Andrew Griffiths of Lamri looks at software project failure a year on from his last piece for the BCS.

How the world can change in just 12 months. The cautious return to investment in software for strategic advantage and the associated investment in process improvement has picked up a pace. From my perspective a number of key market trends have encouraged my view that the attitudes of executive and senior management to software delivery capability have improved but there are still areas of critical concern.

Silver bullet syndrome is less common

There has been a change in focus from buying technology or more highly skilled people to a more rounded view that considers process capability too. Clearly this is not universal but it is much less common to find organisations just buying tools or skills as a 'silver bullet'.

Surprisingly this has not resulted in even more market penetration of the rational unified process (RUP); it appears to have catalysed interest in agile methods and CMMI. Agile has gathered momentum around a desire by UK developers to become more and more responsive to their customers' requirements, responding to pressure from offshore providers.

CMMI's momentum has had three main drivers: the integration of organisations into one team, as a lever in the delivery of the benefits of internal best practice and agile methods across the whole organisation, and providing increased control to meet new regulatory requirements.

Real lessons are being learnt from offshoring

Clients are wising up to the huge margins being made by suppliers, understanding that they have to be capable customers to derive value for money from offshoring and that sometimes offshoring can cost you more. I have worked with organisations where existing UK-based teams are cheaper, for certain types of project, than going offshore.

However this is not the full story. Offshoring can expose your organisation to unforeseen business risks that can cost much more than you could ever hope to save. Not just the stuff of natural disasters or intellectual property law but real revenue effecting risk.
To use a simple real-life example, a UK software product company places its first line support with an Indian provider. The Indian provider delivers a first-rate service at lower cost but it turned out the primary source of sales leads for the product company was the internal support desk (which has now been outsourced). All the interpersonal relationships built up over years had led to a slick sales follow-up process that generated a large proportion of the company's revenue. This unexpected risk turned into a business critical issue.

In another example the ongoing development and maintenance of a strategic telecommunications application was passed from a UK SI to an offshore provider. The move was a great success, service availability improved as did support responsiveness, but nine months into the contract they hit a significant problem. The strategic development activities had not received the attention they needed due to the redirection of staff to support activities.

This happened and went unnoticed because the level governance of expenditure of time was lower than before. Why? The contract value was lower so the procurement team did not apply the same controls. This again caused knock-on costs outside of the IT team, which are so high they will never be recovered by efficiency savings in this contract.

It might be easy to think that these risks don't apply in your situation or that you can gloss over them but there is UK legislation that will come into play early next year that places legal obligations to improve reporting to shareholders through the Operating and Financial Review (OFR). It will place additional verification and validation demands on companies' internal management systems and increase transparency by expanding the existing requirement for companies to include a fair review of their business and providing a criminal enforcement regime for the OFR and the director's report.

So what does that mean for software delivery? Well it means more accounting controls in software, greater governance of software projects that can have a material effect on shareholder value and a professional obligation for IT professionals to ensure these areas do not go unaddressed.

Large marketing budgets are being focused on improving software delivery

There are a number of players in this area but Microsoft, with designs on enhancing their tools offering and the performance of software teams, is going to drive the agenda in many organisations. Their skills in commoditising a market and the power of their marketing will only serve to further drive interest in software development capability. However...

Corporations still focus on the wrong costs

Corporations are great at managing headcount on an annual basis but there is often little or no control in place to track how the time is being used. This is astonishing when you examine the control applied to external capital expenditure. Corporations are able to sink millions in staff time into ill-advised adventures relatively easily compared to six levels of sign-off for a single laptop computer.

The legacy replacement dilemma

Legacy replacement is driving investment in software delivery but these projects are often based on some very shaky assumptions. The first is the requirements for the new system are 'largely' documented in the old, which is often 'almost' true. This assumption leads to a limited investment in requirements analysis so the size of the gap goes unnoticed, often until user acceptance testing.

The gap is usually created by a desire to 'just put a few tweaks in here' to provide a business case for the change rather than just sinking money into technology churn. When maintaining a strategic legacy application the end-users become adept at providing very specific requirements that are implemented onto a very stable architecture.

When the re-engineering starts the end-users struggle to articulate the true extent of their requirements, the IT team struggles with the requirements and design process as these ceased to be practised skills years ago. These projects often look like a simple 'direct replacement' with new technology, however the hidden skill gap ends up driving a significant overrun.

Independent standards and approaches don't help UK plc

UK plc still has a habit of 'doing its own thing' from a standards perspective, having a bag of semi-related tools and approaches. Some of these have gained real traction outside of the UK and really provide great benefits to the industry (e.g. PRINCE and ITIL®), however many are barely applied in the outside world.

If it were up to me (and it is not) I would get the OGC engaged with the SEI on the integration of CMMI and ITIL®. CMMI and ITIL® together present a very powerful case for most organisations but for this to work the OGC would also have to end-of-life things like the Project Management Maturity Model (PMMM) that would only serve to confuse the software industry.

Even with all the new technology, new approaches and new investment there are still significant problems that are costing UK plc millions. What do these problems boil down to? A lack of basic management controls and an unwillingness to stop and evaluate risk.

How much more competitive would UK plc be if every project controlled their requirements, managed change and completed re-forecasts based on metrics from project execution rather than a finger in the air? When you put it like that it doesn't sound so difficult, does it?

Andrew Griffiths is the managing director of Lamri, a software process improvement consultancy.