🔖Book Review: Rolf Hichert & Jürgen Faisst's International Business Communication Standards (IBCS Version 1.2)

Over the last months I found several references to Rolf Hichert & Jürgen Faisst's booklet on business communication standards [1]. It draw my attention especially because it attempts to provide a standard for reports and data visualizations, which frankly it seems like a tremendous endeavor if done right. The two authors founded the IBCS institute 20 years ago, which is a host, training institute, and certification body of the Creative Commons project called IBCS.

The 150 pages booklet considers various standardization techniques with the help of more than 180 instructive figures, the overall structure being based on a set of principles and rules rooted in an acronym that spells "SUCCESS" - Say, Unify, Condense, Check, Express, Simplify, Structure. On one side the principles seem to form a solid fundament, however the fundament seems to suffer from the same rigidity resulted from fitting something in a nicely-spelled acronym. 

Say or conveying a message reflects the principle that each report should convey a message, otherwise the report is just a data collection. According to this "definition" most of the operational reports are just collections of data. Conversely, lot of communication in organizations revolve around issues, metrics and decision making, scenarios in which the messages conveyed can be powerful though dependent on the business context. Settling on only one message can make the message fall short.

Unifying or applying semantic notation reflects the principle that things that have same meaning should look the same. There are many patterns out there that can be standardized, however it's questionable how much complex visualizations can be standardized, respectively how much liberty of expressing certain aspects the standardization allows. 

Condense or increasing the information density reflects the requirements that all information necessary to understanding the content should, if possible, be included on one page. This allows to easier navigate the content and prioritize what the audience is able to see. The principle however seems to have more to do with the ink-information ratio principle (see [2]). 

Check or ensuring the visual integrity reflects the principle that the information should be presented in the most truthful and the most easily understood way. This is something that many data visualizations out there lack.

Express or choosing the proper visualizations is based on the principle that the visuals considered should be as intuitive as possible. In theory, the more intuitive a visual the easier is to be understood and reused, however this depends on the "visual vocabulary" and "visual grammar" of each individual. Intuition is something that needs to grow through the interplay of these two areas. Having the expectation of displaying everything in terms of basic elements is unrealistic and suboptimal. 

Simplify or avoiding clutter refers to eliminating the unnecessary from a visualization, when there's nothing to take out without changing the meaning of a visualization. At least, the principle is correctly considered even if is in general difficult to apply because quite often one needs to build something more complex and reduce the complexity through iterative steps until the simple is obtained. 

Structure or organizing the content is based on the principle that content should follow (a logical consistent) structure. The interplay between function and structure is an important topic in itself.

Browsing through the many data visualizations given as example, I'd say that many of the recommendations make sense, though from there to a standardization is still a long way. The reader should evaluate against his/her own judgements the practices described and consider what seems to work. 

The book is available on the IBS website as PDF, though the Kindle version is 40% cheaper. Overall, it is worth a read. 

Previous Post <<||>>  Next Post

Resources:
[1] Rolf Hichert & Jürgen Faisst (2022) "International Business Communication Standards (IBCS Version 1.2): Conceptual, perceptual, and semantic design of comprehensible business reports, presentations, and dashboards" (link)
[2] Edward R Tufte (1983) "The Visual Display of Quantitative Information"
[3] IBCS Institude (2024) About (link)

📦Data Migrations (DM): Quality Assurance (Part IV: Quality Acceptance Criteria IV)

Data Migrations Series

Reliability

Reliability is the degree to which a solution performs its intended functions under stated conditions without failure. In other words, a DM is reliable if it performs what was intended by design. The data should be migrated only when migration’s reliability was confirmed by the users as part of the sign-off process. The dry-runs as well the final iteration for the UAT have the objective of confirming solution’s reliability.

Reversibility

Reversibility is the degree to which a solution can return to a previous state without starting the process from the beginning. For example, it should be possible to reverse the changes made to a table by returning to the previous state. This can involve having a copy of the data stored respectively deleting and reloading the data when necessary. 

Considering that the sequence in which the various activities is fix, in theory it’s possible to address reversibility by design, e.g. by allowing to repeat individual steps or by creating rollback points. Rollback points are especially important when loading the data into the target system. 

Robustness

Robustness is the degree to which the solution can accommodate invalid input or environmental conditions that might affect data’s processing or other requirements (e,g. performance). If the logic can be stabilized over the various iterations, the variance in data quality can have an important impact on a solutions robustness. One can accommodate erroneous input by relaxing schema’s rules and adding further quality checks.

Security 

Security is the degree to which the DM solution protects the data so that only authorized people have access to the respective data to the defined level of authorization as data are moved through the solution. The security provided by a solution needs to be considered against the standards and further requirements defined within the organization. In case no such standards are available, one can in theory consider the industry best practices.

Scalability

Scalability is the degree to which the solution is able to respond to an increased workload.  Given that the number of data considered during the various iterations vary in volume, a solution’s scalability needs to be considered in respect to the volume of data to be migrated.  

Standardization

Standardization is the degree to which technical standards were implemented for a solution to guarantee certain level of performance or other aspects considered as import. There can be standards for data storage, processing, access, transportation, or other aspects associated with the migration processes. Moreover, especially when multiple DMs are in scope, organizations can define a set of standards and guidelines that should be further considered.  

Testability

Testability is the degree to which a solution can be tested in the respect to the set of functional and data-related requirements. Even if for the success of a migration are important the data in their final form, to achieve that is needed to validate the logic and test thoroughly the transformations performed on the data. As the data go trough the data pipelines, they need to be tested in the critical points – points where the data suffer important transformations. Moreover, one can consider record counters for the records processed in each such critical point, to assure that no record was lost in the process.  

Traceability

Traceability is the degree to which the changes performed on the data can be traced from the target to the source systems as record, respectively at entity level. In theory, it’s enough to document the changes at attribute level, though upon case it might needed to document also the changes performed on individual values. 

Mappings at attribute level allow tracing the data flow, while mappings at value level allow tracing the changes occurrent within values. 

Previous Post <> Next Post

🧮ERP: Planning (Part II: It’s all about Scope - Nonfunctional Requirements & MVP))

Nonfunctional Requirements

In contrast to functional requirements (FRs), nonfunctional requirements (NFRs) have no direct impact on system’s behavior, affecting end-users’ experience with the system, resuming thus to topics like performance, usability, reliability, compatibility, security, monitoring, maintainability, testability, respectively other constraints and quality attributes. Even if these requirements are in general addressed by design, the changes made to the system have the potential of impacting users’ experience negatively.  

Moreover, the NFRs are usually difficult to quantify, and probably that’s why they are seldom made explicit in a formal document or are considered eventually only at high level. However, one can still find a basis for comparison against compliance requirements, general guidelines, standards, best practices or the legacy system(s) (e.g. the performance should not be worse than in the legacy system, the volume of effort for carrying the various activities should not increase). Even if they can’t be adequately described, it’s recommended to list the NFRs in general terms in a formal document (e.g. implementation contract). Failing to do so can open or widen the risk exposure one has, especially when the system lacks important support in the respective areas. In addition, these requirements need to be considered during testing and sign-off as well. 

Minimum Viable Product (MVP)

Besides gaps’ consideration in respect to FRs, it’s important to consider sometimes on whether the whole functionality is mandatory, especially when considering the various activities that need to be carried out (parametrization, Data Migration).

For example, one can target to implement a minimum viable product (MVP) - a version of the product which has just enough features to cover the mandatory or the most important FRs. The MVP is based on the idea that implementing about 80% of the needed functionality has in theory the potential of providing earlier a usable product with a minimum of effort (quick wins), assure that project’s goals and objectives were met, respectively assure a basis for further development. In case of cost overruns, the MVP assures that the business has a workable product and has the opportunity of deciding whether it’s worth of investing more into the project now or later. 

The MVP allows also to get early users’ feedback and integrate it into further enhancements and developments. Often the users understand the capabilities of a system, respectively implementation, only when they are able using the system. As this is a learning process, the learning period can take up to a few months until adequate feedback is available. Therefore, postponing implementation’s continuation with a few months can have in theory a positive impact, however it can come also with drawbacks (e.g. the resources are not available anymore). 

A sketch of the MVP usually results from requirements’ prioritization, however then requirements need to be regarded holistically, as there can be different levels of dependencies existing between them. In addition, different costs can incur if the requirements will be handled later, and other constrains may apply as well. Considering an MVP approach can be a sword with two edges. In the worst-case scenario, the business will get only the MVP, with its good and bad characteristics. The business will be forced then to fill the gaps by working outside the system, which can lead to further effort and, in extremis, with poor acceptance of the system. In general, users expect having their processes fully implemented in the system, expectation which is not always economically grounded.

After establishing an MVP one can consider the further requirements (including improvement suggestions) based on a cost-benefit basis and implement them accordingly as part of a continuous improvement initiative, even if more time will be maybe required for implementing the same.

Previous Post <<||>> Next Post

🧊☯Data Warehousing: Data Vault 2.0 (The Good, the Bad and the Ugly)

Data Warehousing Series

One of the interesting concepts that seems to gain adepts in Data Warehousing is the Data Vault – a methodology, architecture and implementation for Data Warehouses (DWH) developed by Dan Linstedt between 1990 and 2000, and evolved into an open standard with the 2.0 version.

According to its creator, the Data Vault is a detail-oriented, historical tracking and uniquely linked set of normalized tables that support one or more business functional areas [2]. To hold data at the lowest grain of detail from the source system(s) and track the changes occurred in the data, it splits the fact and dimension tables into hubs (business keys), links (the relationships between business keys), satellites (descriptions of the business keys), and reference (dropdown values) tables [3], while adopting a hybrid approach between 3rd normal form and star schemas. In addition, it provides a two- or three-layered data integration architecture, a series of standards, methods and best practices supposed to facilitate its use.

It integrates several other methodologies that allow bridging the gap between the technical, logistic and execution parts of the DWH life-cycle – the PMI methodology is used for the various levels of planning and execution, while the Scrum methodology is used for coordinating the day-to-day project tasks. Six Sigma is used together with Total Quality Management for the design and continuous improvement of DWH and data-related processes. In addition, it follows the CMMI maturity model for providing a clear baseline for benchmarking an organization’s DWH capabilities in development, acquisition and service areas.

The Good: The decomposition of the source data models into hub, link and satellite tables provides traceability and auditability at raw data level, allowing thus to address the compliance requirements of Sarabanes-Oxley, HIPPA and Basel II by design.

The considered standards, methods, principles and best practices are leveraged from Software Engineering [1], establishing common ground and a standardized approach to DWH design, implementation and testing. It also narrows down the learning and implementation paths, while allowing an incremental approach to the various phases.

Data Vault 2.0 offers support for real-time, near-real-time and unstructured data, while new technologies like MapReduce, NoSQL can be integrated within its architecture, though the same can be said about other approaches as long there’s compatibility between the considered technologies. In fact, except business entities’ decomposition, many of the notions used are common to DWH design.

The Bad: Further decomposing the fact and dimension tables can impact the performance of the queries run against the tables as more joins are required to gather the data from the various tables. The further denormalization of tables can lead to higher data storage needs, though this can be neglectable compared with the volume of additional objects that need to be created in DWH. For an ERP system with a few hundred of meaningful tables the complexity can become overwhelming.

Unless one uses a COTS tool which automates some part of the design and creation process, building everything from scratch can be time-consuming, increasing thus the time-to-market for solutions. However, the COTS tools can introduce restrictions of their own, which can negatively impact the overall experience with the methodology.

The incorporation of non-technical methodologies can have positive impact, though unless one has experience with the respective methodologies, the disadvantages can easily overshadow the (theoretical) advantages.

The Ugly: The dangers of using Data Vault can be corroborated as usual with the poor understanding of the methodology, poor level of skillset or the attempt of implementing the methodology without allowing some flexibility when required. Unless one knows what he is doing, bringing more complexity in a field which is already complex, can easily impact negatively projects’ outcomes.

Previous Post <<||>> Next Post

References:
[1] Dan Linstedt & Michael Olschimke (2015) Building a Scalable Data Warehouse with Data Vault 2.0
[2] Dan Linstedt (?) Data Vault Basics [source]
[3] Dan Linstedt (2018) Data Vault: Data Modeling Specification v 2.0.2 [source]

🛡️Information Security: Security Policy (Definitions)

"The active policy on the client's computer that programmatically generates a granted set of permissions from a set of requested permissions. A security policy consists of several levels that interact; by default only permissions granted by all layers are allowed to be granted." (Damien Watkins et al, "Programming in the .NET Environment", 2002)

"A collection of standards, policies, and procedures created to guarantee the security of a system and ensure auditing and compliance." (Carlos Coronel et al, "Database Systems: Design, Implementation, and Management" 9th Ed, 2011)

"The set of decisions that govern security controls." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"In label-based access control, a database object that is associated with one or more tables and that defines how LBAC can be used to protect those tables. The security policy defines what security labels can be used, how the security labels are compared to each other, and whether optional behaviors are used. See also label-based access control, security label." (IBM, "Informix Servers 12.1", 2014)

"A written statement describing the constraints or behavior an organization embraces regarding the information provided by its users" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

"Strategic tool used to dictate how sensitive information and resources are to be managed and protected." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"Set of rules, guidelines and procedures represented in official security documents that define way in which state will protect its own national security interests." (Olivera Injac & Ramo Šendelj, "National Security Policy and Strategy and Cyber Security Risks", 2016)

"A set of rules and practices that specify or regulate how a system or an organization provides security services to protect sensitive and critical system resources." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"A statement of the rules governing the access to a system’s protected resources." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"In label-based access control, a database object that is associated with one or more tables and that defines how LBAC can be used to protect those tables. The security policy defines what security labels can be used, how the security labels are compared to each other, and whether optional behaviors are used. See also label-based access control, security label." (Sybase, "Open Server Server-Library/C Reference Manual", 2019)

"A set of criteria for the provision of security services." (CNSSI 4009-2015 NIST)

 "A set of methods for protecting a database from accidental or malicious destruction of data or damage to the database infrastructure." (Oracle)

"Security policies define the objectives and constraints for the security program. Policies are created at several levels, ranging from organization or corporate policy to specific operational constraints (e.g., remote access). In general, policies provide answers to the questions 'what' and 'why' without dealing with 'how'. Policies are normally stated in terms that are technology-independent." (NIST SP 800-82 Rev. 2)

💻IT: Standardization (Definitions)

"The imposition of standards which, in turn, are fixed ways of doing things that are widely recognized." (Roy Rada &  Heather Holden, "Online Education, Standardization, and Roles", 2009)

"Formulation, publication, and implementation of guidelines, rules, methods, procedures and specifications for common and repeated use, aimed at achieving optimum degree of order or uniformity in given context, discipline, or field; standards are most frequently developed on international level; there exist national standardization bodies cooperating with international bodies; standards can be either legally binding or de facto standards followed by informal convention or voluntary standards (recommendations)." (Lenka Lhotska et al,"Interoperability of Medical Devices and Information Systems", 2013)

"A framework of agreements to which all relevant parties in an industry or organization must adhere to ensure that all processes associated with the creation of a good or performance of a service are performed within set guideline." (Victor A Afonso & Maria de Lurdes Calisto, "Innovation in Experiential Services: Trends and Challenges", 2015)

"The development of uniform specifications for materials, products, processes, practices, measurement, or performance, usually via consultation with stakeholders and sanction by a recognized body, providing for improvements in productivity, interoperability, cooperation, and accountability." (Gregory A Smith, "Assessment in Academic Libraries", 2015)

"A process of developing and implementing technical standards based on consensus among various stakeholders in the field. Standardization can greatly assist with compatibility and interoperability of otherwise disparate software components, where consistent solutions enable mutual gains for all stakeholders." (Krzysztof Krawiec et al, "Metaheuristic Design Patterns: New Perspectives for Larger-Scale Search Architectures", 2018)

"The process through which a standard is developed." (Kai Jakobs, "ICT Standardization", 2018)

"Is a framework of agreements to which professionals in an organization must accept to ensure that all processes associated with the creation of a product or service are performed within set guidelines, achieving uniformity to certain practices or operations within the selected environment. It can be seen as a professional strategy to strengthen professional trust and provide a sense of certainty for professionals or it can be interpreted as a way to lose professionalization and as an adjustment to organizational demands." (Joana V Guerra, "Digital Professionalism: Challenges and Opportunities to Healthcare Professions", 2019)

"The process of making things of the same kind, including products and services, have the same basic features and the same requirements." (Julia Krause, "Through Harmonization of National Technical Regulations to More Sustainability in Engineering Business", 2019)

🤝Governance: COBIT (Definitions)

"An IT governance framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues, and business risks. COBIT enables clear policy development and good practice for IT control throughout organizations. COBIT is managed by the IT Governance Institute and the Information Systems Audit and Control Foundation® (ISACF)." (Tilak Mitra et al, "SOA Governance", 2008)

"COBIT is a set of standards from the IT Governance Institute relating to IT Governance. It defines a set of governance control objectives to help guide the IT organization in making appropriate decisions for each domain." (Martin Oberhofer et al, "Enterprise Master Data Management", 2008)

"An internationally accepted IT governance and control framework that aligns IT business objectives, delivering value and managing associated risks." (Linda Volonino & Efraim Turban, "Information Technology for Management" 8th Ed., 2011)

"An IT framework with a focus on governance and managing technical and business risks." (Marcia Kaufman et al, "Big Data For Dummies", 2013)

"A management framework used for IT governance. COBIT 5 is based on five principles and provides organizations with a set of good practices they can apply to IT management and IT governance." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"A process-based information technology governance framework that represents a consensus of experts worldwide. It was codeveloped by the IT Governance Institute and ISACA." (Robert F Smallwood, "Information Governance: Concepts, Strategies, and Best Practices", 2014)

"A framework that provides best practices for IT governance and control." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"Provides guidance and best practice for the management of IT processes" (ITIL)

🤝Governance: Standard (Definitions)

"A rule, policy, principle, or measure either established by an organization or established by a recognized standards body and adopted by that organization. Adherence is expected and mandatory until revoked or revised. Exceptions are allowed provided appropriate process is followed." (Tilak Mitra et al, "SOA Governance", 2008)

"A document that provides, for common and repeated use, rules, guidelines, or characteristics for activities or their results, aimed at the achievement of the optimum degree of order in a given context." (Cynthia Stackpole, "PMP® Certification All-in-One For Dummies®", 2011)

"A standard is something considered by an authority or by general consent as a basis of comparison; an approved model. Or it is a rule or principle that is used as a basis for judgment. Standards embody expectations in a formal manner. To standardize something means to cause it to conform to a standard; or to choose or establish a standard for something. (Laura Sebastian-Coleman, "Measuring Data Quality for Ongoing Improvement", 2012)

"Data quality standards are assertions about the expected condition of the data that relate directly to quality dimensions: how complete the data is, how well it conforms to defined rules for validity, integrity, and consistency, as well as how it adheres to defined expectations for presentation." (Laura Sebastian-Coleman, "Measuring Data Quality for Ongoing Improvement", 2012)

"The principles or criteria for consistent, ultimate, superior performance outcomes or for how individuals and organizations conduct themselves (ethics)." (Joan C Dessinger, "Fundamentals of Performance Improvement" 3rd Ed., 2012)

"A core set of common, repeatable best practices and protocols that have been agreed on by a business or industry group. Typically, vendors, industry user groups, and end users collaborate to develop standards based on the broad expertise of a large number of stakeholders. Organizations can leverage these standards as a common foundation and innovate on top of them." (Marcia Kaufman et al, "Big Data For Dummies", 2013)

"A document that provides, for common and repeated use, rules, guidelines, or characteristics for activities or their results, aimed at the achievement of the optimum degree of order in a given context." (For Dummies, "PMP Certification All-in-One For Dummies" 2nd Ed., 2013)

"A document that supports a policy. It consists of mandated rules, which support the higher-level policy goals." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"A document established by an authority, custom, or general consent as a model or example." (Project Management Institute, "A Guide to the Project Management Body of Knowledge (PMBOK® Guide )", 2017)

"[technical standard:] A specification or requirement or technical characteristic that becomes a norm for a product or process thereby ensuring compatibility." (Robert M Grant, "Contemporary Strategy Analysis 10th Ed", 2018)

"A published specification for, e.g., the structure of a particular file format, recommended nomenclature to use in a particular domain, a common set of metadata fields, etc. Conforming to relevant standards greatly increases the value of published data by improving machine readability and easing data integration." (Open Data Handbook)

" Documented agreements containing technical specifications or other precise criteria to be used consistently as rules, guidelines, or definitions of characteristics, to ensure that materials, products, processes and services are fit for their purpose." (SDMX) 

"Formal, possibly mandatory, set of requirements developed and used to prescribe consistent approaches to the way of working or to provide guidelines (e.g., ISO/IEC standards, IEEE standards, and organizational standards)." [CMMI]

"Mandatory requirements employed and enforced to prescribe a disciplined uniform approach to software development, that is, mandatory conventions and practices are in fact standards." (IEEE Std 983-1986) 

"The metric, specification, gauge, statement, category, segment, grouping, behavior, event or physical product sample against which the outputs of a process are compared and declared acceptable or unacceptable." (ASQ)

🤝Governance: Guideline (Definitions)

"An indication or outline of policy or conduct. Adherence to guidelines is recommended but is not mandatory." (Tilak Mitra et al, "SOA Governance", 2008)

"A kind of business rule that is suggested, but not enforced." (David C Hay, "Data Model Patterns: A Metadata Map", 2010)

"An official recommendation or advice that indicates policies, standards, or procedures for how something should be accomplished." (For Dummies, "PMP Certification All-in-One For Dummies, 2nd Ed.", 2013)

"A document that support standards and policies, but is not mandatory." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"Non-enforced suggestions for increasing functioning and performance." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"Recommended actions and operational guides for users, IT staff, operations staff, and others when a specific standard does not apply." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed, 2018)

"A description of a particular way of accomplishing something that is less prescriptive than a procedure." (ISTQB)

"A description that clarifies what should be done and how, to achieve the objectives set out in policies"

(ISO/IEC 13335-1:2004)

🤝Governance: Criteria (Definitions)

"Standards by which alternatives are judged. Attributes that describe certain (information) characteristics." (Martin J Eppler, "Managing Information Quality" 2nd Ed., 2006)

"Conditions that enable a decision to be made, especially at a decision point within the areas of work related to New Product Planning and New Product Introduction." (Steven Haines, "The Product Manager's Desk Reference", 2008)

"Standards, rules, or tests on which a judgment or decision can be based, or by which a product, service, result, or process can be evaluated." (Cynthia Stackpole, "PMP® Certification All-in-One For Dummies®", 2011)

"Standards or expectation specifying what should exist (what success looks like)." (Sally-Anne Pitt, "Internal Audit Quality", 2014)

[definite criteria] "A special purpose framework using a definite set of criteria having substantial support that is applied to all material items appearing in financial statements, such as the price-level basis of accounting." (Tom Klammer, "Statement of Cash Flows: Preparation, Presentation, and Use", 2018)

[common criteria:] "A set of internationally accepted semantic tools and constructs for describing the security needs of customers and the security attributes of products." (NIST SP 800-32)

[common criteria:] "Governing document that provides a comprehensive, rigorous method for specifying security function and assurance requirements for products and systems." (CNSSI 4009-2015)

[evaluation criteria:] "The standards by which accomplishments of technical and operational effectiveness or suitability characteristics may be assessed. Evaluation criteria are a benchmark, standard, or factor against which conformance, performance, and suitability of a technical capability, activity, product, or plan is measured." (NIST SP 800-137A)

♟️Strategic Management: Standards (Just the Quotes)

"It is only through enforced standardization of methods, enforced adoption of the best implements and working conditions, and enforced cooperation that this faster work can be assured. And the duty of enforcing the adoption of standards and enforcing this cooperation rests with management alone." (Frederick W Taylor, "Principles of Scientific Management", 1911)

"Every discipline develops standards of professional competence to which its workers are subject. [...] Every scientific community is a society in the small, so to speak, with its own agencies of social control." (Abraham Kaplan, "The Conduct of Inquiry: Methodology for Behavioral Science", 1964)

"How executives plan or what numbers they choose doesn't count; what does is the standard of performance they are ready to exact. The essence of any objective is that reaching it should be reasonable. The precondition is that you expect it to be met." (Robert Heller, "The Naked Manager: Games Executives Play", 1972)

"Leadership is lifting a person's vision to higher sights, the raising of a person's performance to a higher standard, the building of a personality beyond its normal limitations." (Peter Drucker, "Management: Tasks, Responsibilities, Challenges", 1973)

"Autonomation [..] performs a dual role. It eliminates overproduction, an important waste in manufacturing, and prevents the production of defective products. To accomplish this, standard work procedures, corresponding to each player's ability, must be adhered to at all times." (Taiichi Ohno, "Toyota Production System: Beyond Large-Scale Production", 1978)

"Five coordinating mechanisms seem to explain the fundamental ways in which organizations coordinate their work: mutual adjustment, direct supervision, standardization of work processes, standardization of work outputs, and standardization of worker skills." (Henry Mintzberg, "The Structuring of Organizations", 1979)

"There is no question that having standards and believing in them and staffing an administrative unit objectively using forecasted workloads will help you to maintain and enhance productivity." (Andrew S Grove, "High Output Management", 1983)

"A systematic effort must be made to emphasize the group instead of the individual. [...] Group goals and responsibilities can usually overcome any negative reactions to the individual and enforce a standard of cooperation that is attainable by persuasion or exhortation." (Eugene Raudsepp, MTS Digest, 1987)

"Quality is a matter of faith. You set your standards, and you have to stick by them no matter what. That's easy when you've got plenty of product on hand, but it's another thing when the freezer is empty and you've got a truck at the door waiting for the next shipment to come off the production line. That's when you really earn your reputation for quality." (Ben Cohen, Inc. Magazine, 1987)

"Without a standard there is no logical basis for making a decision or taking action." (Joseph M Juran, "Managerial Breakthrough: The Classic Book on Improving Management Performance", 1995)

"Arriving at standards is often easier said than done. Standard-making is a torturous, bickering process every time. And the end result is universally condemned - since it is the child of compromise. But for a standard to be effective, its adoption must be voluntary. There must be room to dissent by pursuing alternative standards at any time." (Kevin Kelly, "New Rules for the New Economy: 10 radical strategies for a connected world", 1998)

"A standard which is not revised after six months of its establishment, indicates that it is not in use." (Kaoru Ishikawa)

"If you do not conduct sufficient analysis and if you do not have firm technical knowledge, you cannot carry out improvement or standardization, nor can you perform good control or prepare control charts useful for effective control." (Kaoru Ishikawa)

"Standardization can progress and management can be conducted only when management policy is defined." (Kaoru Ishikawa)

"Standardization enables delegation of authority, allowing the top management and executives to have time to think about future plans and policy, which is their most important duty." (Kaoru Ishikawa)

"Standardize technology so that you may accumulate technology organically in your company." (Kaoru Ishikawa)

"Standardization is not only for quality control. It involves establishing standards for managing the business well as well as for all employees to enjoy their work with comfort." (Kaoru Ishikawa)

"Standardization without needs or clear objectives tends to become ritual." (Kaoru Ishikawa)

"The fact that standards are not revised demonstrates that your technology has stopped progressing." (Kaoru Ishikawa)

"The key is to standardize every technically definable area, and leave what cannot be standardized to the skills." (Kaoru Ishikawa)

"Top management is responsible for demonstrating methods for evaluating quality as well as standards." (Kaoru Ishikawa)

"You cannot standardize or control effectively without intrinsic technology." (Kaoru Ishikawa)

♜Strategic Management: Risk Management (Definitions)

"An organized, analytic process to identify what might cause harm or loss (identify risks); to assess and quantify the identified risks; and to develop and, if needed, implement an appropriate approach to prevent or handle causes of risk that could result in significant harm or loss." (Sandy Shrum et al, "CMMI: Guidelines for Process Integration and Product Improvement", 2003)

"The organized, analytic process to identify future events (risks) that might cause harm or loss, assess and quantify the identified risks, and decide if, how, and when to prevent or reduce the risk. Also includes the implementation of mitigation actions at the appropriate times." (Richard D Stutzke, "Estimating Software-Intensive Systems: Projects, Products, and Processes", 2005)

"Identifying a situation or problem that may put specific plans or outcomes in jeopardy, and then organizing actions to mitigate it." (Teri Lund & Susan Barksdale, "10 Steps to Successful Strategic Planning", 2006)

"The process of identifying hazards of property insured; the casualty contemplated in a specific contract of insurance; the degree of hazard; a specific contingency or peril. Generally not the same as security management, but may be related in concerns and activities. Work is done by a risk manager." (Robert McCrie, "Security Operations Management" 2nd Ed., 2006)

"Systematic application of procedures and practices to the tasks of identifying, analyzing, prioritizing, and controlling risk." (Tilo Linz et al, "Software Testing Practice: Test Management", 2007)

"Risk management is a continuous process to be performed throughout the entire life of a project, and an important part of project management activities. The objective of risk management is to identify and prevent risks, to reduce their probability of occurrence, or to mitigate the effects in case of risk occurrence." (Lars Dittmann et al, "Automotive SPICE in Practice", 2008)

"A structured process for managing risk." (David G Hill, "Data Protection: Governance, Risk Management, and Compliance", 2009)

"The process organizations employ to reduce different types of risks. A company manages risk to avoid losing money, protect against breaking government or regulatory body rules, or even assure that adverse weather does not interrupt the supply chain." (Tony Fisher, "The Data Asset", 2009)

"Systematic application of procedures and practices to the tasks of identifying, analyzing, prioritizing, and controlling risk." (IQBBA, "Standard glossary of terms used in Software Engineering", 2011)

"The process of identifying what can go wrong, determining how to respond to risks should they occur, monitoring a project for risks that do occur, and taking steps to respond to the events that do occur." (Bonnie Biafore, "Successful Project Management: Applying Best Practices and Real-World Techniques with Microsoft® Project", 2011)

"Risk management is using managerial resources to integrate risk identification, risk assessment, risk prioritization, development of risk-handling strategies, and mitigation of risk to acceptable levels (ASQ)." (Laura Sebastian-Coleman, "Measuring Data Quality for Ongoing Improvement ", 2012)

"The process of identifying negative and positive risks to a project, analyzing the likelihood and impact of those risks, planning responses to higher priority risks, and tracking risks." (Bonnie Biafore & Teresa Stover, "Your Project Management Coach: Best Practices for Managing Projects in the Real World", 2012)

"A policy of determining the greatest potential failure associated with a project." (James Robertson et al, "Complete Systems Analysis: The Workbook, the Textbook, the Answers", 2013)

"Controlling vulnerabilities, threats, likelihood, loss, or impact with the use of security measures. See also risk, threat, and vulnerability." (Mark Rhodes-Ousley, "Information Security: The Complete Reference, Second Edition" 2nd Ed., 2013)

"A process to identify, assess, manage, and control potential events or situations to provide reasonable assurance regarding the achievement of the organization's objectives." (Sally-Anne Pitt, "Internal Audit Quality", 2014)

"Managing the financial impacts of unusual events." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"Systematic application of policies, procedures, methods and practices to the tasks of identifying, analysing, evaluating, treating and monitoring risk." (Chartered Institute of Building, "Code of Practice for Project Management for Construction and Development, 5th Ed.", 2014)

"The coordinated activities to direct and control an organisation with regard to risk." (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)

"The process of reducing risk to an acceptable level by implementing security controls. Organizations implement risk management programs to identify risks and methods to reduce it. The risk that remains after risk has been mitigated to an acceptable level is residual risk." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"Risk management is a structured approach to monitoring, meas­uring, and managing exposures to reduce the potential impact of an uncertain happening." (Christopher Donohue et al, "Foundations of Financial Risk: An Overview of Financial Risk and Risk-based Financial Regulation, 2nd Ed", 2015)

"Systematic application of procedures and practices to the tasks of identifying, analyzing, prioritizing, and controlling risk. " (ISTQB, "Standard Glossary", 2015)

"The practice of identifying, assessing, controlling, and mitigating risks. Techniques to manage risk include avoiding, transferring, mitigating, and accepting the risk." (Weiss, "Auditing IT Infrastructures for Compliance, 2nd Ed", 2015)

"The discipline and methods used to quantify, track, and reduce where possible various types of defined risk." (Gregory Lampshire, "The Data and Analytics Playbook", 2016)

"The process of identifying individual risks, understanding and analyzing them, and then managing them." (Paul H Barshop, "Capital Projects", 2016)

"Coordinated activities to direct and control an organization with regard to risk." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"Process of identifying and monitoring business risks in a manner that offers a risk/return relationship that is acceptable to an entity's operating philosophy." (Tom Klammer, "Statement of Cash Flows: Preparation, Presentation, and Use", 2018)

"Coordinated activities to direct and control an organisation with regard to risk." (ISO Guide 73:2009)

"Risk management is the identification, assessment and prioritisation of risks [...] followed by coordinated and economical application of resources to minimise, monitor and control the probability and/or impact of unfortunate events or to maximise the realisation of opportunities." (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)

♜Strategic Management: Enterprise Architecture (Definitions)

"[Enterprise Architecture is] the set of descriptive representations (i. e., models) that are relevant for describing an Enterprise such that it can be produced to management's requirements (quality) and maintained over the period of its useful life. (John Zachman, 1987)

"An enterprise architecture is an abstract summary of some organizational component's design. The organizational strategy is the basis for deciding where the organization wants to be in three to five years. When matched to the organizational strategy, the architectures provide the foundation for deciding priorities for implementing the strategy." (Sue A Conger, "The new software engineering", 1994)

"An enterprise architecture is a snapshot of how an enterprise operates while performing its business processes. The recognition of the need for integration at all levels of an organisation points to a multi-dimensional framework that links both the business processes and the data requirements." (John Murphy & Brian Stone [Eds.], 1995)

"The Enterprise Architecture is the explicit description of the current and desired relationships among business and management process and information technology. It describes the 'target' situation which the agency wishes to create and maintain by managing its IT portfolio." (Franklin D Raines, 1997)

"Enterprise architecture is a family of related architecture components. This include information architecture, organization and business process architecture, and information technology architecture. Each consists of architectural representations, definitions of architecture entities, their relationships, and specification of function and purpose. Enterprise architecture guides the construction and development of business organizations and business processes, and the construction and development of supporting information systems." (Gordon B Davis, "The Blackwell encyclopedic dictionary of management information systems"‎, 1999)

"Enterprise architecture is a holistic representation of all the components of the enterprise and the use of graphics and schemes are used to emphasize all parts of the enterprise, and how they are interrelated." (Gordon B Davis," The Blackwell encyclopedic dictionary of management information systems"‎, 1999)

"Enterprise Architecture is the discipline whose purpose is to align more effectively the strategies of enterprises together with their processes and their resources (business and IT)." (Alain Wegmann, "On the systemic enterprise architecture methodology", 2003)

"An enterprise architecture is a blueprint for organizational change defined in models [using words, graphics, and other depictions] that describe (in both business and technology terms) how the entity operates today and how it intends to operate in the future; it also includes a plan for transitioning to this future state." (US Government Accountability Office, "Enterprise Architecture: Leadership Remains Key to Establishing and Leveraging Architectures for Organizational Transformation", GAO-06-831, 2006)

"Enterprise architecture is the organizing logic for business processes and IT infrastructure reflecting the integration and standardization requirements of a company's operation model." (Jeanne W. Ross et al, "Enterprise architecture as strategy: creating a foundation for business", 2006)

"Enterprise-architecture is the integration of everything the enterprise is and does." (Tom Graves, "Real Enterprise-Architecture : Beyond IT to the whole enterprise", 2007)

"Enterprise architecture is the organizing logic for business processes and IT infrastructure reflecting the integration and standardization requirements of the company's operating model. The operating model is the desired state of business process integration and business process standardization for delivering goods and services to customers." (Peter Weill, "Innovating with Information Systems Presentation", 2007)

"Enterprise architecture is the process of translating business vision and strategy into effective enterprise change by creating, communicating and improving the key requirements, principles and models that describe the enterprise's future state and enable its evolution. The scope of the enterprise architecture includes the people, processes, information and technology of the enterprise, and their relationships to one another and to the external environment. Enterprise architects compose holistic solutions that address the business challenges of the enterprise and support the governance needed to implement them." (Anne Lapkin et al, "Gartner Clarifies the Definition of the Term 'Enterprise Architecture", 2008)

"Enterprise architecture [is] a coherent whole of principles, methods, and models that are used in the design and realisation of an enterprise's organisational structure, business processes, information systems, and infrastructure." (Marc Lankhorst, "Enterprise Architecture at Work: Modelling, Communication and Analysis", 2009)

"Enterprise architecture (EA) is the definition and representation of a high-level view of an enterprise‘s business processes and IT systems, their interrelationships, and the extent to which these processes and systems are shared by different parts of the enterprise. EA aims to define a suitable operating platform to support an organisation‘s future goals and the roadmap for moving towards this vision." (Toomas Tamm et al, "How Does Enterprise Architecture Add Value to Organisations?", Communications of the Association for Information Systems Vol. 28 (10), 2011)

"Enterprise architecture (EA) is a discipline for proactively and holistically leading enterprise responses to disruptive forces by identifying and analyzing the execution of change toward desired business vision and outcomes. EA delivers value by presenting business and IT leaders with signature-ready recommendations for adjusting policies and projects to achieve target business outcomes that capitalize on relevant business disruptions. EA is used to steer decision making toward the evolution of the future state architecture." (Gartner)

"Enterprise Architecture [...] is a way of thinking enabled by patterns, frameworks, standards etc. essentially seeking to align both the technology ecosystem and landscape with the business trajectory driven by both the internal and external forces." (Daljit R Banger)

📉Graphical Representation: Standards (Just the Quotes)

"Graphic representation by means of charts depends upon the super-position of special lines or curves upon base lines drawn or ruled in a standard manner. For the economic construction of these charts as well as their correct use it is necessary that the standard rulings be correctly designed." (Allan C Haskell, "How to Make and Use Graphic Charts", 1919)

"Most authors would greatly resent it if they were told that their writings contained great exaggerations, yet many of these same authors permit their work to be illustrated with charts which are so arranged as to cause an erroneous interpretation. If authors and editors will inspect their charts as carefully as they revise their written matter, we shall have, in a very short time, a standard of reliability in charts and illustrations just as high as now found in the average printed page." (Willard C Brinton, "Graphic Methods for Presenting Facts", 1919) 

"The principles of charting and curve plotting are not at all complex, and it is surprising that many business men dodge the simplest charts as though they involved higher mathematics or contained some sort of black magic. [...] The trouble at present is that there are no standards by which graphic presentations can be prepared in accordance with definite rules so that their interpretation by the reader may be both rapid and accurate. It is certain that there will evolve for methods of graphic presentation a few useful and definite rules which will correspond with the rules of grammar for the spoken and written language." (Willard C Brinton, "Graphic Methods for Presenting Facts", 1919) 

"Though graphic presentations are used to a very large extent to-day there are at present no standard rules by which the person preparing a chart may know that he is following good practice. This is unfortunate because it permits everyone making a chart to follow his own sweet will. Many charts are being put out to-day from which it would seem that the person making them had tried deliberately to get up some method as different as possible from any which had ever been used previously." (Willard C Brinton, "Graphic Methods for Presenting Facts", 1919) 

"Though variety in method of charting is sometimes desirable in large reports where numerous illustrations must follow each other closely, or in wall exhibits where there must be a great number of charts in rapid sequence, it is better in general to use a variety of effects simply to attract attention, and to present the data themselves according to standard well-known methods." (Willard C Brinton, "Graphic Methods for Presenting Facts", 1919)

"When large numbers of curves and charts are used by a corporation, it will be found advantageous to have certain standard abbreviations and symbols on the face of the chart so that information may be given in condensed form as a signal to anyone reading the charts." (Willard C Brinton, "Graphic Methods for Presenting Facts", 1919)

"At the present time there is a total lack of standardization in the form of diagram to use for nearly all classes of representation. This makes it difficult to compare reports of different investigators on the same subject because their diagrams are not constructed alike." (William C Marshall, "Graphical methods for schools, colleges, statisticians, engineers and executives", 1921)

"One important aspect of reality is improvisation; as a result of special structure in a set of data, or the finding of a visualization method, we stray from the standard methods for the data type to exploit the structure or the finding." (William S Cleveland, "Visualizing Data", 1993)

"Making a presentation is a moral act as well as an intellectual activity. The use of corrupt manipulations and blatant rhetorical ploys in a report or presentation - outright lying, flagwaving, personal attacks, setting up phony alternatives, misdirection, jargon-mongering, evading key issues, feigning disinterested objectivity, willful misunderstanding of other points of view - suggests that the presenter lacks both credibility and evidence. To maintain standards of quality, relevance, and integrity for evidence, consumers of presentations should insist that presenters be held intellectually and ethically responsible for what they show and tell. Thus consuming a presentation is also an intellectual and a moral activity." (Edward R Tufte, "Beautiful Evidence", 2006)

"Making an evidence presentation is a moral act as well as an intellectual activity. To maintain standards of quality, relevance, and integrity for evidence, consumers of presentations should insist that presenters be held intellectually and ethically responsible for what they show and tell. Thus consuming a presentation is also an intellectual and a moral activity." (Edward R Tufte, "Beautiful Evidence", 2006)

"Creating effective visualizations is hard. Not because a dataset requires an exotic and bespoke visual representation - for many problems, standard statistical charts will suffice. And not because creating a visualization requires coding expertise in an unfamiliar programming language [...]. Rather, creating effective visualizations is difficult because the problems that are best addressed by visualization are often complex and ill-formed. The task of figuring out what attributes of a dataset are important is often conflated with figuring out what type of visualization to use. Picking a chart type to represent specific attributes in a dataset is comparatively easy. Deciding on which data attributes will help answer a question, however, is a complex, poorly defined, and user-driven process that can require several rounds of visualization and exploration to resolve." (Danyel Fisher & Miriah Meyer, "Making Data Visual", 2018)

"There is often no one 'best' visualization, because it depends on context, what your audience already knows, how numerate or scientifically trained they are, what formats and conventions are regarded as standard in the particular field you’re working in, the medium you can use, and so on. It’s also partly scientific and partly artistic, so you get to express your own design style in it, which is what makes it so fascinating." (Robert Grant, "Data Visualization: Charts, Maps and Interactive Graphics", 2019)

🛢DBMS: JavaScript Object Notation [JSON] (Definitions)

"A lightweight data-interchange format that is based on the object-literal notation of JavaScript. JSON is programming-language neutral but uses conventions from various languages." (IBM, "Informix Servers 12.1", 2014)

"Although originated from Javascript, the Javascript Object Notation is a language-independent and open data format that can be used to transmit human-readable text-based object information, across domains, using an attribute-value pair’s notation." (José Moura & Carlos Serrão, "Security and Privacy Issues of Big Data", 2015)

"JavaScript Object Notation, is an open standard format that uses human-readable text to transmit data objects consisting of attribute–value pairs. It is used primarily to transmit data between a server and web application, as an alternative to XML." (D P Misra & Alka Mishra, "Societal and Economical Impact on Citizens through Innovations Using Open Government Data: Indian Initiative on Open Government Data", 2015)

"The Javascript Object Notation (JSON) is a language-independent and open data format that can be used to transmit human-readable text-based object information, across domains, using an attribute-value pair’s notation and easy-to-access manner." (José Moura et al, "Intelligent Management and Efficient Operation of Big Data", 2015)

"JavaScript Object Notation (JSON) is a textual format for exchanging data that borrows its metamodel from the JavaScript programming language. Specifically, the JSON metamodel consists of two kinds of structures found in JavaScript: lists (called 'arrays' in JavaScript) and dictionaries (called 'objects' in JavaScript)." (Robert J Glushko, "The Discipline of Organizing: Professional Edition" 4th Ed., 2016)

"The JavaScript Object Notation is the binary format to represent data like list, map, date, Boolean and different precision numbers." (Maristela Holanda & Jane A Souza, "Query Languages in NoSQL Databases", Handbook of Research on Innovative Database Query Processing Techniques, 2016)

"Is a lightweight, text-based, open standard format for exchanging data between applications. Though it is originally derived from the JavaScript language, it is a language-neutral data format." (Venkat Gudivada & Dhana L Rao, "Database Systems for Big Data Storage and Retrieval", 2018)

"JSON (JavaScript Object Notation) is a binary and typed data model which is applied to represent data like list, map, date, Boolean as well as different precision numbers." (Zongmin Ma & Li Yan, "Towards Massive RDF Storage in NoSQL Databases: A Survey", 2019)

"JavaScript object notation is a lightweight data-interchange format which is easy for humans to read and write and for machines to parse and generate. It is based on a subset of the JavaScript programming language." (Amany Sarhan, "Cloud-Based IoT Platform: Challenges and Applied Solutions", 2019)

"A text-based open standard format for exchanging data between applications." (Gülay Ekren, "The Potential and Capabilities of NoSQL Databases for ERP Systems", 2020)

"A human-readable, plain text format for expressing structured data with support in many programming languages." (MongoDb)

"JavaScript Object Notation, a simple but powerful format for data. It can describe complex data structures, is highly machine-readable as well as reasonably human-readable, and is independent of platform and programming language, and is therefore a popular format for data interchange between programs and systems." (Open Data Handbook)

🏗️Software Engineering: Standards (Just the Quotes)

"Autonomation [..] performs a dual role. It eliminates overproduction, an important waste in manufacturing, and prevents the production of defective products. To accomplish this, standard work procedures, corresponding to each player's ability, must be adhered to at all times." (Taiichi Ohno, "Toyota Production System: Beyond Large-Scale Production", 1978)

"Recognition of the idea that a programming language should have a precise mathematical meaning or semantics dates from the early 1960s. The mathematics provides a secure, unambiguous, precise and stable specification of the language to serve as an agreed interface between its users and its implementors. Furthermore, it gives the only reliable grounds for a claim that different implementations are implementations of the same language. So mathematical semantics are as essential to the objective of language standardisation as measurement and counting are to the standardisation of nuts and bolts." (C Anthony R Hoare, "Communicating Sequential Processes", 1985)

"The [software] builders’​​​​​​ view of quality, on the other hand, is very different. Since their self-esteem is strongly tied to the quality of the product, they tend to impose quality standards of their own. The minimum that will satisfy them is more or less the best quality they have achieved in the past. This is invariably a higher standard than what the market requires and is willing to pay for." (Tom DeMarco & Timothy Lister, "Peopleware: Productive Projects and Teams", 1987)

"A pattern is a fully realized form original, or model accepted or proposed for imitation. With patterns, small piecework is standardized into a larger chunk or unit. Patterns become the building blocks for design and construction. Finding and applying patterns indicates progress in a field of human endeavor." (Peter Coad, "Object-oriented patterns", 1992)

"The difference between standards and guidelines is that a standard specifies how the interface should appear to the user, whereas a set of guidelines provides advice about the usability characteristics of the interface." (Jakob Nielsen, "Usability Engineering", 1993)

"With each pattern, small piecework is standardized into a larger chunk or unit. Patterns become the building blocks for design and construction. Finding and applying patterns indicates progress in a field of human endeavor." (Peter Coad, "Object-oriented patterns", 1992)

"Standards make it easier to reuse ideas and components, recruit people with relevant experience, encapsulate good ideas, and wire components together. However, the process of creating standards can sometimes take too long for industry to wait, and some standards lose touch with the real needs of the adopters they are intended to serve." (Robert C Martin, "Clean Code: A Handbook of Agile Software Craftsmanship", 2008)

"Interim solutions, however, acquire inertia (or momentum, depending on your point of view). Because they are there, ultimately useful and widely accepted, there is no immediate need to do anything else. Whenever a stakeholder has to decide what action adds the most value, there will be many that are ranked higher than proper integration of an interim solution. Why? Because it is there, it works, and it is accepted. The only perceived downside is that it does not follow the chosen standards and guidelines - except for a few niche markets, this is not considered to be a significant force." (Klaus Marquardt, [in Kevlin Henney’s "97 Things Every Programmer Should Know", 2010])

"Many processes in software development are repetitive and easily automated. The DRY principle applies in these contexts, as well as in the source code of the application. Manual testing is slow, error-prone, and difficult to repeat, so automated test suites should be used where possible. Integrating software can be time consuming and error-prone if done manually, so a build process should be run as frequently as possible, ideally with every check-in. Wherever painful manual processes exist that can be automated, they should be automated and standardized. The goal is to ensure that there is only one way of accomplishing the task, and it is as painless as possible." (Steve Smith, [in Kevlin Henney’s "97 Things Every Programmer Should Know", 2010])

"[…] the coding standard should be dynamic rather than static. As the project evolves, the needs of the project change, and what may have seemed smart in the beginning isn’t necessarily smart a few months later." (Filip van Laenen  [in Kevlin Henney’s "97 Things Every Programmer Should Know", 2010]) 

"Coding standards are rules, sometimes relatively arbitrary, that define the coding styles and conventions that are considered acceptable within a team or organization. In many cases, agreeing on a set of standards, and applying them, is more important than the standards themselves." (John F Smart, "Jenkins: The Definitive Guide", 2011)

"In many applications, integration or functional tests are used by default as the standard way to test almost all aspects of the system. However integration and functional tests are not the best way to detect and identify bugs. Because of the large number of components involved in a typical end-to-end test, it can be very hard to know where something has gone wrong. In addition, with so many moving parts, it is extremely difficult, if not completely unfeasible, to cover all of the possible paths through the application." (John F Smart, "Jenkins: The Definitive Guide", 2011)

🌁Software Engineering: Quality (Definitions)

"The totality of characteristics of an entity that bear on its ability to satisfy stated or implied needs." (Timothy J  Kloppenborg et al, "Project Leadership", 2003)

"The degree to which a system, component, or process meets specified requirements, user needs, or stakeholder expectations." (Richard D Stutzke, "Estimating Software-Intensive Systems: Projects, Products, and Processes", 2005)

"The degree or grade of excellence. In a product-development context, it is a product with superior features that performs on target with low variability throughout its intended life. In an economic context, it is the absence or minimization of costs associated with the purchase and use of a product or process." (Clyde M Creveling, "Six Sigma for Technical Processes: An Overview for R Executives, Technical Leaders, and Engineering Managers", 2006)

"A measure of the acceptability or 'goodness” of a system or element'." (Bruce P Douglass, "Real-Time Agility: The Harmony/ESW Method for Real-Time and Embedded Systems Development", 2009)

"1.The degree to which a set of inherent characteristics fulfills requirements. Quality is a multi-faceted concept. The dimensions of quality that are considered most important depend on user perspectives, needs and priorities, which vary across groups of users. 2.Adjective. In common use, of or having superior or high quality, or being perceived as superior, without specific qualification. 3.A peculiar and essential character, the degree of some characteristic meeting expectations. Quality is defined through four virtues - clarity, elegance, simplicity, and value." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"The degree to which a set of inherent characteristics fulfills requirements." (Cynthia Stackpole, "PMP® Certification All-in-One For Dummies®", 2011)

"The predetermined standard of excellence that may be applied to a product or service to measure how closely the product or service conforms to the standard and satisfies the customer." (Joan C Dessinger, "Fundamentals of Performance Improvement" 3rd Ed., 2012)

"A comparative concept that described the relative ability of two or more competing processes to drive outcomes. A higher-quality process drives a better outcome when considering a full variety of direct and indirect sources of value. Quality is subjective, and depending on organizational and personal objectives, the perception of which process is higher quality may vary." (Evan Stubbs, "Delivering Business Analytics: Practical Guidelines for Best Practice", 2013)

"A relative and unique concept that in effect refers to the standard of something as measured against other things of a similar kind; the degree of excellence of something." (Sally-Anne Pitt, "Internal Audit Quality", 2014)

"1. The totality of characteristics and their values relating to a product or service. They relate to the product’s ability to fulfill specified or implied needs. 2. The degree to which a component, system, or process meets user/customer needs and expectations. 3. The degree to which a set of inherent characteristics fulfills requirements." (Tilo Linz et al, "Software Testing Foundations, 4th Ed", 2014)

"A quality is an attribute or property of a resource. A quality is logically ascribable by a subject. (Ed.)" (Robert J Glushko, "The Discipline of Organizing: Professional Edition" 4th Ed., 2016)

"A subjective term for which each person or sector has its own definition. In technical usage, quality can have two meanings: 1) the characteristics of a product or service that bear on its ability to satisfy stated or implied needs; 2) a product or service free of deficiencies." (American Society for Quality)

"Software that meets business requirements, provides asatisfying user experience, and has fewer defects." (Forrester)

"the ability of a product, service or process to provide the intended value" (ITIL)

"The degree to which a component, system or process meets specified requirements and/or user/customer needs and expectations." [IEEE 610]

"The degree to which a set of inherent characteristics fulfills requirements." (ISO 9000:2000, SDMX) 

"The totality of features of a product or service that fulfill stated or implied needs." (ISO 8402)

"The totality of functionality and features of a software product that bear on its ability to satisfy stated or implied needs." (ISO/IEC 25000)

🌁Software Engineering: Protocol (Definitions)

"The language or rules and conventions that two computers use to pass messages across a network medium. Networking software generally implements multiple levels of protocols layered one on top of another." (Owen Williams, "MCSE TestPrep: SQL Server 6.5 Design and Implementation", 1998)

"A set of rules or standards designed to enable computers to connect with one another and exchange information." (Microsoft Corporation, "SQL Server 7.0 System Administration Training Kit", 1999)

"The way in which two computers transfer data between each other." (Greg Perry, "Sams Teach Yourself Beginning Programming in 24 Hours 2nd Ed.", 2001)

"A list of methods that a class must implement to conform or adopt the protocol. Protocols provide a way to standardize an interface across classes." (Stephen G Kochan, "Programming in Objective-C", 2003)

"A set of rules that govern a transaction." (Marcus Green & Bill Brogden, "Java 2™ Programmer Exam Cram™ 2 (Exam CX-310-035)", 2003)

"A set of semantic and syntactic rules that determines the behavior of functions in achieving communication." (Sharon Allen & Evan Terry, "Beginning Relational Data Modeling" 2nd Ed., 2005)

"A language and a set of rules that allow computers to interact in a well-defined way. Examples are FTP, HTTP, and NNTP." (Craig F Smith & H Peter Alesso, "Thinking on the Web: Berners-Lee, Gödel and Turing", 2008)

"A specification - often a standard - that describes how computers communicate with each other, for example, the TCP/IP suite of communication protocols or the OAI-PMH." (J P Getty Trust, "Introduction to Metadata" 2nd Ed., 2008)

"To communicate effectively, client applications and database servers need a commonly agreed-upon approach. A protocol is a communication standard adhered to by both parties that makes these conversations possible." (Robert D Schneider and Darril Gibson, "Microsoft SQL Server 2008 All-In-One Desk Reference For Dummies", 2008)

"A set of rules that computers use to establish and maintain communication amongst themselves." (Judith Hurwitz et al, "Service Oriented Architecture For Dummies" 2nd Ed., 2009)

"the forms and ceremony used to manage the interaction of elements." (Bruce P Douglass, "Real-Time Agility: The Harmony/ESW Method for Real-Time and Embedded Systems Development", 2009)

"The rules governing the syntax, semantics, and synchronization of communication." (David Lyle & John G Schmidt, "Lean Integration", 2010)

"A list of methods that a class must implement to conform to or adopt the protocol. Protocols provide a way to standardize an interface across classes. See also formal protocol and informal protocol." (Stephen G Kochan, "Programming in Objective-C" 4th Ed., 2011)

"A set of conventions that govern the communications between processes. Protocol specifies the format and content of messages to be exchanged." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"The standard or set of rules that govern how devices on a network exchange and how they need to function in order to 'talk' to each other." (Linda Volonino & Efraim Turban, "Information Technology for Management" 8th Ed., 2011)

"A standard set of formats and procedures that enable computers to exchange information." (Microsoft, "SQL Server 2012 Glossary", 2012)

"In networking, an agreed-upon way of sending messages back and forth so that neither correspondent will get too confused." (Jon Orwant et al, "Programming Perl" 4th Ed., 2012)

"A set of guidelines defining network traffic formats for the easy communication of data between two hosts." (Mark Rhodes-Ousley, "Information Security: The Complete Reference, Second Edition, 2nd Ed.", 2013)

"A set of instructions, policies, or fully described procedures for accomplishing a service, operation, or task." (Jules H Berman, "Principles of Big Data: Preparing, Sharing, and Analyzing Complex Information", 2013)

"A set of rules controlling the communication and transfer of data between two or more devices or systems in a communication network." (IBM, "Informix Servers 12.1", 2014)

"A rule or custom that governs how something is done. In a computer context, it refers to a standard for transferring data." (Faithe Wempen, "Computing Fundamentals: Introduction to Computers", 2015)

"A set of rules that defines how data is formatted and processed on a network" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

"Defined policies or standards that users adhere to. Protocols are well-defined and accepted procedures. In computer networking, the term refers to algorithms for exchanging various types of data and their interpretation at origination and destination." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

🌁Software Engineering: Maintainability (Definitions)

"The ease of maintenance that a program’s author puts into the program by writing clear code." (Greg Perry, "Sams Teach Yourself Beginning Programming in 24 Hours" 2nd Ed., 2001)

"The characteristic of an information environment to be manageable at reasonable costs in terms of content volume, frequency, quality, and infrastructure. If a system is maintainable, information can be added, deleted, or changed efficiently." (Martin J Eppler, "Managing Information Quality" 2nd Ed., 2006)

"a measure of how quickly and effectively a CI/service can be restored to normal after a failure." (ITIL)

 Maintainability is defined as the probability that a system or system element can be repaired in a defined environment with defined resources within a specified period of time. Increased maintainability implies shorter repair times. (Created for SEBoK)

"The capability of the software product to adhere to standards or conventions relating to maintainability." (Software Quality Assurance)

"The ease with which a software product can be modified to correct defects, modified to meet new requirements, modified to make future maintenance easier, or adapted to a changed environment." (ISO 9126)

"The probability that a given maintenance action for an item under given usage conditions can be performed within a stated time interval when the maintenance is performed under stated conditions using stated procedures and resources." (ASQ)

"The process of testing to determine the maintainability of a software product." (ISTQB)

🌁Software Engineering: Web Service(s) (Definitions)

"The programmatic interfaces that enable different applications to communicate and process data via the Web." (Evan Levy & Jill Dyché, "Customer Data Integration", 2006)

"A set of standards that serves as one possible way of realizing a SOA infrastructure. Initially started with the core standards XML, HTTP, WSDL, SOAP, and UDDI, it now contains over 60 standards and profiles developed and maintained by different standardization organizations, such as W3C, OASIS, and WS-I." (Nicolai M Josuttis, "SOA in Practice", 2007)

"A software component designed to support interoperable machine-to-machine interaction over a network based on Internet standards." (Victor Isakov et al, "MCITP Administrator: Microsoft SQL Server 2005 Optimization and Maintenance (70-444) Study Guide", 2007)

"A software system used to transfer data. A common use of a Web service is to transfer data across the Internet. A Web service provider receives requests for data and responds. For example, a weather Web service could accept a zip code as input and respond with weather data for the zip code." (Robert D. Schneider and Darril Gibson, "Microsoft SQL Server 2008 All-In-One Desk Reference For Dummies", 2008)

"A software component created with an interface consisting of a WSDL definition, an XML schema definition, and a WS-Policy definition. Collectively, these could be called a service contract - or, alternatively, an API." (Judith Hurwitz et al, "Service Oriented Architecture For Dummies 2nd Ed.", 2009)

"A software system designed to allow inter-computer interaction over a network to perform a task. Other computers interact with a web service, in a manner prescribed by its interface, using messages which are enclosed in a SOAP envelope and are often conveyed by HTTP. Software applications can use web services to exchange data over a network." (Mark Olive, "SHARE: A European Healthgrid Roadmap", 2009)

"As defined by the W3C, a Web service is a software system designed to support interoperable machine-to-machine interaction over a network. Web services are frequently just Web APIs that can be accessed over a network, such as the Internet, and executed on a remote system hosting the requested services. Service-Oriented Architecture (SOA) is most often implemented using Web services, which defines how SOA services interact using the following standards: Extensible Markup Language (XML), Simple Object Access Protocol (SOAP), Web Services Description Language (WSDL), and Universal Description, Discovery and Integration (UDDI)." (John Goodson & Robert A Steward, "The Data Access Handbook", 2009)

"A set of standards that serves as one possible way of realizing an SOA infrastructure." (David Lyle & John G Schmidt, "Lean Integration", 2010)

"A program running on a network that another program can call for service." (Rod Stephens, "Start Here!™ Fundamentals of Microsoft® .NET Programming", 2011)

"Modular business and consumer applications, delivered over the Internet, that users can select and combine through almost any device, enabling disparate systems to share data and services. These are software systems designed to support machine-to-machine interactions over a network." (Linda Volonino & Efraim Turban, "Information Technology for Management 8th Ed", 2011)

"Platform-neutral, vendor-independent protocols that enable distributed processing to be performed using XML and Web-based technologies. Sometimes instantiated as remote procedure calls in which the request is an XML document." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"A server-based collections of data, plus a collection of software routines operating on the data, that can be accessed by remote clients. One of the features of Web services is that they permit client users (e.g., humans or software agents) to discover the kinds of data and methods offered by the Web service and the rules for submitting server requests. To access Web services, clients must compose their requests as messages conveyed in a language that the server is configured to accept, a so-called Web services language." (Jules H Berman, "Principles of Big Data: Preparing, Sharing, and Analyzing Complex Information", 2013)

"A software component created with an interface consisting of a WSDL definition, an XML schema definition, and a WS-Policy definition. Collectively, components could be called a service contract or, alternatively, an API." (Marcia Kaufman et al, "Big Data For Dummies", 2013)

"A service that provides a standardized web-based interface so that it is easy to invoke over the Internet." (Rod Stephens, "Beginning Software Engineering", 2015)

"An application-level service that runs on a server and is accessed in a standard way using XML for data marshalling and HTTP as its network transport." (Daniel Leuck et al, "Learning Java" 5th Ed., 2020)

"A set of standards and mechanisms that enables software components to be deployed so that they can be invoked across the Internet or an intranet, with data passed between client and component in the form of text files containing XML. This means the client application does not need to know anything about the language or deployment mechanism of the component it is invoking. Since Web Services is the name of a facility, the term is singular." (Microfocus)

"A software component deployed using the Web Services standards and mechanisms." (Microfocus)

"A Web service is a unit of application logic that provides data and services to other applications, regardless of language or platform, through an Internet connection. Generally, a Web service is exposed by one company so that another company or software program can use that service." (Microfocus)

"Web Services is a technology that enables software components, regardless of the language in which they are written or the platform on which they run, to be accessed by applications across the Internet." (Microfocus)