Portfolio Triage

by

We are heading into everyone’s favorite season.  No, not the kids going back-to-school or the leaves changing into a riot of fall colors -- it’s budgeting season!  Once again it’s time to make plans and set budgets for the next 12 months.  Yet the enterprise architecture is a mess (or non-existent), your portfolio management process has yet to get out of the starting gate, and you need to reduce overall spend by 8%.

Déjà vu all over again. – Yogi Berra

It’s unlikely that you have the budget to call in a fancy consultant with an expensive suit, and even if you did, you’re not sure you can get them the information they would need anyway.  So you’re doomed to create your plan with virtually no objective information and a handful of (competing) suggestions from your team.

Not so fast!  This year let’s try something a bit different that we’ll call Portfolio Triage.

CAST-portfolio-triage-photo-medical-troops.png

Portfolio Triage is a rapid assessment of your application portfolio that can help to assign priority to projects on the basis of where funds and other resources can be best used, are most needed, or are most likely to achieve success.

Three rules of Portfolio Triage:

  1. Measure only what will influence decisions.
  2. Identify tools that simplify measurement.
  3. Act on critical and short-term issues first.

Measure only what will influence decisions

Financial Data: Get as much cost information as you can about the applications in your portfolio. Ideally you want the Total Cost of Ownership, but in reality you really only need data that can be “defended” if challenged. Start with the current year’s ADM costs and the requested staffing for the upcoming year. Also be sure to gather information about the system owner and functional areas the system supports.

  • Recommended data to collect: Number of developers, QA and Project Management costs to support the system

System Data: This is where people tend to go overboard. Instead, consider a nutrition label approach -- yes, like the black and white label on your food. The aim is to gather the fundamentals that help align comparison of systems along basic dimensions.

CAST-portfolio-triage-photo-nutrition-label
Sample IT Nutrition Label
  • Recommended data to collect: Number of end users, age, size, technology stack, system type

Risk Data: Leverage standard definitions and assessments of risk. If you ask stakeholders how happy they are with a system or developers whether they think a system is reliable, you end up with indefensible conjecture -- hardly something you want to build your plan around. There are third-parties that provide clear standards that can be used as objective measures and can be compared against industry or peer performance. For example the Consortium for IT Software Quality (CISQ) publishes standard definitions of good software and provides guidance on how best to measure it. But remember, don’t get carried away!  Focus on short term risks and complexity that create the potential for system outages or failures.

  • Recommended data to collect: Production risks, maintainability risk, system complexity

Identify tools to simplify measurement

To be more accurate, the rule should be to identify the right tools to simplify measurement. There are many options available that claim to support portfolio analysis, project portfolio management, IT inventory, and so on. I’m sure that your organization has spreadsheets developed internally that claim to do the same. The reality is that most tools are too big for what is needed for effective budgeting and spreadsheets may help a manual process but they cannot scale across large enterprises. Additionally, budgeting is a seasonal activity performed under tight time and resource constraints and typically it’s supported by a small staff that relies on other technical departments to help gather the information. It’s important to find tools that fit this process and cadence, and reduce the reliance on other departments to make the budget team more effective and autonomous.

Effective portfolio triage tools:

  • Enable data collection without creating data burdens that will never be fulfilled
  • Provide analysis that cannot be performed manually
  • Enforce a standard process that low maturity organizations can adopt easily
  • Leverage industry standards to reduce data collection scope creep
  • Offer benchmarking against industry peers as well as internal systems
  • Support your organization’s internal reporting processes
  • Prevent gaming or bias

Act on critical and short-term issues first

Armed with objective facts, you should move quickly to resolve short-term risks. Any critical systems that have significant risks should be immediately flagged for further investigation before any funding decisions take place.

Chances are that most of this activity is not planned and therefore unfunded, so it’s a good practice to look for self-funding opportunities. The ability to identify decisions that lead to quick wins or fast savings helps to fund this process. Examples of quick wins:

  • Standardize across the portfolio: Now that you have an inventory of the portfolio, can you standardize on a specific vendor? Can you leverage a consolidation to improve licensing costs? Or improve your leverage position? What’s the value to you and your procurement team to reduce the number of vendors?
  • Identify redundancy: Your portfolio triage exercise provides a standard classification of systems by technology and function. Can you now identify redundant systems that you are supporting? Or is there any proposed new project or enhancement effort that is clearly redundant with a field system? Having a standard classification and high-level characterization of each system’s health and complexity supports rational decisions to eliminate, consolidate, or reject new projects.
  • Scrutinize low quality or low business value applications: Simply armed with insight on the systems that are underutilized, low value, or have quality issues should be enough ammunition to suggest the retirement or elimination of these systems. Not only will you free up maintenance budget, but by reducing the overall the size and complexity of your portfolio you will improve your overall operational effectiveness.

Summary

While managing IT portfolios is typically not a life or death situation, making poor IT planning and budgeting decisions oftentimes has significant consequences to the business. The concept of Triage may have been originated during the Napoleonic Wars, but the concept it still relevant today for any conditions that lack time or resources.

Rather than soldiering forward with little or no insight into the portfolio you are asked to care for, perhaps its time to use a simple yet effective process to identify where expending resources will result in the best value.

How would it affect your 2014 planning and budgeting decisions if you understood which systems are likely to thrive, those that are likely to die regardless of the care they receive, or those systems where immediate care might make a positive difference in outcome?

The budgeting season will be over before we know it, so perhaps it’s time to see how a portfolio triage solution can improve visibility into your systems before you budget for them.  CAST Highlight provides rapid portfolio analysis of entire application portfolios, unveiling code quality and cost drivers creating visibility into how best to plan your resources.

Take a free trial stat!

Filed in: Portfolio Analysis
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Pete Pizzutillo VP Corporate Marketing at CAST
Pete Pizzutillo is Vice President of Corporate Marketing at CAST. He is responsible for leading the integrated marketing strategies (digital and social media, public relations, partners, and events) to build client engagement and generate demand. He passionately believes that the industry has the knowledge, tools and capability such that no one should lose customers, revenue or damage their brand (or career) due to poor software. Pete also oversees CAST’s product marketing team whose mission is to help organizations understand how Software Intelligence supports this belief. Prior to CAST, Pete oversaw product development and product management for an estimating and planning software company in the Aerospace and Defense market. He has worked in several industries in various marketing roles and started his career as an advertising agency art director. He is a graduated of The Pennsylvania State University with degrees in Business Administration and Art. Pete lives in New Jersey with his wife and their four children. You can connect with Pete on LinkedIn or Twitter: @pizzutillo.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|