Stakeholder Requirements

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
5 hours 58 minutes
Difficulty
Intermediate
CEU/CPE
6
Video Transcription
00:00
>> Welcome back to Cybrary as a course,
00:00
I'm your instructor, Brad Rhodes.
00:00
Let's jump into Stakeholder Requirements.
00:00
This lesson, this video is going to cover
00:00
stakeholders and the types of
00:00
requirements that we have to deal with as SEs.
00:00
Stakeholders.
00:00
We talked a little bit about what
00:00
stakeholders are, they can be what?
00:00
Anyone. In fact,
00:00
they're anyone who perceives
00:00
they are affected by the system or products,
00:00
so that's a pretty wide variety of people.
00:00
But in general, there's
00:00
five types of stakeholders I want you to remember.
00:00
One is users and consumers,
00:00
they're a big stakeholder.
00:00
If you build a system that doesn't meet their needs,
00:00
they're not going to use it
00:00
or they're going to walk around it,
00:00
and that's never a good place to be.
00:00
Another one is shareholders.
00:00
Those are folks in publicly traded companies that
00:00
own stock or own a portion of
00:00
the company, they drive things.
00:00
In my regular job,
00:00
I worked for a board
00:00
and they're basically stakeholders shareholders,
00:00
and they have a lot of say in
00:00
the direction of our organization and where we go,
00:00
so you have to be cognizant of them.
00:00
Business executives, the C-Suite,
00:00
the all-knowing, all-powerful C-Suite.
00:00
You need to understand that
00:00
executives in your organization are stakeholders,
00:00
whether they are someone you worked for directly or not,
00:00
they believe that they have
00:00
importance and you need to listen to them.
00:00
Of course, organizational departments themselves.
00:00
Remember our three-tier model of
00:00
the organization and
00:00
then the mission and business processes.
00:00
Then obviously, the system
00:00
in the mission/business areas,
00:00
plus your organizational departments,
00:00
maybe that's finance or IT or cybersecurity or admin,
00:00
you name it, all of those folks
00:00
have requirements and needs that you need to understand.
00:00
Then the one up here that I
00:00
don't want you to forget about is
00:00
government regulators and also
00:00
those NGOs, non-governmental organizations.
00:00
Think like certifying bodies like say
00:00
an IT or something like that,
00:00
those organizations have a direct impact in your systems.
00:00
If you don't follow regulations
00:00
and you can't operate your system,
00:00
then maybe you're not making
00:00
any money and that's a bad thing.
00:00
There are six requirement types.
00:00
The first one is business.
00:00
You need to build systems that meet some business need.
00:00
If you're building a system that doesn't meet the
00:00
business need or a sale-able product,
00:00
probably you want to ask yourself, why is being built?
00:00
You obviously get requirements from stakeholders,
00:00
we talked about them already.
00:00
Those requirements can be really,
00:00
really awesome and great and
00:00
sometimes those requirements,
00:00
you're just going to scratch your head up.
00:00
You can have solution requirements,
00:00
and those can be technical or non-technical.
00:00
Remember, we've talked about
00:00
SEs are the champions of simple,
00:00
and being the champion of simple means
00:00
that sometimes a non-technical,
00:00
a policy or procedure maybe,
00:00
is the thing that answers the question
00:00
versus having to spend a lot of
00:00
money on a technical solution.
00:00
Requirement are related to transition.
00:00
We bring systems into
00:00
operations and maintenance and then dispose of
00:00
them all the time and we have
00:00
to understand that as part of the life cycle of a system,
00:00
as a Information Systems Security Engineer,
00:00
projects and products and
00:00
capabilities are going to transition.
00:00
Obviously, there may be project overhead.
00:00
Those types of requirements are tied to like
00:00
reports and everything like that
00:00
and tracking resource users,
00:00
all that stuff, those are project requirements.
00:00
Then finally, and last
00:00
but not least we have quality requirements.
00:00
If you are not building to
00:00
quality or building quality
00:00
capabilities or quality systems,
00:00
they're probably not going to be used,
00:00
and if they're not going to be used, again,
00:00
saying back to the same thing we've talked about for,
00:00
you might not be making any money or you might not
00:00
be having a job because you didn't build to quality,
00:00
so those are requirements.
00:00
These are the six general overarching requirements
00:00
you need to pay attention to as
00:00
an SE when you're doing a system design and planning.
00:00
In this lesson, we reviewed stakeholders
00:00
as it relates to systems requirements and planning,
00:00
and we talked about the requirements types and
00:00
where they come from. We'll see you next time.
Up Next