Managing the Application Lifecycle to Reduce Risk and Trim Costs

Organizations embrace outsourcing without thinking about how they’re going to manage external applications and services

Governance is a fact of life in the post-Sarbanes Oxley IT landscape, but it’s not just about compliance. Many organizations are embracing governance strategies as a means to cut costs and eliminate wasteful IT spending.

Two big sources of IT waste are unplanned application downtime and, paradoxically, outsourcing—both to domestic and offshore providers. Unplanned application downtime, for starters, amounts to a permanent drag on an IT organization’s bottom line: a Forrester study earlier this year estimated that application-performance and availability issues can cost up to $100,000 per hour.

According to Ash Owens, director of product marketing with change management specialist Serena Software, one of the biggest contributors to unplanned application downtime is ongoing maintenance and development. Not surprisingly—given Serena’s vested interest in the space—Owens argues that organizations need to embrace change management solutions as a means to effectively control persistent, and costly, application performance problems.

“IT has been reducing cost for the last three or four years, and it’s now got to the point where you can’t squeeze much more out. What we’re bringing to the party is a vertex that no one else is touching. Our solutions help [customers] get established, defined, repeatable processes across the application lifecycle,” Owens comments. “When you think about it, the ramifications of unauthorized, untested changes and production downtime can have very serious implications, not just in terms of cost, but also if you are subject to regulatory requirements.”

Owens touts Serena’s ChangeMan application lifecycle management tool as a means to coordinate and automate processes like application development, maintenance, and modernization.

He says ChangeMan’s approach—which stresses process and repeatability—coincides neatly with trends in application development, such as Carnegie University’s renowned Capability Maturity Model (CMM) and Capability Maturity Model Integrated (CMMI) assessments. “IT is now assuming more and more responsibility for running the business, and that means that they themselves are looking to establish and put into place best practices and processes. It’s all a process, it’s all about defined repeatability,” he argues.

That’s especially true for outsourcing efforts, which organizations typically embrace as a means to save money by reining in wasteful IT spending. The paradox, says Owens, is that few organizations give much thought to how they’re going to integrate projects that have been outsourced with their own internal systems—at least in the context of application lifecycle management.

“That really goes hand in hand with having control, predictability, and insight into what you’re doing [and] how you’re doing it. It becomes increasingly complex because we’ve seen an increasing uptick in the number of organizations that are leveraging offshore development expertise, and that increases the necessity to coordinate and orchestrate change across the organization, which is pretty much more distributed than it ever has been before,” he explains.

And then there’s compliance, which is a fact of life for all publicly traded companies, as well as many non-profit organizations (such as public utilities and healthcare systems). Because application performance and availability issues can impact an organization’s operations, companies are embracing lifecycle management tools like ChangeMan to more effectively manage their risk.

“Of the top concerns and business pressures, the number one feedback we had was risk management. We don’t just mean the risk to the application, it’s the risk to the business,” he concludes. “And that’s predicated on the fact that more and more organizations are now highly dependent on their business-critical applications, and if something goes wrong, it can impact share holders, it can impact the company, it can be a legal problem, it can be a regulatory compliance issue.”

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.