Who should participate?
Preferably, you want between four and six players, covering different roles in the project and not necessarily technical roles. For example, you should include the software architect, a frontend/UI engineer if there is a UI component to the system, a backend engineer, a quality engineer, someone from the product team, and perhaps someone from compliance with knowledge of your privacy policies. The reason you want people from these different roles is to have a broader context. The product team is usually customer facing and so will be able to add context from that side of things; compliance will know what customers have signed up for, and what regulations and certifications the company needs to maintain, which will give additional context. People in different roles usually think differently because there is a certain amount of neurodiversity, so something one person misses others might spot.
You might find that people from product and compliance don’t believe they will be useful because they may not feel they have the technical background. An analogy I like to use to make them more comfortable and feel more at ease is that you don’t have to be a locksmith to know that if your key breaks in your front door lock, there is nobody home, and you’ve not got a key for another door, then you have a problem.
Now that we have our resources and we’ve invited the team members, we need to play the game. Let’s see how the game is played.
