In our recent meet-up at the Agile Practitioner group, there was good talk about non-functional requirement testing. One of the first questions we discussed was how come non-functional requirements are second-class citizens. Usually they are patched on the app as an afterthought, and like any last effort, we botch it up.
One of the answers was that itâs a product management issue.
It is a simple prioritization issue. Requirements drop down the priority ladder, because someone, usually the product owner, has decided that they are not important enough as other requirements. For example, a security requirement â log-in reports in a financial application. True, we need security, but itâs not going to be the first thing we do, since we need to actually put the financial logic there too. And the latter takes precedence.
Simple prioritization, right?
Unfortunately, thereâs a cost to that prioritization. Until something really bad happens, say, we need to provide these logs to the government tomorrow, all functional requirement will take precedence. So we either donât get to that non-functional requirement, or weâll get squeezed to do it in a third of the time it really takes to do it, and welcome to botch-city.
Thatâs one way requirements donât get done. Hereâs another. Letâs talk about availability. We need to be up 99.999999% of the time. All the time.
Our product owner would like this kind of availability, and the dev team says: good, prepare your wallet. The check contains a lot of zeros. After the product manages lifted his jaw off the floor, he says: âWell, letâs work on something cheaper, shall we?â. He just learned that non-functional requirements usually cost a lot more than regular requirements.
We assume that the product owner knows whatâs best for the product. Weâre expecting him to make the right decision, and therefore, we believe that heâs taking everything into consideration, and comes up with the perfect backlog.
Get ready for a surprise
Our product owner is not superman (or in our case, Lex Luthor). He cannot know everything about business, development, security, architecture, IT serviceability, database maintainability, and a whole lot more. Itâs hard enough to keep in oneâs head what the app is supposed to be doingâŠ
If the product owner doesnât understand security, he wonât know how to prioritize security features vs. the rest. And as humans go, will give attention to the familiar stuff over the unknown.
So how can we make sure that non-functional requirements get met?
Remember âwhole teamâ?
In extreme programming, the âwhole teamâ makes the decision, not just the product owner. As team members we should ask more questions: âDo we need authentication logging?â. If our poor product owner doesnât know even what authentication logging means, he now has a mission – learn and come back with an answer. And he would love it if that question also came with an estimate.
Ideally, the product owner should learn about everything required. Ideally he should have all the answers. But this is real life. We donât know everything. Good decisions come from a team effort.
And by asking questions, seeking information, and bringing solutions together table weâll have our democracy where all requirements are equal.
Reference: Equal Rights for Non-Functional Requirement from our NCG partner Gil Zilberfeld at the Geek Out of Water blog.
