the technical debt management cycle
DESCRIPTION
The Technical Debt Management Cycle: Evaluating the Costs and Risks of IT Assets by Dr. Bill Curtis, Director, Consortium for IT Software Quality.TRANSCRIPT
Dr. Bill Curtis Director, Consortium for IT Software Quality
The Technical Debt Management Cycle:
Evaluating the Costs and Risks of IT Assets
Technical Debt Damages Business Value
2
The Technical Debt Metaphor
33
Structural quality problems in production code
Technical Debt
Principal borrowed
Interest on the debt
Business Risk
Liability from debt
Opportunity cost
Interest—continuing IT costs attributable to the violations causing technical debt, i.e, higher maintenance costs, greater resource usage, etc.
Principalcost of fixing problems remaining in the code after release that must be remediated
Opportunity cost—benefits that could have been achieved had resources been put on new
capability rather than retiring technical debt
Liability—business costs related to outages, breaches, corrupted data, etc.
Technical Debt the future cost of defects remaining in code at release, a component of the cost of ownership
4
How to Use Technical Debt
Estimate ofTechnical Debt
Calculating CostOf Ownership
Explaining IT Cost of Quality
AssessingBusiness Risk
Managing Portfolio Quality
CAST’s Application Intelligence Platform
5
ApplicationAnalysis
Evaluation of 1200+ coding &
architectural rules
Application
meta-data
Transferability
Changeability
Robustness
Performance
Security
QualityMeasurements
Detected Violations
Expensive operation in loop
Static vs. pooled connections
Complex query on big table
Large indices on big table
Empty CATCH block
Uncontrolled data access
Poor memory management
Opened resource not closed
SQL injection
Cross-site scripting
Buffer overflow
Uncontrolled format string
Unstructured code
Misuse of inheritance
Lack of comments
Violated naming convention
Highly coupled component
Duplicated code
Index modified in loop
High cyclomatic complexity
Language Parsers
Oracle PL/SQL
Sybase T-SQL
SQL Server T-SQL
IBM SQL/PSM
C, C++, C#
Pro C
Cobol
CICS
Visual Basic
VB.Net
ASP.Net
Java, J2EE
JSP
XML
HTML
Javascript
VBScript
PHP
PowerBuilder
Oracle Forms
PeopleSoft
SAP ABAP, Netweaver
Tibco
Business Objects
Universal Analyzer for other languages
Technical Debt Management Cycle
6
IT ExecutivesApplicationManagers Developers
Set policy and quality priorities
Step 1
Build/Release/QA/AI Center
Set thresholds for app quality
Step 2
Measure Technical Debt
Step 3
Plan reduction goals & actions
Step 4
Remediate violations
Step 5
Track results
Step 6
Report to the business
Step 7
7
Step 1 Set Policy and Quality Priorities
Quality Policy
Corporate purpose
Expected behavior
Training
Reporting
Audit
Quality Priorities
Customer-facing
Internal business
ReliabilityPerformance
SecurityMaintainability
ReliabilityPerformance
SecurityMaintainability
8
Step 2 Set Thresholds for App Quality
Retail Website
Product information
Online purchase
Delivery scheduling
Reliability 3.5Performance 3.5Security 3.9Maintainability 2.5
Reliability 3.8Performance 3.9Security 2.5Maintainability 3.0
Reliability 3.5Performance 3.0Security 3.9Maintainability 2.5
Step 3 Measure Technical Debt
10
Step 4 Plan Quality Goals & Actions
Releas
e 5
Releas
e 6
Releas
e 7
Releas
e 8
Releas
e 9
Releas
e 10
Releas
e 11
Releas
e 12
2.5
2.7
2.9
3.1
3.3
3.5
3.7
3.9
ReliabilityPerformanceSecurityMaintainability
Score
Quality Score Target by Release
11
Step 5 Remediate Violations
PortfolioQA Data
Repository
App Management
12
Step 6 Track Results
Releas
e 1
Releas
e 2
Releas
e 3
Releas
e 4
Releas
e 5
2.6
2.8
3
3.2
3.4
3.6
PlannedActual
Pe
rfo
rma
nc
eE
ffic
ien
cy
AppDevExec
Step 7 Report to the Business
13
Resilience
Efficiency
Security
Transferability
Changeability
Quality Category
Outages, slow recovery
Degraded response
Breaches, Theft
Lengthy comprehension
Excessive effort
Operational problems
Availability
Work efficiency
Data protection
IT productivity
Delivery speed
OutputMeasure
Bu
siness risk
IT co
st
Technical debt
Reducing Technical Debt Is Imperative
14