jlyon
commented
7 years ago - Templates, examples, boilerplates for a lot of these stories/policies could potentially be more helpful than the stories currently are.
- Most of the stories are focused on the executive management (CISO) level, not necessarily developers. Typically it is the developer's responsibility to read the policies and make sure they are adhering to them, but it is the management's responsibility to draft the policies and police their implementation. See #12 for example developer stories.
- The first story in each family is repetitive (#6)
gregelin