Chapter 8. The Way Forward

Software will continue to take on an increasingly important role in supporting economic development, creating new revenue streams for the consumer market, and transforming how we work and live. To this end, the role of the software developer is one of the most critical functions in the organization. Without the technical skills of the software development community, business strategies cannot be properly executed, thereby affecting shareholder value. Yet across the organization, less than 10 percent of effectively formulated strategies are effectively executed.¹

For these reasons, IT governance can be one of the most important bridges between successful business strategies and flawless execution of those strategies. Unfortunately, the term IT governance tends to stir negative images of an overseer looking for mistakes—whether it’s a task force assigned to review software code or IT governance software that automatically identifies potential flaws. If we can shift those negative connotations to focus on the value that IT governance delivers in productivity and prosperity, we can begin to erase the negative connotations. This can be done through changes to corporate culture, approaches to software development, and an elevation of the role of IT governance to the executive suite.

This final chapter discusses the hidden impact of faulty software by focusing on the role of software developers. We will also branch out to the many areas of business that are affected by their actions. To do this, we’ll cover the following topics:

• The rise of the software developer

• The responsibilities of managers and executives in mitigating glitches

• The way forward

The Rise of the Software Developer

In the near future, it is entirely possible that the role of the software developer will shift from a purely IT function to one where the scope of responsibilities will require solid business skills. This shift will be separate from the traditional role of the developer moving up the ranks into management. Instead, developers who demonstrate knowledge and who apply that knowledge from a business perspective will be rewarded beyond today’s traditional compensation structure.

This will lead to the creation of a third branch in the developer career path. Most organizations today have two primary paths—the individual contributor and management roles. A third path would be purely technical, with a focus on software quality as it applies to the business. This role would not be responsible for traditional management activities such as budgeting and overseeing staff.

The expansion of the developer’s role in the organization will also be driven by the following:

• The increasing demand for software developers

• Litigation and consumer action due to software glitches

• A transformation in the corporate culture

The Increasing Demand for Software Developers

As we discussed previously, opportunities for software engineers will increase by 21 percent from 2008 to 2018.² Compounding this need will be an increase in the volume of work required to support the continued instrumentation of products. This will result in a competitive and lucrative market for skilled IT professionals.

This demand will require that we be even more mindful of software quality as developers reap the benefits of the plethora of opportunities that will exist. We want to avoid a repeat of the dotcom era where jobs were filled by less-than-qualified applicants in the interest of making money for short-term gains. As we’ve learned from the stalwarts of the dotcom period, companies that focus on quality products and services can sustain themselves through bull and bear markets.

Litigation and Consumer Action Due to Software Glitches

Despite the upcoming strong demand for software developers, companies won’t be duped by inferior efforts. They may even hold individuals or outsourcers accountable if they contribute to debilitating software glitches.

IT vendors will be held more accountable for faulty software due to:

• Changes in legislation

• Overseeing organizations and social media

Changes in Legislation

The Toyota recalls and the issues with overradiating cancer patients again raise the age-old debate about legal issues and responsibility for software development errors. This idea has been a somewhat polarizing topic in IT circles due to the nature of software development and the fear that liability may discourage those who are interested in pursuing a career in the field.

In 2009, the topic was brought into the courtroom yet again as the European Commission proposed that EU consumer protection laws be extended to “cover licensing agreements of products like software downloaded for virus protection, games or other licensed content.”³ When it comes to consumer products such as faulty microwaves or toasters, this law is enforceable. Yet in many cases, especially when it comes to enterprise software development, the biggest challenge is connecting a straight line between the software code and a glitch that results in lost revenue or worse. This is due to the many hands that touch the code—the customization that happens at the client site and various interpretations of the benefits the software will deliver.

Still, in May 2010 the UK High Court ruled that a software company was liable for buggy software. The case centered around the sale of hotel management software that didn’t perform as expected. The hotel lost business and had to hire additional staff to fix the faulty software before it was eventually replaced.⁴

I don’t expect litigation of this nature to become the norm. However, we can expect to see more cases given the sheer volume of technology that is now part of our lives. Be warned that lawsuits can be costly and time-consuming, and they don’t always sufficiently address the main issue that usually leads to the lawsuit—the bad code.

Overseeing Organizations and Social Media

Since litigation may be an extreme measure, mechanisms are in place to oversee the quality of products. One of the more widely known certifications comes from the International Organization for Standardization (ISO), the world’s largest developer and publisher of standards for business, government, and society.⁵ Additionally, thousands of consumer advocacy offices, publications, and lobbying groups are committed to quality control and the rights of the customer. However, the majority of these organizations are set up to provide guidance and recommendations as opposed to enforcing standards.

For example, it’s not uncommon to see ISO certification banners and plaques hanging in the lobbies of companies that manufacture goods. This certification acknowledges that the company follows ISO processes for product defect checking and applying appropriate corrective actions. The company also reviews procedures to determine and monitor their effectiveness and continuously improves its overall business processes.⁶ However, obtaining third-party endorsement from the ISO is not a guarantee that the company’s products won’t be faulty. The certification only signifies that the company adheres to the recommended business processes set by ISO; it doesn’t validate the execution of those processes.

Meanwhile, a wider quality gap is being created when it comes to the enforcement of higher standards for consumer products. This gap occurs largely because more consumer products are being infused with higher levels of technology and because no federal requirements are in place yet to account for the ubiquity of technology in all these devices. However, the efforts of the http://www.recalls.gov website shouldn’t be given short shrift.

This government site is a one-stop shop for all government recalls. It is composed of six federal agencies that are dedicated to alerting people to unsafe, hazardous, or defective products: the U.S. Consumer Product Safety Commission, the National Highway Traffic Safety Administration, the U.S. Coast Guard Department of Homeland Security, the Federal Drug Administration, the U.S. Department of Agriculture, and the U.S. Environmental Protection Agency.

Although this website is a highly valuable source of information, the latest recalls.gov data doesn’t always make it into the major news feeds. Otherwise, I’d argue that a good 30 percent more of our headlines would be about those recalls and warnings. We need consistent and effective approaches to spreading the word about faulty products beyond a website. One way to do this is by using social media.

For example, in May 2010, the Australian Competition & Consumer Commission (ACCC) released a report and accompanying recommendations regarding the process for reporting consumer recalls. It did so after discovering that consumer responses to product recalls varied widely and in some cases were nonexistent. In its recommendations, the ACCC suggested making greater use of social media, online communications such as websites and blogs, consumer alerts, and consumer reporting.⁷ Vendors and consumers owe it to each other to fairly report product shortcomings in the interest of public health and safety.

Somewhere in the middle of litigation and accountability could be a sort of color-coded threat level system that warns customers that the software may be detrimental to health or safety. The coding system would be based on a set of criteria, and the labels would range from “formal complaints” to “pending litigation” to “resulted in serious threat or harm.”

The ratings would be determined by customer feedback, posts on social media threads, and in-depth reviews of the products conducted by certified third-party reviewers. An overseeing body such as a Global IT Governance Council would ensure the validity and integrity of the ratings and make them publicly available on a website at no charge.

A Transformation in the Corporate Culture

With more emphasis on the role of software development practices to reduce the number and severity of glitches, the inevitable result will be a transformation in the corporate culture. Achieving higher-quality products and stronger bottom-line results will require a shift in how software developers view their contributions and how the organization prioritizes the development process. This will happen by:

• Getting developers on board with IT governance

• Understanding where the software goes awry

• Prioritizing IT governance throughout the company

Getting Developers on Board with IT Governance

In many instances, the developers’ perspective of their contributions may be limited to the code or application they are currently working on—when, in reality, their contributions are far greater. According to Lynn Cox of Ford Motor Company, “You have to educate teams why IT governance is so important. You can do many things like mandatory training or tie it to performance reviews, but once someone really understands why it’s important from a real-world point of view, that’s when you start to see a difference.”⁸

The bottom line is that IT governance simply will not happen if the developers and related IT teams are not on board. Following are recommended steps to make this happen:

• Think like a developer. Recognize that developers are primarily trained to build applications, troubleshoot infrastructure issues, and extend the value of software. Although they are focused on creating quality products, they don’t always look at the bigger picture from a business perspective. Recognize that IT professionals strive to be part of something commercially competitive and important, and appeal to those interests as well as their desire to be engaged in the newest technologies. Understand these work styles and motivators, and accommodate them as you build the overarching IT governance structure.

• Evaluate the quality assurance (QA) process. Most QA processes are focused on testing the product to see if it performs accordingly. In the ideal environment, the customer perspective is taken into account, and the QA team puts the software through its paces just as a customer would. Time should be built into the product development and release schedule to include this critical step. From there, developers should be brought back into the loop so that they can see how the product performed under various user scenarios. This is different from simply pointing out bugs, because it puts the product into a real-world context to further educate developers and the QA team.

• Test at every stage. Make sure that testing is done at each stage in the development cycle so that errors are addressed immediately. Give the developers incentives by offering rewards for those who have the highest percentage of clean code. Offer testing teams rewards for the highest percentage of discovered bugs. If testing is done throughout the development process, the code will contain fewer bugs, and the software will have better quality overall.

• Build governance into the production schedule. As you map out the product’s features and align it with a calendar, make sure that governance is instilled at the very first stage of the development process. This way, developers are on board from the onset of the project, as opposed to a last-minute rushed approach to reviewing the code.

• Embrace mistakes. Too often, the testing or governance review phases can feel like a cross-examination of the developer’s skills. You want to discourage finger-pointing and foster an environment where an appropriate number of mistakes are tolerable as long as they are quickly identified and fixed and the same ones are not continuously repeated. You definitely want to avoid creating “counter bugs,” which are essentially a defensive response to the review process. More specifically, a counter bug occurs when “someone reviewing your code presents you with a bug that’s your fault, [and] you counter with a counter bug: a bug caused by the reviewer.”⁹

• Require clear, concise, specific bug reports. This ensures that the issues with the code are addressed in a timely manner. Bug reports should not be complicated or convoluted, nor should they require additional resources to unravel their hidden meanings.

If you can streamline and automate some of the required processes associated with the software development cycle, the IT staff will be free to focus on the aspects of the job that are most appealing. They can create software that contributes to the industry’s ecosystem and is viewed as a valued aspect of a business.

One more piece of advice for getting developers on board comes from Yakov Sverdlov, an IT professional with 30 years of experience in roles that span software developer, manager, and IT director: “IT governance should be a technical feature that is built into the software. This way, it is always running in the background, it is there when you need it, and it doesn’t disrupt the software development process.”¹⁰

Understanding Where the Software Goes Awry

We have addressed why it’s important to improve software quality. But understanding how it goes awry is critical to shifting how it is designed, developed, and delivered.

If you’ve ever seen a screen full of code that at first looks like hieroglyphics, you understand how easily errors can get through the review process, especially when the reviewers are looking at hundreds of lines of code in a very short period of time.

Adding to this are antiquated software review processes. In many companies, more senior developers or managers review the code line by line after it’s written and just before it’s deemed “locked.” This means that no more changes will be made to the code, and it is ready to be shipped.

Along with the monotony of much of the manual review process is the fact that in most organizations, more than one application or service needs to be reviewed, especially since new code will affect existing applications in the infrastructure. The sheer volume of code that needs to be checked lends itself to the frailties of human nature, which will inevitably lead to mistakes. However, many of these errors can be significantly reduced or avoided. Here are some of the more proven approaches:

• Create centers of excellence (COEs). COEs bring together practitioners with varied knowledge, experience, methodologies, resources, and best practices that can be applied to the software development process. Although proven approaches can save time during the review process, each application should be viewed separately, with an eye toward how it will be specifically used at the client site. Additionally, different views and experiences in software development should be encouraged as the COE is created or continues to evolve. Said Chuck LoCurto, CIO and executive vice president of enterprise applications at Textron Financial, “Two heads are better than one, but only if they think differently.”¹¹

• Automate appropriately. Automating the more mundane software development tasks streamlines efforts while making the required last steps of the manual review process more effective. Often, a repetitive approach to manually developing software or reviewing code lends itself to more flaws. The developer or reviewer sees the same things repeatedly and may not find the subtle, hidden flaws that would be picked up in an automated system. This approach also frees the developers and reviewers to focus on the more complex and intellectually rewarding facets of the software development process.

• Apply software quality thresholds to business plans. The quality of an organization is reflected in the products and services it puts into the marketplace. When companies have a clear idea of where to set the quality bar when it comes to the technology used to develop their offerings, they can formulate and execute more strategic plans that result in higher-value goods.

As IT industry analyst Dana Gardner of Interarbor Solutions suggests, “For companies to stop the proliferation of these glitches, they need to determine a business plan based on what they know the software—and the organization’s levels of competency and governance—are capable of so that quality is already factored in. Software quality thresholds should increasingly be the starting point for business plans. And that means that the software quality thresholds should be known, governed, and managed, and hopefully always improving on an ongoing basis.”¹²

Prioritizing IT Governance Throughout the Company

From a business point of view, the software development process should be more tightly integrated into the company’s other line-of-business (LOB) functions. A CIO or vice president of engineering has a seat at the management table and reports on progress. However, more emphasis should be placed on the interconnectedness of the role of software development across the company as part of overall efforts to elevate quality.

Transforming corporate culture is not easy, but a 180-degree change is not required. Following are some recommendations for improving product quality through shifts in the corporate culture:

• Include a segment on the role of IT during new-employee orientation. Many of the learning modules in orientation programs focus on benefits or the new employee’s specific job function. Providing a deeper view of the role of IT in the context of “why we’re in business today” will give new employees across every department a greater understanding of the company’s priorities.

• Build incentives into development projects. Hold developers accountable for the quality of their products by attaching bonuses to their efforts. The bonus structure should contain clearly defined metrics for uptime, reliability, quality, and percentage of errors.

• Expose software developers to more LOB functions, and vice versa. Try to foster better understanding among employees about how the individual roles contribute to the larger organization.

The Responsibilities of Managers and Executives in Mitigating Glitches

One message consistently came through during the majority of the interviews for this book. That message is that, although management understands and appreciates the value of IT governance, the majority of developers are less than enthusiastic about embracing it.

The key to making IT governance work effectively in an organization is to pinpoint the disconnect between management’s perceived value of it and the reluctance with which it is actually executed on a day-to-day basis.

IBM Vice President Sandy Carter had the following suggestion: “IT governance has to be top down and across the board. The first step is for management to listen to developers and better understand their roles and perhaps some of their reluctance. Once that is understood, key stakeholders can collaborate on the best ways to introduce and enforce governance so that it is meaningful to the company and its customers. If you attach performance metrics and rewards to it, you’ll see an uptick in the way governance is followed, but this will only be temporary. You have to make sure that the entire organization, from a technical, business, and cultural perspective, really understands what could happen if IT governance is not in place.”¹³

If you’re thinking that’s easier said than done, you’re not alone. The resistance to IT governance is warranted in some cases, but in other situations it has proven to save time and money. To address those concerns and provide a realistic view of what IT governance can and cannot do for the organization, the next sections look at the following topics:

• How to make the most of IT governance

• Supporting intersecting roles while avoiding duplication of effort

• Commitments and responsibilities

• Determining the criteria for success

How to Make the Most of IT Governance

There’s no question that IT governance remains a top priority for CIOs. In the “2010 State of the CIO Survey” conducted by CIO magazine, IT governance was ranked third in the list of priorities.¹⁴ Given its importance to the organization, the resources that are allocated to its successful execution should be closely monitored. However, this should be done without managers and developers feeling as if an additional weight is being added to their already heavy workload.

One of the keys to making governance effective is to “make it seamless and less intrusive and less knee-jerk.” This advice comes from Professor M. Brian Blake, PhD, associate dean of engineering and research at the University of Notre Dame. He has more than 15 years of experience in consulting for government agencies and private organizations, as well as designing and teaching software development curricula.¹⁵

Key to achieving this seamless approach to IT governance is to understand the following:

• Audiences

• Requirements for transparency

• Ten ways IT governance is maximized, and ten ways it’s squandered

Audiences

To make the most of investments in IT governance, it’s important to recognize the key stakeholders:

• External auditors

• Outsourcers

• Service providers

• Partners

• Customers

• Business decision makers

• IT staff, managers, and executives

Given the many audiences that IT governance addresses, it’s clear that it must move beyond the confines of IT. It also must meet business and technical requirements established by a company in order to be truly effective.

Requirements for Transparency

According to Christian Neau of Freeborders, an IT services organization headquartered in San Francisco, California, the requirements for transparency include an established set of metrics, assessments, and planning. Neau is responsible for IT governance efforts for Freeborders’ externally sourced projects.¹⁶ Here are Neau’s requirements within those three categories:

Metrics

• Financial

• Quality

• Productivity

• Schedule and budget adherence

• Resources

• Service level agreement adherence

Assessments

• Customer perception with regard to satisfaction, value, and quick issue resolution

• Areas of targeted improvement

Planning

• Scoping of future sourcing activities

• Continuous-improvement plans

• Projections for projects, staffing, budgets

Without consideration for all the aspects of the business, IT governance efforts will fall flat. This is why it’s critical to move IT governance from a back-room IT process to a company-wide effort. As IT industry analyst Joe McKendrick sees it, “IT governance is more essential than ever, since businesses rely on IT for everything, from managing production cycles to managing the employee lunchroom.”¹⁷

Ten Ways IT Governance Is Maximized, and Ten Ways It’s Squandered

According to IT industry veteran Yakov Sverdlov,¹⁸ you can expect to spend approximately 20 percent of your IT budget on new development and 80 percent on maintenance. To make the most of these investments, following is a list of ten ways to maximize IT governance resources and a list of the top ten ways to squander those resources.

Ten Ways to Maximize IT Governance Resources

1. Hold frank discussions with developers about the value of governance, and address issues without fostering a fear of voicing opinions.

2. Create a cross-functional, company-wide IT Governance Council responsible for ensuring appropriate enforcement and aligning technology with customer priorities.

3. Establish benchmarks, and evaluate progress according to agreed-upon metrics.

4. Promote IT governance as a positive contributor to the company’s bottom line, and offer employee bonuses to help negate unfavorable connotations.

5. Make each part of the IT infrastructure transparent.

6. Extend corporate governance policies to outsourcers.

7. Create reporting dashboards that reflect business goals.

8. Raise awareness of potential trends among employees or teams that may signal dissonance or gaps in skills.

9. Apply governance at each stage of the software development life cycle to avoid gaps that lead to glitches.

10. Automate where possible, but don’t abandon the human review cycle.

Ten Ways to Squander IT Governance Resources

1. Enforce bureaucratic processes without explaining the context.

2. Include overlapping layers of oversight.

3. Create reports that nobody can understand.

4. Lock developers out of the code.

5. Take a department-wide approach.

6. Maintain a hyper focus on perfection.

7. Apply IT governance to only one aspect of the development cycle.

8. Don’t track the cost and/or time savings IT governance provides.

9. Re-create similar policies.

10. Assume that existing IT governance resources cover compliance.

Additionally, according to M. Brian Blake, “You need to figure out ways to show the interconnections across different departments and across the organization. If you have dashboards to visualize the infrastructure, you get a clearer picture. That’s a very difficult thing to do, but if you can figure out a way to do this, more people would get on board with governance.”¹⁹

Supporting Intersecting Roles While Avoiding Duplication of Effort

If we can agree that successful IT governance requires cross-company effort, it stands to reason that each part of the organization better understands the others’ roles and responsibilities. This helps reinforce the company’s strategy with regard to IT governance and avoids duplication of effort.

The first step to achieving this is to create a Corporate IT Governance Council. As mentioned earlier, this overseeing council would be made up of representatives from each part of the organization so that the business and IT needs of the entire company are addressed. Depending on the size of the company, the Council could also include top customers and partners. As an adjunct to the Council, customers and partners would be invited to quarterly or semiannual meetings to provide feedback and help set future direction.

Echoing the value of the Corporate IT Governance Council, IT industry analyst Joe McKendrick says, “The best approach to introducing governance is through a cross-functional team representing major departments.”²⁰

To avoid duplication of effort, the Corporate IT Governance Council would also be responsible for the following activities based on its cross-company role that spans IT and business.

From an IT perspective, the following activities are included:

• Approving the creation of and any future software changes to IT policies.

• Determining best practices to be followed

• Evaluating and validating IT policies

• Managing and monitoring IT policies

• Providing realistic product development time frames and tracking them against associated costs per project

From a business perspective, the following activities are included:

• Coordinating governance efforts as they support compliance requirements

• Determining the soft ROI requirements, including productivity, performance, and customer satisfaction and retention

• Determining the hard ROI requirements, including costs of training, software, professional services, development staff, and related fixed costs

• Establishing realistic benchmarks to track hard and soft ROI

Commitments and Responsibilities

The level of commitment among senior executives and the Corporate IT Governance Council will be critical to sustaining its momentum and success. To illustrate the Council’s importance to the organization, the following criteria should be in place:

• Succession planning: Sufficiently prepare for turnover on the Council, whether it’s through attrition or retirement. Groom future members through training, periodic participation in meetings, and remuneration.

• Anonymous employee feedback: Although the Council is a fair representation of the entire organization, it is the Council’s responsibility to solicit feedback from non-Council members to ensure a realistic view of the organization’s activities.

• Recognition by senior management: Council responsibilities should account for no more than 15 percent of each employee’s 40-hour workweek. It can’t be considered an extracurricular activity or a volunteer position, or the results will be mixed. Senior management needs to recognize this commitment and hold the managers of Council members responsible for balancing their workload so that their primary jobs and Council responsibilities don’t conflict. Additionally, the role of the employee on the Council should be factored into performance reviews.

Additionally, senior executives are legally responsible for providing transparency into the organization, whether it’s for the purpose of financial reporting or adhering to compliance regulations. As you’ve learned, there is a fine line between legal responsibility, ethical responsibility, and commitment to product quality when it comes to taking ownership of headline-making glitches. Here are some ways to better address this:

• Require ongoing certification for software developers and users of medical equipment if the technology is made to help address life-threatening illnesses.

• Invest in “unplanned” visits by third-party evaluators who will extract random code for quality assurance purposes.

• Engage government agencies such as the Federal Drug Administration (FDA) or Environmental Protection Agency (EPA), and lobby for the creation of additional certifications for IT vendors to validate their products and services.

It’s also important to recognize that IT governance doesn’t have a one-size-fits-all approach. The variables that will determine how much or how little governance is applied include corporate culture, industry, business model, size of the organization, percentage of offshore development work, and the like. Each company needs to weigh the factors most important to it and apply appropriate IT governance policies against them.

Ten Questions: A Checklist to Determine Criteria for Success

Kim Kazmaier, a senior IT architect with more than 30 years of industry experience, primarily in the financial services sector, believes that success with IT governance “begins with a commitment to execution quality from the top of an organization expressed in clear goals. These goals get refined into more and more measurable goals throughout the IT organization.”²¹

These goals that Kazmaier talks about should be aligned with established criteria to determine the success of IT governance efforts. After all, in the near future, IT governance won’t be an “if” question; it will be a “when.”

Christian Neau, engagement manager at IT consulting organization Freeborders, collaborated with me on the following list of questions. They help determine the key criteria for success when it comes to evaluating the benefits of IT governance efforts and related investments:

1. Is IT governance supported and enforced by management?

2. Are developers on board?

3. Is IT governance viewed as a strategic corporate initiative?

4. Does it foster transparency and accountability?

5. Will it ease integration of new technologies or infrastructures resulting from a merger?

6. Does IT governance drive positive behavioral changes?

7. Does it provide value to all stakeholders?

8. Is it as lean and efficient as possible?

9. Would the infrastructure stand up to an unplanned audit?

10. Has IT governance resulted in the reduction of software errors?

The Way Forward

Until we reach the point where IT governance is fully automated and part of the fabric of the software development cycle, we will continue to read a steady stream of glitch-related headlines and see the financial impact on businesses, consumers, and society as a whole.

In the near future, we will see more widespread glitches. When their impact becomes impossible to ignore, business leaders will initiate more conversations about the quality of software development practices. This, in turn, will give rise to the need for more structured approaches to IT governance.

As we usher in this next wave of IT governance awareness, we need to avoid an extreme pendulum shift, much like we saw with compliance efforts such as Sarbanes-Oxley. Governance doesn’t need to be a necessary evil or a bloated line item. The role of IT governance is to improve the software development process so that better-quality products are distributed to the market.

In the words of IT industry analyst Dana Gardner, “The power of modern software and services comes from a community and ecosystem of participants, variables, technologies, suppliers, and support. This diversity is both a strength and weakness. When a software problem leads to a donnybrook of finger-pointing, recriminations, dodges, denials, and failures to trace the causes and effects, then the breakdown is not technical. It is a governance breakdown. Rules of the road must be declared, distributed, understood, and enforced throughout the software life cycle, and this should not be different for software than it is for materials or supply chain-based manufacturing, or food processing.”²²

How we go forward from here will depend on a variety of factors:

• Executive awareness and support of company-wide IT governance

• Managers who enforce IT governance policies and best practices

• Developers asking for governance to help create better software products

• Customers demanding more stringent development processes

• Governments requiring well-defined IT governance thresholds

• Partners demanding validation of the quality of the infrastructure that they are intersecting

• Service providers guaranteeing the integrity of their cloud infrastructures

• Outsourcers adhering to quality controls established by the client

• Academia stressing the business relevance of IT governance in higher-education curricula

Let me sum things up with some final observations:

• We have a generation of best practices to draw on for the design, implementation, and maintenance of our competitive businesses. Let’s turn our innovations inward and demand higher standards across the board in terms of software quality.

• We will constantly face increasing pressure to do even more with less. To get ahead of this trend, we need to equip our IT workforce with the training and technology that will enable all of us to avoid disruptions in the economy that are rooted at the keyboard.

• Streamline the infrastructure wherever and whenever possible to enable transparency at every level.

Innovation built the IT industry and made it a fundamental driver of the world’s economy. Today, IT permeates every facet of our consumer and daily experiences. It is not just the critical substrate of our business; it’s embedded in the fabric of our cultural existence. While there’s no denying that technology has been a catalyst for positive change throughout the world, the reality is that in many ways, it’s still in its nascent stages despite its radical impact on our personal and business lives.

I believe all the industry shifts described in this book represent an interesting challenge. It’s a challenge that will push us technologically and intellectually, and we will continue to see positive outcomes from our investments in this industry as we collectively contribute to the next big thing.

I hope you found the facts and observations in this book eye-opening, thought-provoking, and meaningful. I also hope that, if you work in the IT industry, you will take pride in and outright gratification from the magnitude of your contributions to date and the lasting effects they will have on the next generation.

Endnotes

1. The Performance Factory. Strategy Execution Barometer. 2007 Executive Conference.

2. United States Bureau of Labor Statistics. Occupational Handbook 2010–2011.

3. Europa press release. Consumer Rights: Commission Wants Consumers to Surf the Web Without Borders. May 5, 2009.

4. OUT-LAW News. “Software company’s liability clause was not ‘reasonable,’ says High Court.” May 5, 2010. http://out-law.com/page-11011.

5. International Organization for Standardization.

6. International Organization for Standardization. Processes and Procedures. http://www.iso.org/iso/standards_development/processes_and_procedures.htm.

7. Australian Competition & Consumer Commission. “Effective recalls, better information, safer consumers.” May 27, 2010.

8. Interview with Lynn Cox by Kathleen Keating. February 2010.

9. eWeek. “How to Speak Geek: Decoding Programmer Jargon.” Darryl Taft. May 28, 2010.

10. Interview with Yakov Sverdlov by Kathleen Keating. April 2010.

11. Interview with Chuck LoCurto by Kathleen Keating. May 2010.

12. Interview with Dana Gardner by Kathleen Keating. February 2010.

13. Interview with Sandy Carter by Kathleen Keating. March 2010.

14. CIO magazine. “The State of the CIO Survey.” December 15, 2009/January 1, 2010.

15. Interview with M. Brian Blake, PhD, by Kathleen Keating. January 2010.

16. Interview with Christian Neau by Kathleen Keating. May 2010.

17. Interview with Joe McKendrick by Kathleen Keating. February 2010.

18. Interview with Yakov Sverdlov by Kathleen Keating. April 2010.

19. Interview with M. Brian Blake, PhD, by Kathleen Keating. January 2010.

20. Interview with Joe McKendrick by Kathleen Keating. February 2010.

21. Interview with Kim Kazmaier by Kathleen Keating. February 2010.

22. Interview with Dana Gardner by Kathleen Keating. February 2010.