Abstract
Failing to elicit requirements is as much of a risk in the traditional, negative sense as successfully defining requirements is a positive step towards successful systems development. The discipline of risk management has long since had to deal with the spectre of emergent risk and its inherent lack of predictability. Just as risk management considers how any number of vulnerabilities in a system may be exploited by accident or by malicious intent that preys upon exposure to otherwise independent factors, so successful requirements elicitation is beholden to the ability to recognise the need for, and define, derived requirements. In this paper we suggest that risk assessment and requirements elicitation are two manifestations of the same activity: creating trustworthy software. We propose the research and development of a methodology where the two disciplines converge.
Original language | English |
---|---|
Title of host publication | UK Academy for Information Systems Conference (UKAIS 2015), Keble College, University of Oxford, Oxford, 17 – 18 March 2015. |
Publisher | Association for Information Systems |
Publication status | Published - 16 Mar 2015 |
Event | UK Academy for Information Systems 20th Annual Conference 2015 - Oxford, United Kingdom Duration: 16 Mar 2015 → 18 Mar 2015 |
Conference
Conference | UK Academy for Information Systems 20th Annual Conference 2015 |
---|---|
Abbreviated title | UKAIS 2015 |
Country/Territory | United Kingdom |
City | Oxford |
Period | 16/03/15 → 18/03/15 |