Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Lectura 2.5 don t-just_maintain_busin


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Lectura 2.5 don t-just_maintain_busin

  1. 1. For: Application Development & Delivery Professionals Don’t Just Maintain Business Applications, Raise Business Responsiveness by Paul D. Hamerman, Randy Heffner, and John R. Rymer, June 18, 2013 Key Takeaways Your Continuous Improvement Strategy Must Encompass Four Categories Of Application Change The newest and most powerful type of application change is business empowerment: giving businesspeople the ability to directly change an application with minimal IT involvement. The other three are application enhancements and integration, planned and unplanned maintenance, and version upgrades for off-the-shelf applications (including SaaS). Business Empowerment Is Often Available Out Of The Box Whether it’s visual tools to adjust the user interface or built-in tools for deep customization of process flows, business rules, and data schema, off-the-shelf applications (both on-premises and SaaS) increasingly come with empowerment tools. And if they don’t, you can use traditional middleware or new productivity platforms to add it on. Architecture Is As Important For Continuous Improvement As It Is For Big Transformation Projects Enhancement projects can have a limited scope and a get-it-done-now character that can lead to sacrificing architectural integrity and building up technical debt. Instead, translate your architecture strategy for enhancement teams; pay close attention to teams’ architecture skills and to reviewing the architecture approach for each enhancement. Examine New Options For Application Maintenance And Learn New Lessons For SaaS Upgrades For the maintenance of on-premises off-the-shelf applications, new options like managed maintenance services and third-party support are emerging. For SaaS, it’s a myth that no work is required for upgrades: Your teams must review, understand, and potentially react to what’s coming -- and you’re on a forced march to the upgrade deadline. Forrester Research, Inc., 60 Acorn Park Drive, Cambridge, MA 02140 USA Tel: +1 617.613.6000 | Fax: +1 617.613.5000 |
  2. 2. For Application Development & Delivery Professionals June 18, 2013 Don’t Just Maintain Business Applications, Raise Business Responsiveness Continuous Improvement: The Business Applications Playbook by Paul D. Hamerman, Randy Heffner, and John R. Rymer with Mike Gilpin and Nasry Angel Why Read This Report While big projects such as delivering new off-the-shelf or custom-built applications help your organization achieve excellent business outcomes, sustaining these outcomes requires that your applications keep changing. Application development and delivery (AD&D) pros need a continuous improvement strategy to manage a constant stream of changes ranging from enhancement projects to periodic upgrades of offthe-shelf applications (both on-premises and software-as-a-service [SaaS]). To achieve this, firms often use business process management (BPM), business rules, and other approaches to make applications easier to change — including direct change by businesspeople. As the continuous improvement report of Forrester’s business applications playbook, this research provides best practices for application delivery teams as they plan their strategy for continuously delivering the highest business results from their organization’s application base. Table Of Contents Notes & Resources 2 Your Business Outcomes Need Continuous Application Improvement Forrester spoke with dozens of client companies via inquiries to understand their application concerns and challenges. We also analyzed survey data from Forrester’s Forrsights Software Survey, Q4 2012. 7 Balance Business Empowerment With Integrity Safeguards 10 Don’t Allow Ongoing Enhancements To Build Up Technical Debt 12 Create A Well-Oiled Machine For Planned And Unplanned Maintenance 13 Adopt Sustainable Practices For Application Upgrades recommendations 18 Build Continuous Improvement For Responsiveness And Results Related Research Documents Digital Business Design Is The New Integration November 8, 2012 Optimize Application Strategy To Generate Business Value May 30, 2012 Increase Business Flexibility By Embracing Future Trends May 24, 2012 © 2013, Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, RoleView, TechRadar, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. To purchase reprints of this document, please email For additional information, go to
  3. 3. For Application Development & Delivery Professionals 2 Don’t Just Maintain Business Applications, Raise Business Responsiveness Your Business OUtcomes Need continuous application improvement One of the perennial complaints directed at application delivery teams is that they spend too much effort on maintenance and not enough on delivering new functionality (see Figure 1). Similarly, top IT software investment priorities tend to focus more on rationalization and upgrades than on innovation (see Figure 2). Like a building or a car, which require regular maintenance to offset the wear and tear of constant use, your applications need regular maintenance to keep up with business and technology change — but whatever you spend on maintenance now, it would be better if you spent less. While you do need to impose a certain amount of discipline and hygiene, such as staying current on patches and upgrades, the good news is that your continuous application improvement strategy can incorporate options that not only reduce maintenance costs but also open new avenues for business responsiveness. Continuous application improvement is what happens between major delivery projects like implementing new off-the-shelf software or building new custom applications. Day-to-day operations keep your applications and your business running, while continuous improvement constantly adjusts your current application landscape so that it meets new requirements while delivering better and better business outcomes. Continuous improvement also keeps business outcomes from being degraded by unresolved application maintenance issues. Figure 1 Half Of IT Software Budgets Go Toward Maintaining The Status Quo “In 2013, approximately how much of your firm’s software spending will go to new initiatives and projects versus ongoing operations and maintenance?” New custom-developed software solutions 25% Ongoing maintenance 49% New software licenses 26% Base: 854 enterprise IT decision-makers Source: Forrsights Software Survey, Q4 2012 87361 © 2013, Forrester Research, Inc. Reproduction Prohibited Source: Forrester Research, Inc. June 18, 2013
  4. 4. For Application Development & Delivery Professionals 3 Don’t Just Maintain Business Applications, Raise Business Responsiveness Figure 2 Software Investment Priorities Favor Rationalization Over Innovation “Which of the following initiatives are likely to be your IT organization’s top software priorities over the next 12 months?” High priority Critical priority Support business requirements and corporate growth 45% Update/modernize key legacy applications 24% Consolidate or rationalize enterprise applications 48% 19% Upgrade packaged applications to a newer release 50% Rationalization 16% Increase our use of business intelligence, analytics, and decision support tools and services 47% 18% Invest in mobile applications for employees, customers, or partners Use custom development for better business support and/or differentiation 46% 42% 16% 38% 14% 38% Increase our use of software-asa-service (cloud applications) 12% 36% Expand use of Agile software development and processes 10% Embed social (social media, social networks, chat, etc.) into our business processes 7% Outsource application support and maintenance 5% Innovation 30% 26% 21% Base: 1,176 enterprise decision-makers Source: Forrsights Software Survey, Q4 2012 87361 Source: Forrester Research, Inc. Prepare For Four Major Categories Of Continuous Application Improvement . . . Although there is a vast array of different ways to change and improve applications, Forrester has identified four broad categories of continuous application improvement: ■ Application configuration and change through business empowerment. Vendors of off-the- shelf applications and SaaS services now provide a wide range of tools that allow businesspeople to directly change the way an application works with minimal or no involvement of application delivery teams. The available tools vary widely, but the primary options are application configuration property sheets, user interface (UI) customizations, social computing and collaboration facilities, business reporting and analysis tools, business rules, hierarchy models © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  5. 5. For Application Development & Delivery Professionals 4 Don’t Just Maintain Business Applications, Raise Business Responsiveness like organization charts, and business process authoring tools. Custom-built applications can incorporate similar mechanisms.1 Also consider complementing your business apps with a new productivity environment that empowers your business experts and analysts.2 Whatever options you employ, build business controls into your continuous improvement strategy so that businesspeople configuring the apps directly do not inappropriately affect business operations. ■ Application enhancements and integration projects. No amount of configuration by businesspeople will eliminate the ongoing need for technical people to make application changes. For both custom and off-the-shelf applications, this has traditionally included such items as reports, interfaces, customizations, and extensions/enhancements (RICE). For both mandatory enhancements (e.g., to meet new regulatory requirements, which may also carry arbitrary and fixed deadlines) and discretionary enhancements, your continuous improvement strategy must manage the process of deciding whether, when, and how to implement each change. The “how” carries particular risks in that — if done through an ongoing series of tactical, patchwork enhancements — an application can lose its architectural integrity and become a maintenance nightmare. ■ Planned and unplanned maintenance. Through regular updates (e.g., tax tables), security patches, and emergency fixes, both custom and off-the-shelf applications maintain robust and accurate operations. As part of your continuous improvement strategy, the challenge is to be sure that resources are available when maintenance must be done and that business operations are not disrupted (or are only minimally disrupted) in the process. ■ Version upgrades for off-the-shelf applications (including SaaS). Version upgrades of off- the-shelf applications are often one of the most difficult aspects of a continuous improvement strategy. As an electronics firm that we spoke with found, even SaaS application upgrades — which, the hype claims, are transparent — require careful assessment and planning for setting up new features or preparing guidance on how to use new functions. This is even more the case if the SaaS vendor gives you zero control over upgrades, thus placing you on a forced march to an upgrade deadline. That said, upgrades to on-premises applications typically require more work and planning than SaaS upgrades, making it appropriate to carefully consider the cost and value of the upgrade. And if you have modified the applications, on-premises upgrades are all the more difficult and expensive. . . . And Use Transformation And Discontinuity To Enable Continuous Improvement In addition to the four categories of continuous improvement, two major types of transformation and discontinuous improvement — major custom development projects and major conversions to a big new off-the-shelf application — can notably affect your strategy for continuous improvement because: © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  6. 6. For Application Development & Delivery Professionals 5 Don’t Just Maintain Business Applications, Raise Business Responsiveness ■ Transformation projects can increase the potential for direct change by businesspeople. You can reduce the strain on continuous improvement resources by including business configurability and change in your evaluation process for off-the-shelf applications or by building business rules or other dynamic capabilities into custom applications. ■ Strong architecture can make continuous improvement easier. By thoroughly assessing off-the-shelf applications’ architectures before you acquire them and by designing custom applications for change via good architecture practices like layered design, process management, service-oriented architecture (SOA), and embedded analytics (to track improvement metrics), you can reduce the effort and time required to analyze, design, and implement enhancements and extensions (see Figure 3). ■ Designing for high availability can reduce continuous improvement’s operational impact. Good architecture and careful deployment planning and design can also improve your ability to implement continuous improvement with zero or little downtime, depending on the design of the off-the-shelf or custom application. The challenge facing AD&D pros who want to excel at continuous application improvement is to establish a stable set of organizational structures, skills, processes, governance, and technology to accommodate a fluctuating and sometimes chaotic flow of improvement initiatives. Even when you have stable structures for continuous improvement, discontinuous improvement may well upset the apple cart, requiring changes like restructuring application support teams to accommodate a major new off-the-shelf application. If a new application includes functionality for custom configuration by businesspeople, it may require changes to implement, support, and govern self-service application change. © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  7. 7. For Application Development & Delivery Professionals 6 Don’t Just Maintain Business Applications, Raise Business Responsiveness Figure 3 Architecture Prepares For The Four Major Categories Of Continuous Improvement Discontinuous application improvement Major conversions to off-the-shelf software Continuous application improvement Empower business people to directly change applications. 1 Keep enhancements and integration on track with your architecture. 2 Business applications Architect and design for change Off-the-shelf (on-premises) Off-the-shelf (SaaS) 3 Major custom development projects Keep up to date with patches and security fixes. 4 Custom Plan, budget, and prepare for regular off-theshelf software upgrades. SECURITY SaaS Configure, don’t customize On-premises 87361 Source: Forrester Research, Inc. Craft Your Continuous Improvement Strategy Around Business Outcomes And Agility It’s easy for people to think of ways that applications can be better, and the potential deluge of enhancement requests poses a problem for your continuous improvement strategy: How do you decide which improvement opportunities to act on? It’s good to wade through the deluge and prioritize the ones that seem most important, but just because a proposed improvement seems important doesn’t mean that it is important. The electronics firm has process owners quantify the benefits using a role-focused, Scrum-like storyline: “As a [role], I want to be able to [new capability] so that [new outcome]. I know this is done when [measured result].” There are two lessons buried in this approach: ■ Look across applications at the business capability. The electronics firm entrusts process owners, not application owners, with enhancement prioritization and analysis. Although one major application may embody much of the process, the process owners analyze requests from a business-centric perspective, not an application-centric perspective. © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  8. 8. For Application Development & Delivery Professionals 7 Don’t Just Maintain Business Applications, Raise Business Responsiveness ■ Decide based on improvements to business outcomes. As part of process owners’ proposals to pursue enhancements, they must identify specific ways that business outcomes will be improved. Not all business outcomes can be measured precisely, and with a continuing stream of improvements, it may be difficult to determine which actual improvements came from which enhancements, yet the discipline of articulating how specific outcomes will be improved forces process owners to sift out nice-to-have requests from truly important ones. In previous research, Forrester identified a focus on business outcomes and business capabilities as central to an organization’s business technology future.3 Within a continuous application improvement context, “business outcomes” include: ■ Financial and nonfinancial outcomes. The three primary financial statements — balance sheet, cash flow, and statement of operations (income statement) — are the starting point for analyzing continuous improvement opportunities. Just as important are nonfinancial outcomes like customer satisfaction, business agility, and process cycle time, which tend to function as indicators of your organization’s future financial outcomes. ■ Business and “business of IT” outcomes. Application upgrades and maintenance are often difficult to justify because they deliver few, if any, improvements to business outcomes that are visible to businesspeople. In such cases, a clear understanding of IT cost and business risk (e.g., unpatched application failure) may tip the scales by making clear that, as IT is part of the business, improving IT’s business outcomes improves overall business outcomes. Continuous improvement of business applications and business outcomes also requires managing the people aspects of change, which is the discipline of change management. Using a three-phased approach, the organization must get ready for change, make it happen, and reinforce the changes as the new normal.4 BALANCE BUSINESS EMPOWERMENT WITH INTEGRITY safeguards Business outcomes are determined both by strategy and tactics, and the business empowerment aspects of your continuous improvement approach can help greatly in connecting the two. For example, a strategy to raise revenue through dynamic pricing requires the tactical ability to change pricing rules and decisions as needed. When pricing rules are locked away in code, only developers can change them. Thus, the businesspeople responsible for tactical execution often struggle to access and change the data, processes, and functions they need as they implement business change. Businesspeople take two actions to cope with this situation, both of which are application delivery nightmares: ■ Build “rogue IT” applications. The nightmares of rogue IT are known all too well. They include Excel spreadsheets containing out-of-date derivatives of corporate data, unscalable PC databases managing important data sets, team sites containing sensitive data but running in unprotected public cloud services, and idiosyncratic custom applications built by contractors. © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  9. 9. For Application Development & Delivery Professionals 8 Don’t Just Maintain Business Applications, Raise Business Responsiveness ■ Add impossible projects to the IT backlog. Impossible projects are those that are too small for overloaded application delivery teams to ever get to. These projects fester on the project list, feeding businesspeople’s distrust of AD&D’s ability to deliver. The problem is exacerbated when a strategy like dynamic pricing is not accompanied by dynamic applications, because it creates a new application change request every time the business develops a new pricing rule. As business cycles shrink, the need for continuous application improvement has become not just the source of application delivery nightmares, but also a barrier to business innovation and results. Any business innovation — both small ones like discount policy changes and big ones like new business processes — requires software to implement. Innovations must occur in time to grasp the opportunity or prevent the risk at hand. Who better to act in time but the business experts on the front lines? Equipped with the right tools, data, and guardrails, business experts can make tactical changes faster and more effectively than application delivery teams can. Business Expert “Development” Is Inevitable And Attainable . . . Your continuous improvement strategy must recognize this reality and harness the application delivery that businesspeople will continue to perform. Make rogue IT legal by guiding and managing it.5 There have never been better facilities for application delivery teams to do so than there are now. Application delivery teams now have two major options for empowering business experts to make changes to major applications: ■ Off-the-shelf applications increasingly expose configuration and extension tools. Many of these tools are now accessible to businesspeople, not just professional developers. Salesforce. com’s visual tools to configure its built-in customer relationship management (CRM) functions, including tenant permissions, set the bar for this generation of tools years ago. Even better, some off-the-shelf applications provide tools that allow deep customization of process flows, business rules, and even schemas by business experts. In general, the newer the application, the better its extensibility tools for business experts to make changes — and for application delivery pros to manage those changes.6 ■ Rules, process, and “productivity” platforms externalize business expert customization. Some firms customize their off-the-shelf applications by not customizing them; they use external environments that are better than off-the-shelf applications at managing fast-changing logic. Business rules and BPM platforms have a long history in this role. Both business rules and BPM platforms provide tools appropriate for business experts, testing, and deployment environments that allow for rapid changes.7 More recently, customers have used “new productivity platforms” from vendors like Cordys, Mendix, Microsoft (SharePoint), and OutSystems in a similar role. These products are highly productive for building new front-office processes, collaboration sites, and information workplaces — much more so than the typical off-the-shelf application managing transactional data. Some of these applications are built by business experts working outside of application delivery. © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  10. 10. For Application Development & Delivery Professionals 9 Don’t Just Maintain Business Applications, Raise Business Responsiveness . . . But Requires Two Foundations To Work Well Neither of these two major options for business expert empowerment is rogue IT; both enable business expert development in an environment managed by an application delivery team. Still, close attention to governance and work processes is required for business experts to play a productive role within your continuous improvement strategy: ■ Governance both empowers and protects. Some of the application changes that businesspeople make with these tools are localized and won’t threaten either the integrity of business operations or the application and the data it manages. Because UI and reporting configurations don’t change data, they won’t corrupt applications — although they could corrupt business operations. But deeper changes — to process flows, business rules, and user permissions, for example — can compromise both business operations and application integrity and so must be actively governed. The foundation of governance is change ownership: Which subject-matter experts can make which changes? How are those business changes validated, tested, and/or approved for implementation? What approvals are needed before a change goes live? Business change ownership, then, drives application architectures, change-management procedures, tooling, and tracking/auditing facilities. Your governance policies must be backed by a managed platform. Look for products that give application delivery the ability to centrally manage the deployment and operation of applications and/or customizations made by businesspeople. At a minimum, you need the ability to shut off bad modifications and roll back to the prior state. Ideally, the vendor will provide even greater visibility and control over all application changes. ■ Just like you, business experts won’t work for free. It’s one thing for a business expert to donate time every now and again to a software project, but you can’t build a strategy on pro bono work. Organizations that incorporate business experts into their software delivery strategies make designing and delivering solutions part of those people’s jobs. For example, a client shifted responsibility for defining and implementing new dynamic pricing rules directly to its pricing team in marketing from its application delivery organization. Organizations using Agile development processes often change subject-matter expert responsibilities to include time on software delivery project work. Use Discontinuous Improvement Projects To Promote Business Empowerment Business empowerment can improve business responsiveness and push your continuous improvement strategy miles ahead, but it requires preparation. Most importantly, preparation comes in times of discontinuous improvement as your teams either evaluate and select off-theshelf software that has built-in business empowerment or build empowerment into custom-built applications using BPM, business rules, productivity platforms, and other technologies. Once your applications have an empowerment foundation, ongoing enhancement can enable and extend it. To target and govern business empowerment: © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  11. 11. For Application Development & Delivery Professionals 10 Don’t Just Maintain Business Applications, Raise Business Responsiveness ■ Identify business change pressure points. Set priorities for business empowerment by identifying and analyzing key business pressure points where persistent problem areas demand flexibility and responsiveness. For one pharmaceutical firm we spoke with, the monthly sales compensation process was the pressure point. One way to identify new empowerment priorities is by monitoring enhancement projects and asking whether an appropriate empowerment mechanism could have prevented the need for the project. ■ Assess the risks of empowerment. Having identified a business empowerment opportunity, analyze the risks of direct business change before implementing it. Identify the ways that business might be disrupted if a process or rule is incorrectly changed. Identify whether and how a change can be tested before it goes live. Identify how a change can be quickly reversed if it does cause problems. Based on the analysis, set the boundaries within which business empowerment is safe. ■ Build in the process for changing the process. As you implement an empowerment-enabled mechanism, design not only the business process itself, but also the process for changing the process. Design and build appropriate business controls for change, such as reviews and approvals before a change goes live and audit trails to track what changes were made by whom and when. The pharmaceutical firm built controls for changing sales compensation worksheets into its process, as well as the ability for approvers to delegate approval rights when they are on holiday. Don’t Allow ongoing enhancements to build up technical debt A major continuous improvement challenge for enhancement projects is that their typically limited scope and get-it-done-now character can lead to sacrificing architectural integrity in the name of time-to-completion. Three major manifestations of this problem are: ■ The tyranny of today causes blindness to the future. While it is important for developers to find the fastest path to deliver today’s desired enhancement, it is also important that developers on future enhancement projects have a fast path for their deliveries. When today’s projects take shortcuts that impair your applications’ architectural integrity, tomorrow’s projects can be forced into either additional cost remediation efforts or more shortcuts that increase the size of your technical debt and push it farther into the future — until the day of reckoning comes. ■ Even small changes can negatively affect architecture. Junior developers are often assigned to minor enhancements and break-fix efforts. This is a reasonable starting place for them, yet their inexperience may mean that they are less aware of the potential to violate your well-defined architecture. For example, if they don’t realize the importance of SOA business services, they may insert a new line of business logic in the UI instead of in the business service, causing problems for future users of the service. And it’s not only junior developers who can make such mistakes. © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  12. 12. For Application Development & Delivery Professionals 11 Don’t Just Maintain Business Applications, Raise Business Responsiveness ■ Proliferation of SaaS-based point solutions can lead to tactical integration. Many SaaS applications are smaller point solutions that aim to do one thing well. Forrester talks to organizations where this dynamic leads to a proliferation of many point solutions, each with its own unique integration requirements and challenges. Although quick-and-dirty integration may keep all the application silos in sync, the efficiency of your business users and processes may become fractured across the silos. For example, a given user role may have to log into four separate applications to get one task done or process handoffs may fall into the cracks between the silos. What do these and other manifestations of tactical enhancement issues mean? Architecture governance is just as important to your continuous improvement strategy as it is to your major transformation projects. Connect The Work Of Each Enhancement Team To A Governed Architecture Strategy Protecting the integrity of your architecture is particularly important for your investments in business empowerment and application flexibility. To build architecture governance into your continuous improvement strategy: ■ Translate your architecture strategy for continuous improvement teams. Transformation projects typically engage all layers of your application architecture, but enhancement and maintenance projects may engage only a subset. Analyze the intersection between each team’s continuous improvement scope and your architecture strategy and ensure that each team is appropriately skilled. For example, a legacy mainframe team may need to know all about your service design strategy so it can correctly expose SOA services and APIs from legacy applications while needing to know virtually nothing about your mobile or business rules strategies. ■ Assess flexibility requirements when scoping enhancement requests. Update enhancement request templates and scoping processes to explicitly ask about patterns of business change and the need for flexibility. Ask whether similar enhancement requests have been made in the past or might be needed in the future. Ask how businesspeople might benefit if they could make the enhancement themselves in the future. Examine methods of business empowerment that they might use to implement the enhancement, particularly those that you already use in connection with the affected applications. ■ Explicitly state and review the impact on architecture in requirements statements. As you assess and prioritize enhancements, explicitly include statements of architecture impact in the scope statement for each enhancement. For example, for changes to a business process, designate how the requirements should be implemented in the face of BPM changes, business rules engine changes, updates to SOA services and APIs, data virtualization changes, database changes, and so on. Better yet, if you have a body of implementation patterns, specify the patterns to be used. Get a second pair of eyes, such as a solution architect, to review and approve the approach. © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  13. 13. For Application Development & Delivery Professionals 12 Don’t Just Maintain Business Applications, Raise Business Responsiveness ■ Tune enhancement governance to the skills of each team. For teams with a proven track record of strong leadership on your architecture strategy, less review and governance will be required. For junior developers, who are often assigned to maintenance projects to gain experience, careful mentoring is appropriate. Create a well-oiled machine for planned and unplanned maintenance The ongoing maintenance of business applications consumes significant IT resources: IT spending for ongoing maintenance and operations of applications averages 48.5% of companies’ software budgets.8 Typically, with off-the-shelf applications, the vendor provides certain maintenance services via a software maintenance agreement. Firms typically view this contract, which covers bug fixes, compliance updates, on-call technicians to help resolve problems, enhancements and version upgrades, software management tools, and educational materials, as an insurance or risk mitigation investment. Older and highly customized applications, however, are often not supported by a vendor maintenance agreement. Whether the software is covered by vendor maintenance or not, the IT organization is left with a substantial job to keep the applications running smoothly. This includes tasks such as applying and testing the software updates provided by the vendor; tuning the applications for performance; maintaining multiple software instances for production, testing, and user training; managing application security; and implementing configuration changes request by business users. Internal App Maintenance Is Becoming Less Desirable In View Of Outsourced Options Currently, many IT business application organizations are using or seeking alternatives to maintaining applications internally. Why? Some organizations find it difficult to recruit and retain qualified staff with technical skills in specific off-the-shelf applications; workloads may be intermittent or irregular, making it difficult to effectively utilize staff; and outsourced and offshore service providers may save costs. In addition, companies may not want to staff application maintenance functions for certain internal administrative applications, such as finance, HR, or procurement, preferring to dedicate more resources to customer-facing and mission-critical operational applications. The primary alternatives to maintaining internal on-premises applications are SaaS, outsourced managed services, and third-party maintenance, each of which has different implications for IT workloads and business user impact: ■ SaaS shifts maintenance workloads to the software vendor. Adopting SaaS usually means switching application vendors, but not always. Some applications built for on-premises deployment can be shifted to a SaaS subscription service with the software vendor itself (or, in some cases, to a third-party service partner). A key consideration in SaaS is the cadence and control of software updates (including enhancements).9 Because the software vendor is managing the application for multiple clients, the vendor, not the customer, typically controls © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  14. 14. For Application Development & Delivery Professionals 13 Don’t Just Maintain Business Applications, Raise Business Responsiveness and manages the update frequency. The SaaS alternative has the most impact in terms of reducing IT maintenance workloads but limits your control of the application in terms of customization and upgrade timing. ■ A managed service outsources app maintenance but retains ownership. In a managed services contract, a third-party service provider hosts and manages the applications; the customer usually retains ownership of the software license and vendor maintenance agreement. The benefits of such an outsourcing arrangement vary: Firms may save significant amounts of money when the service provider is more efficient and spends less on labor (e.g., offshoring) or when cloud-based virtualization (e.g., Amazon Web Services) lowers infrastructure costs; hosting has benefits like increased security and reliability; and service providers give access to staff with critical skills. Managed services contracts often do not include upgrades, meaning that the owner typically must deal with the same technical debt challenges of on-premises deployment. ■ Third-party support replaces the vendor maintenance contract. A third-party support (TPS) arrangement replaces maintenance services provided by the software vendor, including breakfix support and compliance updates. Typically, this arrangement provides substantial cost savings compared with vendor maintenance, but it does not include software enhancements and version upgrades (which can only be supplied by the software vendor). Maintenance contracts are a highly profitable revenue stream for software vendors, and TPS is a threat to this revenue stream. Intellectual property considerations, vendor lock-in strategies, and ongoing litigation have limited the availability of TPS services in the market.10 Adopt Sustainable Practices For Application Upgrades Keeping pace with application vendor enhancement streams is an ongoing challenge for most companies. Based on hundreds of client inquiries over the past several years, we have found that the vast majority of off-the-shelf application customers of SAP, Oracle, Infor, and other vendors are not on the latest release — in fact, they’re often two or more releases behind the current one. The more releases a firm misses, the less sustainable its applications become; upgrade costs rise as releases are skipped and higher levels of customization creep in. Application vendors typically discontinue support of older releases, increasing the risk of platform obsolescence. Customers on older releases have a lower propensity to upgrade, for several reasons: They lack the resources to invest in the upgrade project; high levels of customization make an upgrade impractical; and upgrades become more difficult when releases are skipped (e.g., due to schema and architectural changes). Application customers on older releases also recognize that vendor maintenance agreements have diminishing value (if their release is still supported at all) and may opt out of renewing rather than paying for unused upgrades and minimal support. © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  15. 15. For Application Development & Delivery Professionals 14 Don’t Just Maintain Business Applications, Raise Business Responsiveness Upgrade Lag Creates Uncertainty And Variability In Ownership Costs Cost of ownership is a universal concern among application delivery teams responsible for managing licensed (on-premises or hosted) enterprise applications. Ownership cost concerns range from relatively fixed and predictable vendor maintenance fees, internal staffing, and infrastructure support to the less predictable cost of application upgrades. Application upgrade costs remain the wild card in the ownership cost picture, because: ■ New application releases occur relatively infrequently. Vendors have released new versions of off-the-shelf enterprise applications on average every two years. However, leading vendors have recently modified this to include smaller interim releases (e.g., SAP enhancement packages and Oracle family or feature packs). This acceleration of releases was intended to make new features more easily available to customers, but success has been mixed. Without a sustainable or consistent process for applying new releases, companies fail to keep pace with vendors no matter what the release frequency. However, the increasingly popular SaaS updating model — where releases are pushed to all customers multiple times per year — has helped address this challenge. ■ Release adoption stays optional. In the world of licensed on-premises software, application upgrades are optional — at least until release support deadlines become a factor. The optional nature of upgrades means that neither IT app professionals nor business stakeholders plan and budget for them on a regular basis; therefore, upgrade costs are usually not factored into the ongoing costs of ownership. ■ Upgrade costs vary widely, making it difficult to estimate. Typically, enterprise application upgrades involve significant IT projects that often require outside assistance. Estimating the cost of an upgrade involves a number of variables, including the level of customization; whether prior releases were skipped; the extent of new functionality to deploy; the stability of the new release; and the impact on integration with other systems. The finance department and IT leadership usually require elaborate planning and justification before funding major upgrade projects. Configure Your Business Applications, But Don’t Customize Them Off-the-shelf business applications are designed to be inherently adaptable and flexible, but this flexibility can be a double-edged sword when it leads to higher levels of customization. Off-the-shelf applications provide business flexibility by multiple means, each with different pros and cons: ■ Configuration capabilities meet most business requirements. A variety of configuration capabilities enable customers to set up applications without technical customization. These include on/off switches for features, table-driven parameters and formulas, workflow or process models, UI preferences, user-defined fields, reports, and interfaces. For traditional on-premises applications, the configuration is relatively technical and is generally controlled by application delivery professionals with specialized training in the application. © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  16. 16. For Application Development & Delivery Professionals 15 Don’t Just Maintain Business Applications, Raise Business Responsiveness ■ Customization capabilities add business flexibility but lead to upgrade inflexibility. Because most off-the-shelf application vendors allow customer access to native development tools, customization is common and sometimes extensive. Many companies have learned the hard way that extensive customization leads to difficult and expensive upgrades. Customization best practices include documentation trails and isolation of custom objects from the off-the-shelf code base. Vendors and systems integrators (SIs) also may have tools to manage and migrate customizations. ■ Extending applications fills bigger gaps. Customers and SIs are able to extend some off-the- shelf applications to meet customer-specific and industry-specific requirements above and beyond the supported application functionality. In a best-case scenario, add-ons are available through the vendors’ ecosystems or app stores. Extension is different than customization in that it adds new modules or layers to the underlying application rather than modifying the application itself. Application vendors that provide architectural extensibility via components and layering, as well as via platform-as-a-service (PaaS) have an advantage over those which require rewriting lower-level program code. Off-the-shelf application customization is often not a choice but a necessity. However, firms must use customization as judiciously as possible to minimize both implementation costs and risks and long-term ownership costs associated with upgrades. Application selection also helps to limit customization challenges, not only by finding applications with the best fit but also by selecting software with higher levels of flexibility and configurability. Forrester expects future business applications to be inherently more flexible and less technical to configure as a result of the evolution of business application architectures (see Figure 4).11 © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  17. 17. For Application Development & Delivery Professionals 16 Don’t Just Maintain Business Applications, Raise Business Responsiveness Figure 4 The Evolution Of Business Applications Today Future Extension, customization, and integration across functional silos Composed of multiple custom and off-the-shelf business applications, their components, and business metadata/parameters Business apps Client-specific apps (more) Claims management Retail POS Core banking (more) HR ERP CRM Business process components Vertical Horizontal 87361 User interface design Modeling tools Business metadata parameters Source: Forrester Research, Inc. Keeping Licensed Applications Current Requires A Dedicated Effort Companies should endeavor to keep licensed applications current where customization is not an issue and where the business value justifies this effort. For example, most firms can make a case to keep compliance-driven applications (e.g., payroll, benefits, and accounts payable) up to date as standard operating procedure. Also, dynamic technology drivers may dictate the necessity to keep applications current with vendor release schedules. For example, rapidly evolving mobile application capabilities need to be updated more frequently to avoid compatibility risks. As a strategy to make business application software more sustainable, clients should consider a proactive updating strategy. Making a commitment to keeping applications perpetually up to date presumes that there will be no debate about the business justification of each release, rather than attempting to make a business case for upgrading each time. It avoids the cumulative impact of skipping releases, where costs escalate and upgrades become more complicated with each skipped release. Updating the applications more frequently, therefore, means that each individual upgrade, patch, or enhancement package will be less disruptive and less expensive to apply. In order to manage a proactive business application updating program: © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  18. 18. For Application Development & Delivery Professionals 17 Don’t Just Maintain Business Applications, Raise Business Responsiveness ■ Pay close attention to the frequency, timing, and quality of releases. Many software customers elect to delay the adoption of new releases until other customers have done so — usually six to 12 months after the announced general availability release date. Delaying updates of complianceintensive products, however, may not be an option, given government-imposed compliance deadlines. In any case, vendors usually isolate compliance patches from enhancement versions. ■ Institute a disciplined and repeatable maintenance process. This process should 1) evaluate release timing and quality; 2) assess the business impacts of the new release; 3) rigorously test the updates to avoid disruption of business execution; 4) migrate the enhancements to production; and 5) enable business users to assimilate the changes. Alternatively, this process may be outsourced under a managed services contract that includes upgrade costs. Managed services contracts for off-the-shelf software, however, do not typically include this provision. How To Manage SaaS Upgrades When You Don’t Control The Timing In the case of SaaS version upgrades, which typically occur several times per year, the customer has little or no control over the timing of the upgrade, but some control over the outcome. A consumer electronics firm we spoke with said that, although Workday tells them that no IT support is necessary to perform an upgrade, the firm has found that claim not to be true. Some SaaS upgrades are delivered in an inactive state; the customer decides whether or not to activate the new features. But other aspects of new releases, such as UI updates, are automatically visible to the end user. As an example of the process required, consider’s release notes for its spring 2013 upgrade, which were 132 pages long.12 The notes covered eight separate products — an average of 16 pages per product. For each product, feature changes were characterized as either automatically visible to users, automatically visible to administrators, requiring setup before becoming visible, or requiring contact with salesforce to enable. While many of these new features may be simple for users to understand and use, some may not — so your continuous improvement team must be prepared to: ■ Review each “immediately available” change to determine if it requires any attention. If the change is immediately made available to users, they will see it when the upgrade goes live, so you need to understand whether it 1) is self-explanatory and requires no action; 2) requires explanation for your organization’s users (e.g., to head off confusion and misuse before it happens; or 3) will affect any of your organization’s processes and procedures (e.g., a new quarterly forecasting feature may affect your current forecasting processes). ■ Develop guidance for each feature that needs it. For features that require explanation, your team must develop and gain consensus with process owners on the guidance to give, as well as deciding how to effectively communicate the guidance. © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  19. 19. For Application Development & Delivery Professionals 18 Don’t Just Maintain Business Applications, Raise Business Responsiveness ■ Change your processes and procedures as required or enabled. For each feature that does (or can) affect processes and procedures, you must gain consensus with process owners and stakeholders on how to adjust. Furthermore, if it is a change that will be immediately available to users, you must have a rollout plan to ensure that your people are ready when the upgrade hits. Upgrade policies, processes, quality, and consistency will vary from vendor to vendor; your continuous improvement strategy must be prepared and have the staffing to march in time with all of your vendors’ upgrade timelines. R e c o m m e n d at i o n s Build Continuous Improvement For Responsiveness And REsults Each of the four categories of continuous improvement involves a different set of considerations and requirements, but wrapped around them all is the need for an integrated focus on both today’s and tomorrow’s business outcomes. Specifically: ■ Take a medium- to long-term view for investing in business empowerment. In many cases, it’s faster and cheaper to have a technical person hard-code a business change than it is to implement a new method for business empowerment. However, when the future portends a series of 10 or 20 hard-coded changes, a bit of pain and slowness to market today will likely pay back well. Prepare a graph to make this investment equation clearer for stakeholders to see. If the current enhancement really does have a drop-dead date, negotiate for funding to immediately backfill with a business empowerment approach once the hardcoded change is done. ■ Streamline governance so enhancements aren’t appreciably slowed. “Governance” is a scary word because it has often been done poorly. Collaborative, agile governance is the watchword for continuous improvement. The more that trusted experts are embedded in your improvement teams, the more leeway teams can have and the lighter your governance can be. ■ Assume that off-the-shelf software must be kept up to date. Judging the business value of updates, patches, and especially upgrades to off-the-shelf software can be a dicey proposition. The biggest risk is that, by putting the decision off (an option you typically do not have for SaaS), you are often making a default decision to not keep the software up to date. This may seem OK, but eventually you are likely to get in a bind when a critical fix is needed but can’t be applied because of the backlog of updates that were not applied. To help make the business value judgments necessary within your continuous improvement strategy: © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  20. 20. For Application Development & Delivery Professionals 19 Don’t Just Maintain Business Applications, Raise Business Responsiveness ■ Connect continuous improvement with business architecture. If your organization has a strong business architecture initiative, it can provide a view of high-priority business outcomes for various areas of your business. It may also have solution road maps and application assessments that can provide a perspective on the strategic value and likely lifetime of an application that, in turn, can feed prioritization about investments. For example, if you definitely plan to retire an application in the near term, it becomes simultaneously 1) of lesser value to spend on architectural improvements to the affected application and 2) of greater value to use SOA and other means to insulate other applications from the affected application. ■ Evaluate how business effectiveness gets fractured across application silos. Whether silos result from proliferation of SaaS solutions, mergers and acquisitions, or poorly managed application development, it can hurt business outcomes when users must do swivel-chair integration and process status falls between the cracks. Forrester’s digital business design vision provides a foundation for carefully considering the tradeoffs between adapting your business to silos and finding targeted ways to wisely adapt applications to your strategic business goals.13 ■ Explicitly focus on business empowerment. It’s a win-win when you can improve continuous improvement responsiveness and reduce costs by giving control to businesspeople themselves. But be careful: For business empowerment to deliver its value, it must enable business decisions and changes that are both important to businesspeople and within their capabilities to perform effectively. Develop a specific focus within your continuous improvement strategy on identifying and testing the possibilities. ■ Adopt a sustainable deployment model to avoid compounded obsolescence. Determine the appropriate deployment model to enable your organization to continually refresh and improve the quality and functionality of your application software. Increasingly, SaaS provides the most sustainable model with its vendor-managed, continuous updating process. Where SaaS is not an option, consider managed services and hosting arrangements where upgrades are guaranteed and routinely applied and infrastructure is kept up-to-date by the services provider. Endnotes Also consider that, in some situations, the overall application solution may be comprised of a combination of off-the-shelf application capabilities with custom-built elements, in which case it’s desirable to use the same mechanisms — the same rules engine, the same BPM layer, etc. — to configure behavior across the hybrid. Knowing that you want to do this will in turn shape your requirements for these configuration capabilities in both the off-the-shelf application environment and the associated development tools (which for a SaaS application would include its associated PaaS). 1 © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  21. 21. For Application Development & Delivery Professionals 20 Don’t Just Maintain Business Applications, Raise Business Responsiveness 2 “New productivity platforms” is the name Forrester gave to a collection of application platforms employing visual tools and very rapid delivery techniques. For a description of these products with examples, see the November 1, 2012, “The New Productivity Platforms: Your Solution To The AD&D Crunch” report. Historically, integration has centered on making it easier to live with application silos, but the real problem is to build a coherent business, even though you may have siloed applications and technology. See the November 8, 2012, “Digital Business Design Is The New Integration” report. 3 The old foundations of technology strategy — hot tech trends and business plans — have become inadequate, resulting in technology silos and hard-wired solutions. In a new era of innovation and fluidity, Forrester believes that business capabilities provide a new and better foundation for technology strategy. See the September 23, 2010, “Establish Business Capabilities As The Foundation Of Your Technology Strategy” report. Business capability maps are central to laying a new and better foundation for technology strategy, leading toward designing and building business capability implementations, rather than siloed applications. See the December 17, 2010, “Business Capability Architecture: Use Business Outcomes To Drive Technology Strategy” report. We describe an approach to managing the people aspects of continuous improvement. See the September 26, 2102, “Drive Continuous Improvement With Strong Change Management And Employee Training” report. 4 For a full discussion of this topic, see the January 21, 2011, “Empowering The “Business Developer” report. 5 The configuration tooling that business app vendors provide is evolving beyond parameterization and coding to become flexible, graphical, and model-based, eliminating coding and making business applications’ ease-of-change a differentiating capability. See the May 24, 2012, “Increase Business Flexibility By Embracing Future Trends” report. 6 Forrester has documented cases of business experts managing business rules in various case studies. For two examples, see the January 5, 2009, “Case Study: Hypo Real Estate Enables Credit Risk Professionals With Business Rules” report and see the October 3, 2008, “Case Study: California Association Of Realtors Innovates With Business Rules” report. 7 The mean percentage of 48.5% was across 1,679 respondents; the results were very similar for SMBs and enterprises (49.0% versus 48.1%, respectively). Source: Forrsights Software Survey, Q4 2012. 8 Redeploying traditionally on-premises systems as SaaS, however, brings into play some architectural differences from SaaS-native products, such as multitenancy and the mechanics of how the software is updated. Forrester sometimes refers to this as “near-SaaS.” Near-SaaS is a hosted/subscription model with dedicated tenancy for each customer. 9 TPS options are currently limited to Rimini Street (services for PeopleSoft, Siebel, J.D. Edwards, Oracle E-Business Suite, Oracle database, SAP, and Hyperion) and Spinnaker Support (services for J.D. Edwards and SAP). 10 © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  22. 22. For Application Development & Delivery Professionals Don’t Just Maintain Business Applications, Raise Business Responsiveness 21 Forrester’s vision for business applications is discussed in a report. Conceptual reference architecture is provided in this document, which highlights advances in flexibility via visual modeling tools. See the May 20, 2012, “Increase Business Flexibility By Embracing Future Trends” report. 11 As of March 8, 2013. 12 Integration is a perennial challenge for application delivery professionals. Vintage, monolithic applications are hard to deal with, and point solutions abound, including point solutions in the cloud. Traditional enterprise application integration (EAI) technology helps, but its primary design focus is on technical connections, not your business. Application delivery teams can deliver more business value by refocusing integration strategy on the real goal: building a coherent business that can change quickly to achieve and sustain excellent outcomes. Forrester’s vision for digital business design is an approach to integration that centers first on sustainable business outcomes and agility, unifying across application silos rather than merely making it easier to live with them. See the November 8, 2012, “Digital Business Design Is The New Integration” report and see the November 8, 2012, “How To Implement Digital Business Design” report. 13 © 2013, Forrester Research, Inc. Reproduction Prohibited June 18, 2013
  23. 23. About Forrester A global research and advisory firm, Forrester inspires leaders, informs better decisions, and helps the world’s top companies turn the complexity of change into business advantage. Our researchbased insight and objective advice enable IT professionals to lead more successfully within IT and extend their impact beyond the traditional IT organization. Tailored to your individual role, our resources allow you to focus on important business issues — margin, speed, growth — first, technology second. for more information To find out how Forrester Research can help you be successful every day, please contact the office nearest you, or visit us at For a complete list of worldwide locations, visit Client support For information on hard-copy or electronic reprints, please contact Client Support at +1 866.367.7378, +1 617.613.5730, or We offer quantity discounts and special pricing for academic and nonprofit institutions. Forrester Focuses On Application Development & Delivery Professionals Responsible for leading the development and delivery of applications that support your company’s business strategies, you also choose technology and architecture while managing people, skills, practices, and organization to maximize value. Forrester’s subject-matter expertise and deep understanding of your role will help you create forward-thinking strategies; weigh opportunity against risk; justify decisions; and optimize your individual, team, and corporate performance. « Andrea Davies, client persona representing Application Development & Delivery Professionals Forrester Research, Inc. (Nasdaq: FORR) is an independent research company that provides pragmatic and forward-thinking advice to global leaders in business and technology. Forrester works with professionals in 13 key roles at major companies providing proprietary research, customer insight, consulting, events, and peer-to-peer executive programs. For more than 29 years, Forrester has been making IT, marketing, and technology industry leaders successful every day. For more information, visit 87361