Building Intent-Based Policy Graphs with Neo4j

Unstructured and Unlinked Policy Documents ACME_CORP has policies scattered everywhere: PDF files in shared drives, API responses from regulatory systems, manually created requirement documents, compliance frameworks from vendors. Each source is different. Each format is inconsistent. And yet, your auditors want to know: Which rules actually prevent unauthorized access? Where do we have conflicting compliance… Continue reading Building Intent-Based Policy Graphs with Neo4j

Inheritance in Graph Databases: How to Model a Type and Its Subtypes

Relational databases handle type hierarchies badly. A common workaround is a "type" column in a table, which flattens all subtypes into a single wide row and forces application code to pick which columns apply. Object-oriented code has classes, inheritance but Java struggles with multiple parents. Graph databases have something more profound. The relationship itself carries… Continue reading Inheritance in Graph Databases: How to Model a Type and Its Subtypes

Graph Ontologies Design from BT, Nature Metrics & NHS England

Graph databases promise a natural fit for complex, relationship-heavy domains. But there's a successful implementation gap between a promising prototype and a production system that performs, scales, and survives organisational change. This article is based on my personal experience building three real-world graph ontologies in three different organisations. First was BT's network inventory (SRIMS), second… Continue reading Graph Ontologies Design from BT, Nature Metrics & NHS England

NCSC Cyber Assessment Framewok, NHS Data Security and Protection Toolkit & NHS Digital Technology Assessment Criteria

The DSPT is an online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards and must be reported yearly if interacting with patient data. The DTAC is an assessment framework for care commissioners and providers to use when assuring digital health technology (DHT) product. It is… Continue reading NCSC Cyber Assessment Framewok, NHS Data Security and Protection Toolkit & NHS Digital Technology Assessment Criteria

The Agile Architecture Guide (part 1: Product Development)

Introducing A New Organisation to Agile Product Development As the new CTO, Chief Product Owner, Chief Architect, Lead Engineer or just natural leader it may be your responsibility to introduce an Agile way of working to a new Organisation. We are going to walk through the common steps to successfully introduce Agile methodology and we… Continue reading The Agile Architecture Guide (part 1: Product Development)

Calculating UK Gov Cost of Technology Change

There have been 10 UK Government U-Turns so far in 2020. Each change will have had an associated IT change cost. This is my best personal assessment of what each of these changes would likely have cost. I will provide justification for each of my assumptions and will tend towards a lower possible range. I… Continue reading Calculating UK Gov Cost of Technology Change