Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Value of 'software and IT' Quality-Le Point du LIEGE science park-29 avril 2016

390 vues

Publié le

With his experience of business developer and capital risker, specialized in IT, Geert Janssen introduces the investor's point of view, to evaluate the quality of a company from an IT perspective throughout the investment life cycle.
Une conférence organisée par l'Interface Entreprises-Université de Liège, le 29 avril 2016.
Invité : ENTRUST IT

  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Value of 'software and IT' Quality-Le Point du LIEGE science park-29 avril 2016

  1. 1. © 2014 Deloitte Fiduciaire1 The  value  of  your  ‘so/ware  and  IT’-­‐  quality  :     what  about  the  investor's  point  of  view?   Geert  Janssen,  Managing  Partner   ENTRUST-­‐IT   29-­‐04-­‐2015   L'Interface  vous  donne  rendez-­‐vous  chaque  mois  au  LIEGE  science  park,  pour  faire  le  point,     avec  un  conseiller  en  innova=on,  sur  une  mesure  en  lien  avec  vos  préoccupa=ons.     Une  ini&a&ve  de
  2. 2. The value of your ‘software and IT’-quality: what about the investor’s point of view Geert Janssen 29/4/2016 29/04/16 2
  3. 3. Today’s question: what about the quality of your software and your IT organization? 29/04/16 3 Does it affect the value of your company/ investment? Should you worry about it?
  4. 4. We will cover the following aspects ... !   the need for a consistent approach and tooling to assess the maturity of the company from an IT perspective !   the added value of quality assurance throughout the investment lifecycle !   IT risk assurance dimensions and approach !   expressing risk responses in terms of IT objectives !   the use of software quality assurance in practice (examples). 29/04/16 4
  5. 5. WHO ARE WE? A Quick Introduction 29/04/16 5
  6. 6. My background 29/04/16 6 [founder & managing partner] [partner] [senior manager] [associate partner] [Master Applied Economics] ‘95 ‘95 ‘07 ‘08 ‘10
  7. 7. 29/04/16 7 Strategy & Innovation IT & Project Management Governance, Risk & Quality Assurance •  CIO-As-A-Service (IT Management) •  PQA-As-A-Service (Project Management) •  Advisory Services (Transformation Planning) (Business Model Design) (Value Proposition Design) (Capability Modeling) (Package Selection) •  IT Risk & Assurance Services (Quick Scan / Due Diligence) (Capabilty Maturity Assessment) (Software Quality Audit) (Usabilty reviews) •  PQA-As-A-Service (Solution & Delivery Excellence) IT-driven Business Transformation
  8. 8. THE NEED FOR A CONSISTENT APPROACH AND TOOLING TO ASSESS THE MATURITY OF THE COMPANY FROM AN IT PERSPECTIVE Why should I worry? 29/04/16 8
  9. 9. The Problem – Technical Debt 29/04/16 9
  10. 10. The Solution – Holistic Approach 29/04/16 10 Industry benchmarks / Roadmap reviews Landscape analysis Function Point / Feature Analysis Maturity Assessments Application Audits Skill Assessments
  11. 11. QUALITY ASSURANCE THROUGHOUT THE INVESTMENT LIFECYCLE A continuous exercise 29/04/16 11
  12. 12. IT Risk & Assurance - Approach 12 What price should we pay? > focus: value for money Should we invest? > focus: value assessment, risk mitigation Assure IT is managed well! > focus: continuous improvement / quality control, value augmentation Provide transparancy! > focus: safeguard value Similar process across the investment lifecycle however focus differs! Dealflow phase (1) IT Quick Scan Due Diligence phase (2) IT Due Diligence Nurturing phase (3) IT Risk Assessments Divestment (Exit) phase (4) IT Vendor Due Diligence
  13. 13. IT Risk & Assurance – 4-Step Process Scoping Preparation & Identification Research & Analysis Report & Remedy 29/04/16 13 -  Lifecycle status -  Investor focus -  Assess IT Resources & gather evidence -  Perform a scenario analysis -  Assess IT Control Areas -  Generate health factors -  Identify threats / risks -  Analyze frequency & impact in terms of Risk Appetite/Tolerance -  Analyze technical metrics -  Express Risk Responses in terms of IT Objectives (business terms) -  Define remediation plan
  14. 14. IT RISK ASSURANCE DIMENSIONS What should we be looking at? 29/04/16 14
  15. 15. IT Risk & Assurance - Dimensions 29 avril 2016 15 Value Maturity Risk •  Balance IT risks versus risk tolerance (continuity, compliance, …) •  Value to the Company •  Technical Debt •  Organization •  Process •  Product •  Which risks are acceptable? •  To what extend does IT contribute to the overall business objectives? •  What hidden costs are present? •  Where are we today and where should we be?
  16. 16. EXPRESSING RISK RESPONSES IN TERMS OF IT OBJECTIVES How to communicate? 29/04/16 16
  17. 17. IT Resources 29 avril 2016 17 Strategy Organization Processes Applications Data Infrastructure
  18. 18. Strategy Organization Processes Applications Data Infrastructure IT Resources vs IT Objectives (4 A’s) 29 avril 2016 18 Agility Accuracy Access Availability
  19. 19. Strategy Organization Processes Applications Data Infrastructure IT Resources vs IT Objectives (4 A’s) 29 avril 2016 19 AccuracyAvailabilityAgility Possess the capability to change with managed cost and speed
  20. 20. Strategy Organization Processes Applications Data Infrastructure IT Resources vs IT Objectives (4 A’s) 29 avril 2016 20 Agility AccuracyAvailabilityAccuracy Provide correct, timely and complete information that meets the requirements of management, staff, customers, suppliers and regulators.
  21. 21. Strategy Organization Processes Applications Data Infrastructure IT Resources vs IT Objectives (4 A’s) 29 avril 2016 21 Agility Accuracy AvailabilityAccess Ensure appropriate access to data and systems, so that the right people have the access they need and the wrong people do not.
  22. 22. Strategy Organization Processes Applications Data Infrastructure IT Resources vs IT Objectives (4 A’s) 29 avril 2016 22 AvailabilityAvailability Keep the systems (and their business processes) running, and recover from interruptions Agility Accuracy Access
  23. 23. THE USE OF SOFTWARE QUALITY ASSURANCE IN PRACTICE Examples 29/04/16 23
  24. 24. Software Quality Audit Process 29/04/16 24 !   We follow a 4-step process. !   Continuous improvement is key. !   A typical exercise requires between 5 and 10 man days of work. !   Maximum 2 à 3 iterations per year, mostly only 1 per year!
  25. 25. Opening IT assurance discussions 29/04/16 25 !   Developers –  Most developers have limited ideas on the quality of their code. –  Hence, a typical eye-opener. !   Management –  Easy to interpret quality dashboard, also for IT illiterate resources. –  Sound basis for enabling discussions on the value of IT assurance, which are typically neglected as focus is on creating marketshare.
  26. 26. Linking payment milestones to improvements 29/04/16 26 !   A basis for the investment manager to manage the investment based on facts & figures. !   A means to agree upon improvement actions and potentially linking those to payment milestones.
  27. 27. Mitigating Investment Risk 29/04/16 27 !   One should typically run the application audit on a dedicated machine forcing the development team to handover all required source code items (dll’s, certificates, …). !   In most cases compilation is an issue in terms of missing components, hardcoding, … !   In one case it took us 2 weeks to get the platform compiled correctly!
  28. 28. Assuring minimum level of documentation 29/04/16 28 !   Code documentation is important as change of ownership during startup years is likely to happen more often than within mature/stable environments. !   Additionally, lack of documentation ‘outside’ the code (e.g. functional design) is typically higher in startups than in more mature organizations.
  29. 29. Assuring minimum level of documentation 29/04/16 29 !   Our focus on improving code documentation is especially important for the complex (McCabe Cyclomatic Complexity) code areas.
  30. 30. Identifying organization weaknesses 29/04/16 30 !   Code audits often identify weaknesses in the organization. !   As a consequence we agree with the organization to focus on improving their weaknesses through hiring/training.
  31. 31. Assuring continuous improvement 29/04/16 31 !   Health factor ‘scores’ as such are relative and often result in discussions. !   More important is to agree upon continued positive evolution and link commitment of continued evolution into a contractual agreement. !
  32. 32. Being transparent is key 29/04/16 32 !   Having ‘red’ scores is not a shame. !   Knowing where to focus on and having insight into areas for improvement is more important. !   Being transparent on weak spots during exit discussions is more important than not knowing where you stand. ! => Any weak spot identified during due diligence will jeopardize your negotiation position.
  33. 33. A trigger for re-engineering !   Assessing application quality – as opposed to code quality only – allows to discover a potential ‘spaghetti’ architecture. !   Resulting in revising the entire architecture and identifying modules / components for renewal. 29/04/16 33
  34. 34. Agreeing upon corrective actions !   Added value of having end-to-end view in limited time compared to manual audits. !   Limited involvement required from development team. !   Final presentation to present / discuss the results during a half / one day workshop. !   Goal is to confirm / agree upon corrective actions. 29/04/16 34
  35. 35. IS SOFTWARE AND IT QUALITY IMPORTANT FOR AN INVESTOR? In Synopsis 29/04/16 35
  36. 36. ... Yes, it is! !   If you don’t measure you don’t know !   One reaps what one sows !   Moving in the right direction as of day 1 is key !   A means to professionalize the organization !   ‘Conditio sine qua non’ during exit discussions 29/04/16 36
  37. 37. How  to  contact  us?   -­‐  for  discussion  purposes  only  -­‐   37   www.entrust-­‐it.be   info@entrust-­‐it.be   +32  2  50  30  620   entrust-­‐it  CVBA   Keizerinlaan  66   1000  Brussels   Belgium     29/04/16  

×