.svg)
.webp)
.jpg)
In my close to 30 years in IT, and Quality Assurance in particular, I’ve seen and heard a lot of things. Not quite attack ships off the shoulder of Orion or C-Beams glittering in the dark near the Tannhauser gate, but enough to take on many learnings and shape how I’m doing things now.
They say the most common cause of software failure is poor quality requirements and that’s true. Failure to concisely identify what’s required by a system both functionally and non-functionally, whether you are doing waterfall or agile or anything in between, leads to ambiguities which almost always result in failure.
We can’t blame everything on poor requirements though and just hope our Business Analysts ‘do better’. They are often a victim of the workplace processes and environment and must work with what they have. Even if said requirements are unambiguous, correct, consistent, complete, testable, and feasible, it does not mean that you’ll end up with a fully working system. Other very common causes of failure include anything to do with data, environments, manual processes, development errors, hardware, middleware, user error and, as we appear to be seeing with the new Rozelle Interchange in Sydney, a fundamental misunderstanding of the opportunity or problem statement and the assumptions that go with them.
I’ve seen testing in production resulting in an executive losing valuable insurance cover. I’ve seen release management reinstall a past version of code into test leading to the loss of weeks of effort. I’ve seen requirements signed off by management clearly not having read them and I’ve seen processes so lax that an untested fix could be pushed into production preventing system access globally for twelve hours.
All being equal, good quality practices and processes will usually prevent or detect the most critical issues, but to reduce risk efficiently, systematically, and effectively a holistic approach is required across everything.
ITIL 4 is much more than service desk optimisation. It covers General Management, Service Management and Technical Management Practices. Ranging from how you do continual improvement, knowledge management, project management though to change control, incident management, release management and on to deployment, infrastructure and platform management and software development. Getting these practices right will make a huge difference in how your organisation operates and the culture within which it builds or acquires software.
Quality Assurance and testing processes are paramount in delivering software that is fit for purpose. Make sure your processes are aligned with methodology, you understand the objective of each stage of testing, what you are doing is measurable and of course, tied back to requirements so your results are both meaningful and objective rather than creating false confidence based on numbers of test cases executed.
How reliant is your company on its data? Sales, inventory, billing, financial, customer, supplier, tax, regulatory? Is there a proper data strategy in place? Is there a single source of truth? Is it secure? How do you access, store, and retrieve it? Are you, or would you know if you were in breach of GDPR or the Australian Privacy Act of 1988? How do you use it? Could you use it better? How much does it cost you and could you be more efficient?
Finally, how safe are you? Are you sure no one, accidentally or maliciously can’t come in and jeopardise all your hard work? Most organisational security threats are not technology related so you can have the best tech in the world but if your employees are clicking on the wrong links or answering questions on social media about their first pet name it may all be for nothing.
So, you must look at all the links in your chain, not just a few. Get your IT practices in order and do everything the best way you can. Implement best practice quality assurance and don’t let vendors dictate acceptance criteria. Invest in and understand your data both quantitatively and qualitatively, it’s much more of an asset than you might think. Know your security threats and don’t think the solution is all tech or penetration testing.
Remember the big picture, take a step back and if something doesn’t look right, it probably isn’t. And if you have read this far, I promise my next blog will not feature my photo; real, manipulated or otherwise!
.webp)
.png)
.svg)
.svg)
.webp)
.webp)
