Extending the SoDIS Process

Stan Szejko and Przemyslaw Ryba


Impact analysis examines the nature of individual risks on the project, as well as potential structures of interdependent risks. It includes the quantification of their respective impact severity, probability and sensitivity to changes in related project variables including the project life cycle. A determination should also be made as to whether all risks identified are within the scope of the project’s risk response planning process [1] .

Computer ethics is about integrating computing technology and human values in such a way that technology advances and protects human values, rather than doing damage to them[2] . Software development projects rarely take into account needs of all those who are affected by the project and the system in use.

Software Development Impact Statement (SoDIS) process is expected to encourage the developers to think of people, groups, or organisations related to the project as well as identify significant ways in which the project may negatively affect stakeholders [3] [4] . The goal of the SoDIS process is to identify significant ways in which the completion of individual tasks may negatively affect stakeholders and to identify additional project tasks or modifications needed to prevent any anticipated problems. This is done in several steps

extending the domain of stakeholders identification to all individuals and institutions that are related to the project,

making the related impact analysis according to the tasks of the project preliminary plan,

incorporating new tasks and modifications that can be used as means to mediate or avoid the identified concerns into the software project management plan, and auditing them later.

SoDIS Project Auditor is a decision support tool for analysing the impact of a software development project, throughout its lifecycle. It can be applied to any software development project where the outcome of the project has an impact on a set of stakeholders [5]

The paper we submit discusses an extension of the SoDIS process and introduces the related prototype tool. There was presented some discussion and motivation in [6] for extending the SoDIS process as it in fact covers two synergetic efforts: the customer’s process (including customer’s side activities, products, risks and impacts on stakeholders) and the supplier’s one.

Thus the SoDIS process modification we propose consists in:

project phases are defined for the supported project lifecycle. We follow the concept of Planning, Negotiation, Development and Deployment phases [7] as they are well-defined for both, customer and developer sides;

stakeholders are declared separately for each, customer (buyer) or developer (supplier) side. They can be assigned roles, e.g. end-users or designers and linked separately to selected project phases;

impact analysis follows the original SoDIS process but it is done separately for the customer and the developer sides risks and stakeholders;

these result in new and modified tasks required by each of the project sides; so we can get activities as on each (customer’s, developer’s) side as the project plan modified accordingly. The related prototype tool (named SoDIS/SSIA – Software Support for Impact Analysis) is a standalone application running under Windows and implemented in C++ in Visual Studio .NET environment. ODBC connection allows linking different database systems for handling project descriptions while mapping to/from XML allows for export and import of project schedules. Still, there are some limitations of the tool, for example, there is no multi-access for the defined stakeholders and the resulting lists of tasks are not linked to the time axis [8] .

A specification of a project example is used throughout the presentation to illustrate the proposed SoDIS process modifications and the usage of the SSIA tool in the process of stakeholder impact analysis. Summarising, comparison of the obtained results to ‘classical’ SoDIS process are discussed.


[1] www.projectauditors.com/Dictionary/I.html

[2] Bynum T.W. and Rogerson S.: Computer Ethics and Professional Responsibility. Blackwell Publ., 2003

[3] Gotterbarn D.: Reducing Software Failures: Addressing the Ethical Risks of the Software Development Lifecycle. Proc. of the 5th International Conference on The Social and Ethical Impacts of ICT ETHICOMP 2001, Gdansk, June 2001, vol. 2, pp. 10 – 19.

[4] Rogerson S.: Project Management. An Issue of Ethical Sensivity. Invited lecture, 2001.

[5] SoDIS Project Auditor User’s Manual. Software Development Research Foundation, Inc., 2002. http://www.sdresearch.org

[6] Szejko S.: Incorporating Ethics into the Software Process. Proc. of the VIth International Conference on The Transformation of Organisations in the Information Age: Social and Ethical Implications, ETHICOMP 2002, Lisbon, 2002, pp. 271 – 279.

[7] Marciniak J.J. and Reifer D.J.: Software Acquisition Management. J.Wiley & Sons, Inc., 1990.

[8] Ryba P.: Design and Implementation of Software Aimed to Support Impact Analysis. MSc thesis (in Polish), Department of Software Engineering, ETI Faculty, Gdansk University of Technology, Gdansk, 2004.