Template Technical Assessment - Early Reading Indicators - Google Drive

Template Technical AssessmentCategoryIndicatorDescriptionRatingLicenses and CopyrightDeclared LicenseSoftware: A project has specific key file(s) at the top level of its code hierarchy such as LICENSE, NOTICE or similar (and/or a package manifest) containing structured license information such as an SPDX license expression or SPDX license identifier, and the file(s) contain “clearly defined” declared license information (a license declaration such as a license expression and/or a series of license statements or notices). This is a binary score element.
Content/Data: A project has clearly communicated information about which licenses are used for the various content items.Yes / NoSPDX Standard licensesThis is to capture the use of common, standard licenses: a license is considered as standard if it is present in the SPDX license list. The use of fully detectable, standard license notices and texts and copyright statements, as well as the use of SPDX license identifiers and expressions, contribute to a higher metrics score. The use of non-detectable, non-standard and less common licenses makes the licensing less clear.Yes / NoLicenses compliance with DPG requirementsThe code is released under a license compliant with the DPG license requirements.Yes / NoLicenses compliance of libraries/dependenciesWhere applicable, libraries that are mandatory dependencies do not create more restrictions than the project's license does. This is important and ensures that there are no dependencies that would limit the license of the main project.Yes / NoCopyright ownership clearly definedThe copyright ownership of everything that the project produces is clearly defined and documented.Yes / NoProject name checked for trademark issuesYes / NoUtility and ImpactAlignment with Sustainable Development GoalsThe project is able to clearly document and demonstrate a use case that is applicable towards helping attain progress of at least one Sustainable Development Goal.High / Medium / LowCountry UtilizationThe number of countries that utilize this product, directly or indirectly through other platforms: "High" for more than 10. Countries must be classified as low- or middle-income by the World Bank. "Medium" for 4 to 10 countries that use this product."Low" for up to 3 countries or states that use this product.High / Medium / LowBenchmarksDomain Specific: Number of Books/StoriesNumeric valueYes / NoDomain Specific: Number of LanguagesNumeric valueYes / NoTargeted age of the end userSelect answer0-12, 13-18 and 18+ yearsProduct DesignProduct RoadmapA product roadmap exists describing currently planned and resourced development activities, and new features and functionality documented as part of a release cycle.Yes / NoManagement of new feature requestsA publicly accessible and routinely maintained platform exists to manage new feature requests.Yes / NoPrioritization of feature requestsA clear prioritization process exists and is well used for the development of new features and functionality as part of a product backlog.Yes / NoProduct QualitySoftware ProductizationIs there documentation and packaging for the software to be deployed on common operating systems or platforms."High" Software has been packaged for one or more common operating systems or platforms. Software upgrades can largely be achieved without manual intervention. Unit or integration testing is part of the release process. "Medium": Full documentation available for deployment and configuration. A new implementation does not require the involvement of the core development team. "Low": No documentation available for deployment and configuration. High / Medium / LowInteroperability and Data Accessibility"High" A robust API is available for key data and metadata exchange needs for the primary business domain with functional requirements for the API having been developed in conjuction with appropriate country, regional and global stakeholders. API endpoints exist for core data and metadata elements which adhere to standards developed by an appropriate Standards Development Organization relevant to the tools business domain. Standards-based API endpoints are used in at least four jurisdictions (e.g. countries or states). . "Medium": Some APIs are available for accessing and managing data. There are user-facing interfaces to export core data and metadata in the system (e.g. in CSV format) for further analysis and data transfer purposes. "Low": Extract or importing data into the system usually requires looking at source code and/or directly accessing database.High / Medium / LowMulti-Lingual Support"High" Software has been translated into multiple languages and fully supports internationalization requirements. There is an easy tool for new translations to be added. Significant parts of user and implementer documentation has been translated into at least one other language."Medium": Software has been internationalized to support multiple languages (though may not have been translated) for primary portions of the user interface. Some user documentation exists in more than one language. "Low": Limited or no support in the software for multiple languages. Multi-lingual documentation / user resources are practically non-existent. High / Medium / LowAccessibility StatementDoes the owner of the project provide a written statement on their commitment to Accessibility and/or their WCAG target, if applicable? This indicator is conceived as a low effort assessment of the project accessibility features, that should be analyzed further is this a must-have criteria for the intended user base of this project.Yes / NoAccessibility TestingHas accessibility testing been conducted, either internally or by a third party, against the principles and guidelines defined in WCAG 2.0? If the answer is yes, the results of these tests should be made publicly available for anyone to review and assess. If there are claims that testing was conducted but the results are not available, the rating for this indicator should be set to No.Yes / NoVersion ControlThe project code uses mainstream revision control software, such as git.Yes / NoRole-based AuthorizationRole-based authorization exists, if appropriate.Yes / NoDeveloper EnvironmentStep-by-step instructions for setting up a developer environment is available for all appropriate platforms/operating systems, with a minimum of manual steps (e.g. running commands in a terminal/shell)High / Medium / LowCommunityWelcoming CommunityThe community welcomes contributions from anyone who acts in good faith and in a respectful manner and adds value to the project.Yes / NoCode of ConductDoes the community have a code of conduct?Yes / NoCommunity Forum / Mailing ListThe community has a forum or other discussion platform (including a mailing list) for users to ask questions, with reasonable response times from the community.Yes / NoCommunity DiversityThe project has actively recruited and retained a diverse set of contributing members representing underrepresented constituencies, including gender, geography, economic status, and previously unaffiliated organizations. Diversity should be measured on a scale of High/Medium/LowHigh / Medium / LowRecognitionThere are clearly defined and consistent mechanisms for valuing and recognizing good work from individual contributors: thank you in Pull Requests, badges, mentions in articles/blog postsHigh / Medium / LowResponse TimesHow quickly does the project respond to suggestions, questions, pull requests: in a matter of hours (High), days (Medium) or weeks (Low)High / Medium / LowDo No HarmAuditsAre internal or external security audits performed of the source code and internal tooling? High: Exists a clear policy for external audits conducted at regular intervals*, complemented by internal audits based on FAIR principles (or another reputable framework). Medium: there is a policy for regular internal audits complemented by external audits as necessary. Low: there is a lack of audit structure, with no clear guidelines for internal or external audits. High / Medium / LowSensitive data collection The project limits the personal identifiable information that is collected about it's users to necessary information. That data has a reasonable lifecycle and roadmap. High: only necessary PI is collected. Medium: some PI is collected that is beyond the scope of the project. Low: several pieces of PI are collected without clear use cases.High / Medium / LowData storage Personal identifiable information that is collected is stored on server(s) that are encrypted and privacy measures are taken to limit the spread of PII. High: PII is limited to encrypted servers for the project with clear guidelines around email, printing and sharing of PII. Medium: PII is stored on an encrypted server but many staff have access to PII which adds potential risks for sharing/access points. Low: data servers are unencrypted, staff regularly accesses PII and no policies exist around email sharing, printing or destruction of data)High / Medium / LowData termination Personal identifiable information that is collected is subject to clear policies and guidelines around regular deletion or destruction of the data in accordance with local regulations for reporting. High: Clear guidelines exist and are practiced relating to the destruction of PII 2. Medium: guidelines and policies exist around PII desctruction but are not followed up on or tracked by the project organizers/no accountability to this policy is enforced. Low: no policies/guidelines exist regarding data destruction and therefore data storage is unlimited and long lasting.High / Medium / LowDisclosureClear breach disclosure policies exist in accordance with local regulations for reporting. What is the incident response/breach disclosure protocol? High: Clear policies exist and are enforceable. Medium: guidelines and policies exist but without a plan of action. Low: no guidelines or policies exist for breach reporting.High / Medium / LowPassword security Robust password requirements for users are required. High: Password complexity is enforced, multifactor authentication is offered, and logins and authentications performed over TLS/SSL encrypted connections. Medium: Password complexity is enforced and logins and authentications are performed over TLS/SSL encrypted connections, but no multifactor authentication is offered. Low: Either password complexity is NOT enforced or logins and authentications are NOT performed over TLS/SSL encrypted connectionHigh / Medium / LowUpdatesVulnerability and patch management systems are employed. High: vulnerability and patch management systems are robust and occur regularly. Medium: vulnerability and patch management systems exist but lag. Low: no vulnerability or patch management occurs.High / Medium / LowAge Requirements and Parental ControlThe project clearly identifies the target age of it's audience, enforces age limits, provides resources understandable to their audience and enables parental/guardian controls where appropriate. High: There is an age limit on the tool/software and it is enforced. The terms of service are understandable to a youth audience and there are parental controls or permission requirements. Medium: two out of the three above are in place. Low: one or neither of the three are in place.High / Medium / LowMinor - Adult interactionDoes your service allow under 18s to interact and co-mingle with adults (over 18 years)?Yes / NoBest PracticesBooks: CategorizingThe platform or project has an approach for categorizing, grouping and/or leveling books (Yes/No)Yes / NoBooks: Categorizing based on text-complexityThe approach used for categorizing, grouping and/or leveling books takes into account text-complexity and readability (Yes/No)Yes / NoApps: Strengthens literacy skillsThe gameplay and game dynamics are designed to strengthen one or more of the five component skills of literacy below:
1. learning that the language is made up of a specific set of individual sounds and that letters and letter combinations represent those sounds
2. developing the skill to decode letters, letter combinations and words
3. vocabulary
4. oral reading fluency (speed and accuracy)
5. comprehensionYes / NoApps: Provides feedback on learning progressThe user gets relevant feedback on learning progress in the game.Yes / NoApps: Minimum adult supervision requiredChildren at all reading skills levels are able to use the game with minimum adult supervision.Yes / NoApps: Holds user's concentration over timeThe game provides various stimuli to hold the user’s concentration over a period of time.Yes / NoTools: Relevancy of interactivitiesThe interactivities added through the software are relevant for strengthening learning outcomes.Yes / NoContent QualityBooks: Assessment of quality and appropriatenessThe project has in place protocols for assessing content quality and appropriateness, which at a minimum exclude books that encourage hate speech or promote discrimination.Yes / NoBooks: Hosts crowd-sourced contentThe project hosts crowd-sourced content.Yes / NoBooks: Reporting mechanismsThe project has in place a mechanism for reporting inappropriate or poor-quality content.Yes / NoWhat is the responsiveness on material being taken down/assessed when inappropriate or poor-quality content is reported?
High: 3 days or less. Medium: 4-7 days. Low: More than 7 daysHigh / Medium / LowApps: Appropriate to target age rangeThe gameplay and the game content are appropriate for children (both boys and girls) in the target age range.Yes / NoTools: Design does not interfere with contentInteractivities added to learning content through software are designed so that they do not reduce content quality or content appropriateness.Yes / NoFinancial SustainabilityFunding and Revenue"High": Multiple revenue streams and funding mechanisms exist, including at least one that provides for multi-year support of core software development, documentation and other key artifacts. "Medium": Multiple revenue streams/funders exist across project implementations. "Low": At most two revenue streams exists. Revenue streams are largely dependent on time-bound project implementations. High / Medium / Low