Peter Wheatcroft, principal consultant at Partners in IT, discusses one aspect which exists in both v2 and v3 - that of application life cycle management.
Much of the thrust of service improvements in recent years has centred on ITIL® (the IT Infrastructure Library) and the role of process effectiveness. This had led to a much needed focus on core disciplines, such as change and incident management, with a commensurate improvement in the standards of delivery. As in any discipline, however, there comes a point when continuing to focus on the same thing will yield diminishing returns and the core ITIL disciplines are now mature enough to allow the focus to be moved elsewhere.
ITIL is the most widely accepted approach to IT service management in the world. It provides a cohesive set of best practice, drawn from the public and private sectors internationally. It is supported by a comprehensive qualifications scheme, accredited training organisations, and implementation and assessment tools. The best practice processes promoted in ITIL support and are supported by the British Standards Institution's standard for IT service management ISO/IEC 20000.
The scope of application life cycle management, or ALM for short, is an evaluation of the applications development, delivery and maintenance processes used in an organisation from a service delivery perspective. This is done to ensure that the way such applications are delivered meets the needs of the customer as defined in any SLA’s and which will be backed up by the service teams inheriting them.
However, few companies allow their service teams effective access to the development life cycle, and yet, addressing a service root cause at the business analysis stage will yield significant problem, usability and incident management benefits when the system eventually transitions to live.
A process that uses the application management specification of the OGC ITIL library as its base methodology and which can act as the review framework, as below, is also covered by the international security management standard ISO 27001 as well as CobiT 4.1 and so is not a geeky thing.
An illustration of ALM based on the ITIL, ISO and CobiT specifications
Best Practice doesn’t just happen
Best practice in application delivery means having clearly understood processes which ensure that:
- applications are developed against business and user needs;
- mature test, user acceptance and release processes are in place;
- appropriate emphasis is given to governance and security considerations;
- the organisation is not financially or legally exposed by an application release;
- released applications are efficiently managed by ITIL-based service management methods;
- end user experience is constantly managed from on-going real time performance monitoring;
- a rapid return on investment and market share is gained by efficient application life cycle management within the organisation.
The alignment of processes between ‘silos’ in a successful organisation must allow for the rapid development, release and management of applications in order to meet organisational requirements and to provide a timely return on investment.
According to a recent survey, which looked at 200 top European online organisations, poor application response can cost in excess of £500,000 pa. Poor response will ensure you lose customers, users and market share to your competitors, because applications that do not fulfil user requirements, especially non-functional needs that are often not well specified anyway and take too long to deploy from initial concept to release, means competitors quickly erode your market share and business.
A review of the application life cycle through the stages of development, test, release, and end-service management will allow monitoring of real external customer experience monitoring of applications. This will support the delivery of:
- A benchmark of the application life cycle against industry best practice – measuring current success in delivery against external references;
- A detailed analysis of the application life cycle, identifying ‘bottlenecks’ and inhibitors to success within your organisation;
- An analysis of governance or financial risks associated with the application life cycle;
- An analysis of service management processes associated with the development, test and deployment of applications;
- An assessment on how to drive improvement in the life cycle processes and to deliver a rapid return on investment for critical applications;
- An assessment of fitness for purpose of current development and management tools;
- A specification of what the underpinning OLA’s need to be to support the customer SLA’s which are either in operation or which are being planned;
- A skills audit and training needs for key staff;
- A clear understanding of the end customers’ ‘user’ experience;
- A report on real ‘user experience’ of web services compared to your competitors.
Call to action
Addressing ALM is a way of ensuring service management success by reducing the number of security, operability and usability issues passing through the development life cycle unchecked. It requires a very different approach to the normal service improvement programme since the agenda crosses departmental boundaries, although the benefits are organisation-wide. It is thought that with the emphasis given in ITILv3 to service transition, ALM is one of the key mechanisms available to deliver the next stage of quantifiable service improvements.
A major financial institution had initiated a service improvement programme which tasked its service management teams with improving delivery to ‘best practice’. However, as well as targeting specific changes in the normal operations cycle, it also looked at ALM and found that it was only 72 per cent compliant with ITIL standards and also returned 60 per cent of level 4, rather than the desired 100 per cent, against the CobiT maturity framework. This meant that further improvements in delivery standards were unlikely to be realised until the systems life cycle was overhauled. The company brought in a new AM partner certified to CMMI level 5 (equivalent to CobiT level 5) in order to ensure alignment of development activity with service objectives.