Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create progress_report.md #69

Open
wants to merge 42 commits into
base: main
Choose a base branch
from
Open
Changes from 21 commits
Commits
Show all changes
42 commits
Select commit Hold shift + click to select a range
d6e3ed0
Create progress_report.md
Davsarper Jan 31, 2024
3c8d602
Update progress_report.md
Davsarper Feb 1, 2024
ef95bdb
Update progress_report.md
Davsarper Feb 1, 2024
0b6b8be
Update progress_report.md
Davsarper Feb 1, 2024
cb0bfba
Update progress_report.md
Davsarper Feb 1, 2024
1c37011
Update progress_report.md
Davsarper Feb 1, 2024
01063da
Update progress_report.md
Davsarper Feb 2, 2024
66615df
Update progress_report.md
Davsarper Feb 2, 2024
47c10e5
Update Reports/progress_report.md
Davsarper Feb 5, 2024
5117447
Update Reports/progress_report.md
Davsarper Feb 5, 2024
8932bfc
Update Reports/progress_report.md
Davsarper Feb 5, 2024
9c6526f
Update Reports/progress_report.md
Davsarper Feb 5, 2024
5846f8a
Update Reports/progress_report.md
Davsarper Feb 5, 2024
f0b89eb
Update Reports/progress_report.md
Davsarper Feb 5, 2024
5e0bbfa
Update Reports/progress_report.md
Davsarper Feb 5, 2024
f3f08f5
Update Reports/progress_report.md
Davsarper Feb 5, 2024
e05871b
Update Reports/progress_report.md
Davsarper Feb 5, 2024
e5bc1e6
Update Reports/progress_report.md
Davsarper Feb 5, 2024
b899721
Update Reports/progress_report.md
Davsarper Feb 5, 2024
31723d4
Update Reports/progress_report.md
Davsarper Feb 5, 2024
e0c6afd
Update Reports/progress_report.md
Davsarper Feb 5, 2024
bc2e589
Update Reports/progress_report.md
Davsarper Feb 5, 2024
a5e0552
Update Reports/progress_report.md
Davsarper Feb 5, 2024
f65b891
Update Reports/progress_report.md
Davsarper Feb 5, 2024
550b78a
Update Reports/progress_report.md
Davsarper Feb 5, 2024
3b56cd8
Update Reports/progress_report.md
Davsarper Feb 5, 2024
f987b86
Update Reports/progress_report.md
Davsarper Apr 3, 2024
1f75efa
Update Reports/progress_report.md
Davsarper Apr 3, 2024
cb52c71
Update Reports/progress_report.md
Davsarper Apr 3, 2024
d25e143
Update Reports/progress_report.md
Davsarper Apr 3, 2024
929af15
Update Reports/progress_report.md
Davsarper Apr 3, 2024
2cd4bb7
Update Reports/progress_report.md
Davsarper Apr 3, 2024
d762ac3
Update Reports/progress_report.md
Davsarper Apr 3, 2024
4774c65
Update Reports/progress_report.md
Davsarper Apr 3, 2024
1df5a62
Update Reports/progress_report.md
Davsarper Apr 3, 2024
5f7b0ab
Update Reports/progress_report.md
Davsarper Apr 3, 2024
815c4fe
Update Reports/progress_report.md
Davsarper Apr 3, 2024
492a979
Update Reports/progress_report.md
Davsarper Apr 3, 2024
1cf33f0
Update Reports/progress_report.md
Davsarper Apr 3, 2024
52fec13
Update Reports/progress_report.md
Davsarper Apr 3, 2024
28a93b8
Update Reports/progress_report.md
Davsarper Apr 3, 2024
8f90a20
Apply suggestions from code review
Davsarper Apr 3, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
295 changes: 295 additions & 0 deletions Reports/progress_report.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,295 @@
# Data Safe Haven project report
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add in the dates that this report covers? I got a bit confused in my first read through 😅

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah yes definitly, it wa a confusing one because I wanted it to be for the monthly but in practice has everything since the last strategy session. Will add and then update.

Do we feel it is best to have one report that updates or monthly reports?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In TPS we do a single file for each 6 month report that we add to each month and I think it works really well. Otherwise it can really feel like you're repeating a lot of information each month. So doing the monthly updates 1) lets you focus on a pull request on what has changed rather than having to have two files open to compare, and 2) lets the project manager (@Davsarper!) build up the report so there's not much extra work to do by the time submitting the report comes around!

Davsarper marked this conversation as resolved.
Show resolved Hide resolved

This document contains a summary of progress across all stories in the [project roadmap](https://github.com/orgs/alan-turing-institute/projects/111/views/1).
It maps stories according to the (main) pillar and priority they contribute to.

Included stories are those that were scheduled and/or prioritised over this period (February 2023-February 2024), some not scheduled stories are included when there are updates for them regardless (indirect contributions from other stories, relevant work recently started, or something to report in general).
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

## Infrastructure as code
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think all of this section is "Infrastructure as Code".
Is that the pillar name? I think I might have made this argument before. It is probably more fair to call it "codebase development" or something like that.

Davsarper marked this conversation as resolved.
Show resolved Hide resolved
Running projects working with sensitive data safely
Running cutting edge data science projects effectively


### Manage codebase releases and testing: [#50](https://github.com/alan-turing-institute/data-safe-haven-team/issues/50)


Contributes to:
- Running projects working with sensitive data safely
- Running cutting edge data science projects effectively

#### Goal
Support for deployments of the Data Safe Haven at Turing and beyond

#### Progress
- Pen testing done: little found
- Penetration tested arranged and will be done in September
- Preparation for release v4.1.0: Deployment of different SRE variants, Security checklist
- Reviewing v4.1.0: No significant problems is deployment logs, Problems found in security checklist relating to MSRDS
- Working on [Release 4.1.0](https://github.com/alan-turing-institute/data-safe-haven/issues/1544): fixes bugs and introduces necessary updates
Comment on lines +26 to +30
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if the order should be put into chronological order rather than reverse? I got pretty confused until I went and read the issue itself!

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry - adding comments as I go through - I'm also a bit confused about the fact that this release has already happened (🎉!) So which parts of this issue are still open?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Part of the confusion here I think is that I finished this too late for the team to come in and give a more comprenhensive overview of progress and where we are at.

The story issue is open because it refers to ongoing work to keep making releases, and we are working on 4.2

That warrants the questions on wheter to have ongoing Stories or more time bound ones, and also we need to better explain what goes into which story as work towards 4.2 is happening in Codebase Maintenance. This story deals with the release itself.

And yes, happy to reverse order/clarify timeline.



### Codebase maintenance: [#47](https://github.com/alan-turing-institute/data-safe-haven-team/issues/47)

Contributes to:
- Running projects working with sensitive data safely
- Running cutting edge data science projects effectively

#### Goal
Ensure that codebase is kept up-to-date with bug fixes, security updates, external API changes etc.
- Ensure that DSH code is always deployable
- Ensure that known security issues are remediated/minimised as soon as possible
- Ensure that documentation is up-to-date with code base
Comment on lines +40 to +43
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

formatting-wise - are these bullet points extra explanations of the first line (39)? Or should they all be bullet points?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

they are intended as extra explanations of:

Ensure that codebase is kept up-to-date with bug fixes, security updates, external API changes etc.


#### Progress

This year saw the [4.1.0 release](https://github.com/alan-turing-institute/data-safe-haven/releases/tag/v4.1.0) with notable fixes, security and documentaiton updates.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚀 🌟 Well done!


We are currently working towards a final PowerShell version ([Release 4.2.0 Milestone](https://github.com/alan-turing-institute/data-safe-haven/milestone/21)).
The aim is to make the release in time for next DSG and then focus exclusively on Pulumi.

A more complete summary of work done is available in the story, but some key updates through the year are:
- Database permission issue debugging as PostgreSQL user privileges were not correctly applied.
- Now fixed in PR [#1708](https://github.com/alan-turing-institute/data-safe-haven/pull/1708).
- ClamAV On-access was not running
Davsarper marked this conversation as resolved.
Show resolved Hide resolved
- On-access virus scanning is a DSPT requirement, and this process was not running correctly.
- Fixed by PR [#1725](https://github.com/alan-turing-institute/data-safe-haven/pull/1725).
- Improve handling of file paths PR [#1705](https://github.com/alan-turing-institute/data-safe-haven/pull/1705).
- Investigating issues with Julia on AMD processors: During the building of VM images for deployment in SREs, Julia created and stored compiled versions of packages that were suitable only for Intel systems, causing crashes when users wanted to use AMD systems
Davsarper marked this conversation as resolved.
Show resolved Hide resolved
- Investigating issues with DBeaver on Tier 2+ SREs:
- DBeaver drivers were not installing correctly during VM building, so it tries to download them from the internet.
No problem on T1, but fails on T2.
- Factoring storage creation and account deployments out of main deployment script now allows for a more resilient process (not having to re-run everything when one fails)
- MS changed the name of Azure Directory to Microsoft Entra ID which made necessary to spend time updating documentation and code
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lol

- Factor SHM storage creation out of main deployment script: PR [#1673](https://github.com/alan-turing-institute/data-safe-haven/pull/1673)
- Add all contributors table to project README and docs: PR[#1649](https://github.com/alan-turing-institute/data-safe-haven/pull/1649).
- Removal of MSRDS (PR: [#1535](https://github.com/alan-turing-institute/data-safe-haven/pull/1535)) which reduces support burden and codebase complexity, instead Guacamole implementation is more robust and secure.
- Removal of CoCalc (PR: [#1554](https://github.com/alan-turing-institute/data-safe-haven/pull/1554) Reduces support burden for future releases by removing a largely unused feature.
- Drop Microsoft Remote Desktop: (PR: [#1159](https://github.com/alan-turing-institute/data-safe-haven/issues/1159) primarily for increased security as it shows more issues than Guacamole, in doing this several other open issues are resolved.
- Documentation improvements and updates

### Identify and implement core IAC changes: [#28](https://github.com/alan-turing-institute/data-safe-haven-team/issues/28)

#### Goal
Make DSH deployment more robust and development easier through using IAC and configuration management.
- Take advantage of IAC and configuration management in the DSH codebase which will
- Make deployments faster
- Make deployments more reliable
- Make development easier
- Move away from non-idempotent, bespoke scripts (Powershell, bash, cloud-init)
Comment on lines +76 to +81
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar point to the one above about whether these are sub bullets of the one line goal (line 71) or all should be bullet points?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sub bullets, but will improve format (or even goal definition?)


##### Definition of done
On the release of a new major version which removes legacy, script-based deployment.
Comment on lines +83 to +84
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I really like this - this would be amazing to have for all sections 🙏

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I want that, we need it to exist for all stories first!

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I want that, we need it to exist for all stories first!

💯

I think I've come to realise it is a problem to have these stories which have no clear end point. Development isn't a story, that's just my job 😄.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Trying to get towards this with "sprints" for IaC and Maintenance stories.


#### Progress
Arrived at a IAC MVP version of the code, available as a penetration tested [pre-release](https://github.com/alan-turing-institute/data-safe-haven/releases/tag/v5.0.0-rc.1).

This new code is better and easier for users to deploy, however some incompatibilities with the old code would require extensive work.
As PowerShell heads to its final release it was decided not to work on fixing these.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a very powerful statement and we should be very proud of making it - flagging for reporting - this is demonstrating that we have a robust project management and prioritisation process - we should celebrate ✨

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @KirstieJane 🙏


Since finishing migration a lot of the work is focusing on structuring the code, small improvements aimed at the user experience and robustness.

These are main references and milestones, a more complete list is available on the [story issue](https://github.com/alan-turing-institute/data-safe-haven-team/issues/28)
- Codebase pre-release https://github.com/alan-turing-institute/data-safe-haven/releases/tag/v5.0.0-rc.1
- Next version milestone https://github.com/alan-turing-institute/data-safe-haven/milestone/20
Comment on lines +94 to +96
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I need to sort out the milestones to reflect the new thinking w.r.t sprints aligned with DSGs.


## Information governance & standards
Infrastructure adhering to the latest agreed upon standard
Identifying, co-creating and supporting a TRE standard used across TRE infrastructures

### Co-create a TRE standard (SATRE): [#23](https://github.com/alan-turing-institute/data-safe-haven-team/issues/23)

Contributes to:
- Identifying, co-creating and supporting a TRE standard used across TRE infrastructures

#### Goal
Develop the SATRE specification that UK TREs can evaluate themselves against

##### Definition of done
SATRE specification published
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WOOO!! 🍾 🥂

Now, do we have to come up with a new definition of done? Or a new story? How do we capture this success and complete-ness while also recognising that there is still work to be done around co-creating a TRE standard?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For open discussion about how to best do it, for this story we agreed to close it and create a, linked, follow up story on community buy out.

As a general point I have that same question for how we use all stories, as ongoing strands of work that are updated or defined pieces of work that are closed


#### Progress
[SATRE specification](https://satre-specification.readthedocs.io/en/stable/) published, and available for contribution and reproducibility in its [open repository](https://github.com/sa-tre/satre-specification).

Currently Turing and HIC have self-evaluated against it and evaluations are available openly, several conversations ongoing about other institutions doing the same and making them available.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we'd like to list orgs we know are going through this:

  • KCL
  • Sheffield
  • North West NHS SNSDE
  • NHS SDE technology group reviewing SATRE

Davsarper marked this conversation as resolved.
Show resolved Hide resolved

- Outputs:
- SATRE specification V1 and [associated technical paper](https://zenodo.org/records/10053383)
- Internal DARE report, link will be added and published openly
- [User report](https://zenodo.org/records/10066800): characterises users, with a wider notion than we started of what users are. Lays the fundation for futher usability work, going beyong technicla features and into training and documentation
- UK TRE Community - SATRE WG: the ongoing work and evolution of the specification is now a working group within the Uk TRE Community
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

### Documentation management [#32](https://github.com/alan-turing-institute/data-safe-haven-team/issues/32)

Contributes to:
- Identifying, co-creating and supporting a TRE standard used across TRE infrastructures
- Creating resources for all stakeholders (inc. Citizens) to engage in the TRE conversation
- Identifying and documenting everything that can be openly documented

#### Goal
Comprehensive and clear documentation for the DSH, SATRE & TRESA will ensure open, reproducible outputs from this project.
- Ensure all relevant information is captured in documentation
- Test accessibility and discoverability of docs with relevant groups
- Iterate documentation in line with wider project work (e.g. TRESA processes, DSH updates)
- Determine what can/can't be documented (e.g. from an IG perspective).

#### Definition of Done
When funding ends for the project and we have openly documented everything that we feel we can
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is pretty wishy washy as a definition of done!! What if we keep extending funding into the future?


#### Progress
Documentation management have not been a story actively worked in, yet some processes have been updated and documented and needs identified.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Definitely feels like we need a story here.

Great that TRESA are taking this work forwards but we also need to make sure we're reporting against their efforts too, right? Where is that progress being captured?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Definitly, we are working on that. We want to evaluate the stories we have under REG-TRESA in the roadmap with Helen, and adapt for her and myself to update.
For this report I reported for TRESA a whole because in practice we did not keep to those stories as they are formulated

While the story goes beyond Production processes it is worth noting that those have been handed over to TRESA, who are already suggesting and appliying changes.

### SATRE: stakeholder engagement and community buy out [#66](https://github.com/alan-turing-institute/data-safe-haven-team/issues/66)

#### Goal
Ensure that institutions evaluate themselves against SATRE and that the momentum is maintained between funded phases

At the end of the funded phase of SATRE there was a growing community interest, with institutions and stakeholders affirming they would evaluate themselves against it and contribute feedback.

Without ongoing resources the necessary support to ensure that happens cannot be provided and SATRE may end up not being adopted.

#### Definition of Done
There are a number of self evlauaitons completed, there is feedback on the spec repository and, ideally, there is an active WG within the TRE Community continuing to work on it.

#### Progress
Work is folded into the [UK TRE Community](https://github.com/alan-turing-institute/data-safe-haven-team/issues/52), already SATRE is formally becoming a UK TRE Community WG.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I really disagree with this formulation that the work we have done at Turing is being handed over to the UK TRE Community - we have put significant effort into SATRE and the UK TRE Community and I think we need to tell a much clearer story about how this work benefits us and why we're investing in it in addition to the benefits that come from having a multi-stakeholder "home" for the efforts.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bad wording! not handed over but we are currently addressing this story together with our dedicated work under the TRE Community story, as in 2 birds 1 stone.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed. It does read a bit like we are shedding responsibility or involvement.

Would it be better (and more correct) to say that we are working to open ownership of SATRE to stakeholders through UK TRE (which we are dedicated members of)?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@JimMadge - I like that phrasing!


## Community building
Creating resources for all stakeholders (inc. Citizens) to engage in the TRE conversation
Davsarper marked this conversation as resolved.
Show resolved Hide resolved
Creating and maintaining open and active communication spaces & workspaces (Slack, GH)
Identifying and documenting everything that can be openly documented

### Stakeholder landscape review
https://github.com/alan-turing-institute/data-safe-haven-team/issues/30
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

Contributes to:
- Creating resources for all stakeholders (inc. Citizens) to engage in the TRE conversation
- Creating and maintaining open and active communication spaces & workspaces (Slack, GH)

#### Goal
Across a lot of our work (DSH project, SATRE, UK TRE community) there has been a lot of discussion around who the impacted parties are, how they are categorised, what their interests/needs are etc.

An effective stakeholder map showing all parties we think we should engage with will help us prioritise who to collaborate with, and strengthen our work in community building within the TRE space (which is kind of where this project is heading, above and beyond getting others to use the DSH).

- [ ] Brainstorm and identify potential stakeholder groups
- [ ] Engage different groups through interviews/workshops to better understand them
- [ ] Create engagement pipeline & priority for different groups
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

#### Definition of Done
- When we have an intended end-output from engagement with our established groups (e.g. by the end of the project, we want X group to be part of the UK TRE community, we want Y group to have contributed to the DSH repo...)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Feels like a work in progress? What end outputs have we identified? Also - aren't there measures of community health that are ongoing and relate to engagement and participation rather than completed tasks? EG number of people at meetings, number of comments on GitHub, number of posts on slack / email forum etc?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Davsarper @harisood Have we done any of this?
If you would have asked me, I wouldn't have remembered this is a story.

Should we consider closing it (or at least taking it off the active list)?


#### Progress
The work done in [SATRE](https://github.com/alan-turing-institute/data-safe-haven-team/issues/23) and the [UK TRE Community](https://github.com/alan-turing-institute/data-safe-haven-team/issues/52) have directly contributed to estbalishing a relationship with key stakeholders, identify and characterise them.

Direct and explicit work on this story have not been carried out (not scheduled in this period).

We are now establishing the engagement pipleline by creating an internal CRM (sharepoint based currently).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The CRM is currently structured to be very like informal and just for us to track internally what's going on with different convos.

If this becomes a significant story, do we want to put effort into formalising this a bit more?

@JimMadge a little bit of an extension of the Slack thread

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I get the feeling this isn't big enough to be a story. At least not with the level of investment we currently give it.


### UK TRE Community leadership
https://github.com/alan-turing-institute/data-safe-haven-team/issues/52
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

Contributes to:
- Creating resources for all stakeholders (inc. Citizens) to engage in the TRE conversation
- Creating and maintaining open and active communication spaces & workspaces (Slack, GH)

#### Goal
Provide a space for those involved in building, using and responsible for governance of TREs to discuss and reccomend best practices.
Davsarper marked this conversation as resolved.
Show resolved Hide resolved
- [ ] Host online working spaces, events and workshops to support the UK TRE Community
- [ ] Share best practices i.e. for making radiology data available for researchers
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ie or eg??

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

e.g.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- [ ] Share best practices i.e. for making radiology data available for researchers
- [ ] Share best practices e.g. for making radiology data available for researchers

- [ ] Empower the community to help influence policy decisions
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

#### Progress
A lot of of effort has been put this year into the UK TRE Community, this year has seen the community mature and evolve from the original RSE TRE Community.
Currently we are delivering a funded project to ensure its sustainability which focuses one establishing the necessary spaces and governance processes.

All work and progress during the funded phase can be consulted in [its board](https://github.com/orgs/uk-tre/projects/1)
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

- The UK TRE Community event was held in Swansea on 4 September as a RSEcon23 satellite event. The event was very well attended with around 90 people in person and 50 online (figure to be revised), attendees were active on the day and had very positive feedback.
- [Report and notes](https://www.uktre.org/en/latest/events/wg_workshops/2023-09-04-september-meeting/index.html#provisional-schedule)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Update the link? Or have a redirect from "provisional schedule"?

Davsarper marked this conversation as resolved.
Show resolved Hide resolved
- We were awarded the DARE UK Community call. It was prepared and submitted to DARE UK community call, with full agreement and participation of the community itself
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this probably needs to be pulled out as a funding success... at the moment we're mixing a lot of points inside this update.

- Celebrated December community event (virtual). We presented the plans and work within this funded phase, which included a vision and mission for the community
- [Report and notes](https://www.uktre.org/en/latest/events/wg_workshops/2023-12-05-december-meeting/index.html)
- The first version of the Community Website is ready, it has been done using Hugo to balance quality and sustainability (being easily maintained and updated by the community after funding ends)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well done! 🕸️

Pull this out as a comms activity - again - we're putting a lot of information in the same update.

- Governance processes are being established, striving for simplicity in this phase. The conversation and work is open and welcomes all input and feedback. This is the [most active issue](https://github.com/uk-tre/community-management/pull/54) and a good starting point

### Communication and outreach
https://github.com/alan-turing-institute/data-safe-haven-team/issues/35
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

Contributes to:
- Creating and maintaining open and active communication spaces & workspaces (Slack, GH)
- Creating resources for all stakeholders (inc. Citizens) to engage in the TRE conversation

#### Goal
- Supporting the user community of the DSH codebase
- Publicising our work via blogposts, reports or papers
- Communicating our work through conference/workshop talks or posters

#### Progress
This story has changed in scope along the year, work done here has been tha tof presenting DSH externally via events and talks.
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

Yet we have identified work to be done within this story to define and establish a DSH community and user base, what this means and entails needs to be discussed and agreed yet.

- We have established a shared slack channel with UCL to discuss common approaches to information governance processes
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this open or only for conversations with UCL?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is closed and prob should be to share sensitive/private info.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Totally makes sense - please do capture that in the report - good to be transparent about what we are not being transparent about!

- [AI UK demonstration proposal](https://thealanturininstitute.sharepoint.com/:x:/s/SafeHaven/EfKD3w8Gi9NFv6JBshOkugsBOnn4v3ZdU-FTeIcy5obQcg?e=Rhq9w4)
- [proposal collaborative note](https://hackmd.io/AmcYdsyETU2dVgtIdfVL-g)
Comment on lines +239 to +240
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be its own activity 🤖

- We are following a similar format to last year but want to bring forward the community work and the satre specification. We want to have an interactive activity that blends role playing the different stakeholder groups and collectively deciding on specification features. The demo challenge last year did not work so the technical side this year will be demonstrated by a video and project members "touring" the repositories, docs and environment
- Met with Nottingham to support them as users of the DSH codebase
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Continued? What were the outcomes? How are Nottingham engaging with us?

- The team worked together on the content for DSH activities on RSEcon as well as the UK TRE community satellite event #46 .
- The team visited the Bennett Institute for a show and tell about DSH and OpenSafely https://github.com/alan-turing-institute/tps-project-management/issues/157
- No immediate collaboration but agreed to be involved in the specification and TRE community
- For discussion: this story needs to be redefined to include external engagement or a new one created
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

agree ✔️


## TRESA
Over the year TRESA have increased its autonomy from the DSH research project, in terms of work ownership and management.
Therefore TRESA stories have not been indepently updated and it is more comprenhensive to update on the service area as a whole.
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

This warrants updating and reviewing the stories we keep under the DSH roadmap, focusing on communicating with the service area rahter than planning or prioritising for them.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed!

Davsarper marked this conversation as resolved.
Show resolved Hide resolved

### Updates
A new team of have been onboarded, who have focused on learning the ropes while simultaneously supporting the December DSG.
Davsarper marked this conversation as resolved.
Show resolved Hide resolved
With some support from the DSH team they were able to do so.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well done!! 👋


We had a detailed[ handover meeting](https://hackmd.io/kh6siuZcTdCxcfYryAvypw) to go over each process, the idea is that moving forward TRESA directly owns processes and their improvement.
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

We have also identified areas of work for TRESA to fully establish itself as a service area, these need to be elaborated into a full proposal with sprints and stories but main areas are:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very cool!

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel I need to catch up with @helendduncan and @jemrobinson about this.

I sketched out some "sprints" for TRESA to try and start moving from being purely reactionary to making progress. I want to avoid stepping on @helendduncan's toes though and don't want to be dictating what TRESA's focus is if that isn't my role here.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@KirstieJane would you like/be able to be involved in planning for TRESA like you have for DSH?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Happy to be involved if I can be useful! Feel free to ping me on slack if you're looking to find a time to meet 💖

- Data protection
- Cost and recovery model
- Acredditation: ISO 27001 and DSPT renewal
- Client projects management


## Meta
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't really love this title.... isn't it project management / leadership / strategy??

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed, happy to change. At the moment of writing I was trying to think of somehting that says "everything needed so the rest happens"

Davsarper marked this conversation as resolved.
Show resolved Hide resolved
Work and stories that do not belong directly in any pillars but are necessary for all
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Again - I think this demonstrates that we're not telling the story clearly about why this work is important!

Ways of working for example are really important for community engagement as well as clear task allocation and accountability.


### Project strategy and ways of work
https://github.com/alan-turing-institute/data-safe-haven-team/issues/43
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

#### Goal
The aim is to develop a project strategy and revise best ways of work to achieve it

Through several strategy sessions we will:
- Define our north star (vision & mision)
- Establish the project pilars or areas, defining what success looks like for each
- Prioritise the measure of success, which are essential to consider the project succesful
- Identify work required to achieve success
- Allocate work by team
- Produce an initial roadmap
- Evaluate required effort for the work against team capacity
- Develop and agree new ways of work, including meeting structure and use of project's repositories and projects

#### Progress

##### Strategy

Through several team wide sessions we jointly produced a [project strategy](https://thealanturininstitute.sharepoint.com/:p:/s/SafeHaven/Ebrp4Iyc9M1NpPTgpgHdj5kB7HPvH-2gM0oNd97jJu6oxw?e=eN0ZFw)https://thealanturininstitute.sharepoint.com/:p:/s/SafeHaven/Ebrp4Iyc9M1NpPTgpgHdj5kB7HPvH-2gM0oNd97jJu6oxw?e=eN0ZFw a long, medium and short term levels.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is great and I'm super proud of it - I think it needs to be integrated into the GitHub repository to make it more accessible..... could that be a project management task for the next quarter?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pending commit until I capture that action as a to do


This resulting in a clear Vision & Mision that have allowed internal alignment and improved external communications

>To remove barriers to working safely and effectively with sensitive data, 
by promoting and demonstrating a culture of open, community-led development
of interoperable foundational infrastructure and governance.

We also agreed the pillars of the project and estbalished a [roadmap](https://github.com/orgs/alan-turing-institute/projects/111/views/1)https://github.com/orgs/alan-turing-institute/projects/111/views/1 of the necessary work for success.
Davsarper marked this conversation as resolved.
Show resolved Hide resolved

##### Ways of work
Davsarper marked this conversation as resolved.
Show resolved Hide resolved
Troughout this year we have also iterated our ways of work which are [openly available here](https://github.com/alan-turing-institute/data-safe-haven-team/blob/main/WaysofWork.md), they are focused in increased communication and work prioritisation.
Davsarper marked this conversation as resolved.
Show resolved Hide resolved