Managing Risk, Avoiding Disruption

by

backup driveI’ve written quite a bit about the spate of businesses that have suffered some form of disruption over the last few months – security breaches at Sony, Android malware attacks, system outages at the London Stock Exchange, operational system failures on London’s East Coast Line and numerous others. All these cases have had one thing in common: they all have had software structural issues as their root causes.

One recurring question arises from these failures, “How does a company avoid the structural flaws that lead to business interruption?”

CAST, in conjunction with Gartner, has released a white paper that discusses the importance of mitigating risk in software and avoiding the failures that plague businesses. The paper, titled, “Software Risk Management: A Primer for IT Executives,” makes the case that structural quality is the key to reducing the risk of business disruption.

Modern Goals, Modern Problems

Gartner Research Director Thomas Murphy, whose research is included in the white paper, notes that software quality is often a poor misnomer for the current practice of risk management applied by most companies. When it comes to practices and scheduling in software projects, the focus is not to drive quality but to mitigate delivery risk. However, as organizations seek to drive down maintenance costs and adapt to the shorter project life cycles found in agile practices, it’s equally or more important to focus on reducing the risk of business disruption.

As the CAST white paper shows, structural quality is essential for managing the root drivers of IT costs and business risks in mission-critical applications. Unlike the quality of the process by which software is built, enhanced and maintained, functional, non-functional and structural quality have to do with the software product itself – the asset that generates business value.

Accurately analyzing and measuring the quality of an application (which typically has a large number of components interconnected in complicated ways, and connections with databases, middleware and APIs) is monstrously complex. It can only be accomplished with an automated system that analyzes the inner structure of all components and evaluates their interactions in the context of the entire application.

More about the importance of focusing on structural quality and reducing business disruption risk is available in the Gartner-CAST white paper. An executive summary of the white paper is also available.

Filed in: CAST News
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Jonathan Bloom
Jonathan Bloom Technology Writer & Consultant
Jonathan Bloom has been a technology writer and consultant for over 20 years. During his career, Jon has written thousands of journal and magazine articles, blogs and other materials addressing various topics within the IT sector, including software development, enterprise software, mobile, database, security, BI, SaaS/cloud, Health Care IT and Sustainable Technology.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|