person costs by multiplying the estimated number of person-days for each type of resource by a daily rate for that resource type. This rate may be an assumed average, specific rates for known individuals on the project team, or a combination of the two.

Please remember that the detailed estimates documented in the estimating package were developed at the activity/task level to understand the scope of effort, but, the costs in the financial plan must reflect the staffing profile over time (i.e., the number of people multiplied by the time they are charged to the project). For example, during the analysis phase the project will have to absorb the costs of programmers, unless you will find other tasks for them (e.g. documentation, tools, environment preparation), since they will not be productive. Also, part-time resource allocation is not realistic, unless you can make specific arrangements to share a resource with another project.
If necessary, adjust utilization percentage or total days to better reflect time to be spent on the project. Include an “absence pool” to reduce total assigned time for such factors as unidentified vacation, sick time, or training time.
Record the cost rates to be used and document all assumptions with respect to the cost rates along with the other assumptions on which the estimate is based.
On large projects, make sure that the costing model includes a rate and salary adjustment factor for future years.

Continue reading Preparing Project Financial Plans

it’s a war

I was recently reading the IEEE document Avoiding the Top 10 Software Security Design Flaws and it came to my attention that the suggestions made in order to avoid designing an unsafe system could also be read as the suggestions for good strategy definition in a military school.

More, I was thinking about the guerrilla tactics, about the communications in a real war about the defense …

It could be nice to take some of the classic books (just to mention the most famous Von Clausewitz, Sun Tzu) and to read their books in a modern way.

In my opinion everything can be read in a double way. This fact gave me some ideas for new articles and at the same time many insights about how to view a situation that in this moment can really be considered as a true war.

Does Europe want Google to leave?

First the right to be forgotten, then the German press, then the Spanish press and at the end the possible fine from the dutch watchdog (BBC News – Dutch data watchdog threatens Google with £12m fine).

I wonder if we want Google to leave Europe or to strongly reduce its power and its services to the paid ones.

I understand that there is a real war on these subjects between Europe and American companies, but I don’t fell this is the best way to win the fight (see what happened in Spain were Google stopped its news services).

We, as European, are becoming ridiculous in front of USA.

Better to think in advance what we want (and in my opinion I would like more Google, bringing work and paying taxes) and then act.