Re: Ideas for higher-level badges

Mark Rader


Im reading through the level criteria right now.  One thought that comes to mind by way of design.  If you are going to have multiple levels I would suggest changes to the web site where by the criteria for each level are checked simultaneously, and the criteria are marked for each level. 

So a person would see 75% level 1.  65% level 2 etc.  That way they could gauge overall progress.  Also have the fill in boxes color coded to each level so as the questionnaire is filled out so to speak you can identify which blocks are needed to attain the which level.

A lot of getting people to do this will be to inspire them by showing how close they really are to getting then next level and making it a kind of quest.

Also, one of the things that may be helpful, is showing that this is not only a way to help with security practices, but it also becomes both a "Management" tool for helping with the development of the project as a whole, but with the higher level badges (and even the basic badge) it provides for a framework to help ensure the software project continues after the departure of the originators and the baby, so to speak, will continue to grow.  It's nice to emphasize it is a security best practice, but some of the real value add so to speak is also in the management and aid in succession/transition of projects once they outgrow the originator.


On Thu, Dec 15, 2016 at 6:42 PM, Wheeler, David A <dwheeler@...> wrote:

All: I'd like to start creating the criteria for "higher level" badges. Please reply, or add issues, for things you think should be included.


A very early draft is here:

Stuff we could add at a higher level include test coverage criteria, bus factors, etc.


For the moment we should probably call these "passing+1" and "passing+2"... we can name them silver/gold/platinum/whatever later.


--- David A. Wheeler


CII-badges mailing list

Join to automatically receive all group messages.