Andrea Tappe – IT Security: A practical introduction

This workshop will be run as a simulation exercise. The participating business analysts (BAs) begin a Requirements Analysis and Design Definition process for a small company which is going through a system upgrade. During the process, a security issue is uncovered – participants must work in small groups to plan a response. An additional security subject matter expert will be available for interviews and solution reviews to make the simulation as realistic as possible.

This workshop will give the BAs an opportunity to apply their requirements gathering and analysis skills to a common security problem (PCI-DSS compliance) with support and coaching.

By the end of the session, participants will have one (or more) strategies to identify and address IT Security issues. Participants will learn:

  • How to apply the BA Elicitation and Collaboration, Strategy Analysis, Requirements Analysis and Design Definition, and Solution Evaluation knowledge areas to address a security issue which is identified during the requirements elicitation phase of a project
  • About the PCI-DSS security standards

After attending this workshop, the BAs who attend this training will be able to provide basic security awareness advice (trusted adviser) to their employer.


Andrea Tappe – Senior Consultant, Terra Firma

Andrea is a Senior Consultant at Terra Firma Business Consulting. She has worked as a business analyst, a project manager and, more recently, as an information security consultant.