“Might Implement Data report BREAK contracts or agreements with the lecturer?” “Yes, providing bad student survey results could lead to the potential loss of a contract, by a lecturer who had received bad marks” answered one of the students during the SoDIS (Software Development Impact Statement) analysis of his project performed using Software Improvements SPA (SoDIS Project Auditor). This was just one of the concerns identified by students who participated in the inaugural course titled “Social Aspects of Computing” at Gdansk PJWSTK (Polish-Japanese Institute of Information Technology) in 2010. This new course focusses on professionalism in computing-related vocations, and uses SoDIS/SPA to underpin course goals. The results of our assessment of the course are both pleasing and useful to all concerned stakeholders. So much so that we have come to ask ourselves: If SPA enabled students of Gdansk PJWSTK to identify social and ethical impacts on stakeholders, then how many more important professional and ethical issues could be identified by a more experienced and/or professional analyst of software requirements who also used SPA?
The SoDIS process was developed by Gotterbarn and Rogerson [1, 2] to provide an effective, consistent means to manage project risks from the perspectives of a wide-range of stakeholders. Risk analysis begins effectively by addressing a range of qualitative questions about the impacts of development. Generally a SoDIS question is of the form “Might ?” The question that begins this abstract is a practical example where the is Implement data report, the is BREAK contracts or agreements and the is lecturer. Such questions, which have been derived from international codes of practice and conduct, articulate potential risks, and once formed, they need to be considered/analysed. Risk analysis ensues by considering whether there are any circumstances for which the (potential) risk might actually occur. Description of such circumstances together with any other relevant information/discussion constitutes a concern in SoDIS. An actual risk may have several associated concerns. A concern is an elaboration of an actual risk and as such helps with the identification of one or more risk mitigations which are called solutions in SoDIS. The student’s statement at the beginning of this abstract is an example of such a concern.
One might ask: Why bother teaching students about social and ethical aspects/principles in order to assist and aspire them to become real professionals? We at Gdansk PJWSTK have no doubts concerning the thesis that to be a real professional, in whatever vocation one might decide to embark on, it is not sufficient to merely possess essential knowledge and experience in the chosen vocation. One definition  of a ‘professional’ promotes the necessity of the following characteristics: competency, ethicity, knowledgeability, learning ability, care, and pride. Hence, a ‘to-be’ professional ought to become familiar with these necessary characteristics which include the social and ethical aspects connected with his/her chosen vocation. Thus, to be truly bestowed as a professional computer scientist, one should not only be competent with computing-related tasks/research, but also be aware of how what they do affects others both at a personal and a discipline level, and be able to address such affects. That is why at Gdansk PJWSTK, we have decided to enrich our studies program with a course on the topic of “Social Aspects of Computing”. The SoDIS Analysis and Inspection processes [2, 4, 5], as implemented in SPA , provided an essential framework for promoting and supporting professional behaviour; it was a very important and independent component of the course.
During the course, students were given four hours of SoDIS Analysis lectures with practical examples of SPA usage. After the theoretical part of the course students were able to verify in practice their understanding of the lectures by analysis of their own projects, such as the ticket reservation system for the Eurocup football in 2012, hotel room check in, electronic access to technical documentation, tourist information portal, and blogs. Students showed they understood the idea of the SoDIS process, and the vast majority successfully completed their project analyses within SPA. They also observed that a SoDIS Analysis in IT projects/software development can be really useful because it enables/compels them to look at every potential concern from the perspective of the stakeholders, the people directly affected by the development and delivery of the IT product. Here SPA comes to our aid by presenting the results of impact analysis in a very clear and transparent manner (e.g. by using colouration of cells within tables to focus users on key information). The ability to identify any potential risks which may arise and then set the probability of their occurrence helps cover any important professional and ethical situations presented to the user and to manage risk exposure from start to finish. Moreover, in the latest version of SPA, new features provide the flexibility to modify the SPA software to our needs.
In this paper we present the outcomes of the course, the teaching, and the evaluation of SPA. Although the usability of SPA was rated positively, both students’ and lecturer’s observations have led to suggested improvements. The Gdansk results will also be compared with earlier assessments of teaching the SoDIS process when it was still under development.
Based on the favourable outcomes of the inaugural course teaching SoDIS Analysis in practice with the use of SPA is to continue. Additionally, Gdansk’s branch of PJWSTK is planning to include the “Social Aspects of Computing” course (with the SoDIS module) in the postgraduate studies programs, and corporate training program, currently being worked on.
The use of SPA in a wider range of applications; e.g., to analyse the impact of software used by stakeholders to determine the required information relating to their engineering process, will be discussed drawing on the practical experience at Gdansk.
1. Gotterbarn, D. and Rogerson, S. (1998) – The Ethics of Software Project Management in G. Colleste (Ed.), Ethics and Information Technology. Dehli: New Academic Publisher.
2. Gotterbarn, D. and Rogerson, S. (2005) – Responsible Risk Analysis for Software Development: Creating the Software Development Impact Statement, Communications for the Association of Information Systems, Vol 15/40.
3. Boughton, C. (2009) – What is an ICT Professional Anyway? Australian Journal of Information Systems, Vol 16/1.
4. Gotterbarn, D. (2001) – Understanding and Reducing Project Failure: The Ethics of Project Management, Proceedings of NACCQ Conference, Napier NZ.
5. Gotterbarn, D., Clear, T. and Kwan, C-T. (2008) – A Practical Mechanism for Ethical Risk Assessment – A SoDIS Inspection, The Handbook of Information and Computer Ethics, Chapter 18, Wiley.
6. Boughton, C. and Boughton, C. (2010) – Stakeholder and Risk Management with SoDIS, Softimp Publishing.