If you work in IT or security, you are pretty much expected to know what a user story is. That can be a problem if your background is not in software development, or if your education or background predates the agile software development model. So what is a user story and how do you write one?
User stories are similar to milestones in project management. That was how it was first explained to me. But you don’t write a user story quite the same way that you would write a milestone in project management. The other thing is mixing the two can lead to miscommunication. I was once involved in a meeting where a manager insisted on using user stories, because he had been a software developer, but this wasn’t a project involving software development. So nobody else knew what he was talking about.
User stories are a product management or software development tool. They aren’t something everyone knows.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.