Every decent executive wants to have situations under control. But information systems, and particularly their inter-dependencies, have already grown beyond our ability to control them. Seeking full control is, unfortunately, a fool’s errand.
The recipe for optimal and realistic control is simple but not always easy to execute:
- Identify your critical business processes
- Identify your core systems
- Identify your critical dependencies
- Freeze what you can
- Focus testing on critical integrations
Because you are still in business you certainly know what your critical business processes are and how information systems contribute to them. You may have a myriad of apps and systems but probably only a handful of them are really core systems. A core system is characterized by one or more of the following:
- Necessary for a critical or core operational process. Manufacturing systems (MES) typically meet this criterion
- Holds large amounts of critical business data. ERP and CRM systems typically meet this criterion
- Actively used by a large number of people. Office systems, order processing systems, helpdesk systems, and self-service portals may meet this criterion
- Serves as an integration hub in enterprise architecture
The fourth criterion is particularly interesting here. Some businesses have built everything around SAP. Some may have a “hidden integration hub” in a very old information system whose database everyone else relies on. Some may have a dedicated integration bus that everything else builds on.
Because software is intangible, fact-based analytical discussion about it may be challenging. The borders of core systems are sometimes hard to draw. For example, the name of the user interface tends to become the everyday name for anything accessed through that user interface – even if that interface is only a thin shell around huge information systems.
Information system problems are more often caused by dependencies and integrations between systems than by any single system alone. Since business moves at the speed of light, its digital backbone needs to evolve almost as rapidly. Therefore, there are a number of not-always-so-predictable system updates underway all the time. The problem is, those who update one system rarely know or care about the other systems it integrates with.
Once you know what your core systems and critical dependencies are you will be able to exercise stricter control and quality assurance over them and let everything else evolve more freely. In practice this means fewer changes in core systems and critical dependencies, more thorough analysis of the impact of those changes, and more thorough QA before the changes go live. It is guaranteed that there will still be problems and there will still be angry people. But at least critical business operations will be less vulnerable.
Check out the rest of the blog series here:
- Focus on risks and dependencies
- Train your digital operations people in DevOps
- Start viewing your IT investments as products rather than projects
- Shift testing left – and shift testing right