Configuration management experts have long defined CM in terms of four key functions: Configuration identification, status accounting, change control and configuration audit. If you have been reading my books or my Behaviorally Speaking column, then most likely, you are very familiar with most (or all) of these practices. Configuration identification focuses on naming conventions and ensuring that you can select the correct configuration items (CIs). Change control is most commonly associated with ensuring that changes to production are reviewed and occur within the change window. The one technical term that always baffled me was status accounting, which is defined as “following evolution of a configuration item” through its lifecycle [1]. In practice, this is done using a robust software development lifecycle (SDLC), which most of us today call application lifecycle management (ALM) to indicate a more comprehensive approach than the SDLC’s of long ago. I have always believed that this terminology came about in the days when we could track Cobol modules and copy books on the back end of a napkin as we had lunch with our customer who was asking for a new feature or report. Times have changed, but status accounting is nonetheless very important and for many a regulatory (or contractual) requirement. The good news is that you can implement effective status accounting using the agile ALM!
The key to an effective software development methodology is to have just enough process so that you do not make a mistake, with the absolute minimum amount of red-tape or as the agile folks like to say “ceremony”. But how much process is enough and are there times when you should scale up or scale down? The agile ALM should align with the Agile Manifesto and agile principles ensuring that your team can achieve an acceptable velocity without being unduly burdened with too much process [2]. Creating user stories, test plans and scripts are all must-have practices that really require the flexible tools. Your agile ALM should have an effective change control process along with completely automated application build, package and deployment. Most teams these days are thriving on continuous integration servers and working to implement effective continuous delivery practices.
When you define your processes make sure that you identify the tasks that really need to be tracked. Providing transparency and traceability helps everyone on the team understand what needs to be completed on a daily basis and especially helps them to understand how their work affects others. It also plays a key role in communicating when deliverables will be met – communicating to senior management any potential risks that need to be addressed. It is always best to automate your ALM using a workflow automation tool. Folks will likely bypass processes if there is no traceability and a reporting on whether or not each step was completed. But be careful here, because many companies have such time consuming and onerous processes that everyone works hard to find excuses to bypass the established IT controls and soon these steps are rendered meaningless.
If you are in a bank or other financial services firm then you are likely familiar with adhering to IT controls that are established to comply with federal regulatory requirements as well as commonly acceptable IT audit practices. The ITIL v3 framework, ISACA Cobit and industry standards from the IEEE and ISO are commonly used to determine exactly what controls are required for a particular industry. The only reasonable way to make this all happen is with an effective workflow automation tool that communicates next steps for each stakeholder while providing transparency into what tasks have been completed and also the steps required next. Software development is a complicated endeavor for most organizations, but the reward is highly effective systems which provide robust features and can scale to meet the peak usage.
Successful organizations establish their processes initially and continuously evolve them as needed. It is common for processes to be very light, with few IT controls in the beginning, but then become much more structured as the project advances and delivery dates approach. The agile should provide guidance for all of the activities required for the success of the project, without being overly burdensome in terms of rigid rules and ticketing systems. Workflow automation is essential, but the selection of easy to use and flexible tools is a must have.
The integrated service desk should streamline both internal requests and also provide a front line to handle customer calls and requests. When your help desk runs well then problems are typically solved quickly and often lead to customers who may even agree to purchase additional products and services while they are on the line. Actual problems and incidents should be handled by your incident response team and provide a feedback loop to your QA and testing function.
Continuous testing also requires effective processes and right tools to enable robust automated testing including the use of virtualized test assets. Release and deployment automation are also key ingredients and, implemented correctly, improve reliability and security. Status accounting may be a rather dry and innocuous term, but the agile ALM itself is a very existing capability that can empower your team to achieve success and ensure business success!
References
[1] Aiello, Bob and Leslie Sachs. April 2016 (In Press). Agile Application Lifecycle Management: Using DevOps to Drive Process Improvement Addison-Wesley Professional
[2] Aiello, Bob and Leslie Sachs. 2010. Configuration Management Best Practices: Practical Methods that Work in the Real World. Addison-Wesley Professional.