As a global recession looms large over the sunshine industry of the last decade, there is a big question mark on where Software Development is headed in the midst of all these gloom. Cost Cutting and Increased Productivity have emerged as the two favorite mantras of the IT corporate, so what does all this mean to the software development industry. The current article is the second part in a series that looks at this aspect. Part 1 of the series dealt with an insight into the design/architecture costs. The second part takes a look at Standards and Processes in the industry.
Standards/Processes – Why?
Given the fact that IT has shaped itself into a reasonable industry only for around 2 decades or so, the number of Quality systems, processes and procedures that have been implemented, discussed and scratched are amazingly high. Standards such as ISO9000 series, CMMi, Six Sigma, TQM, Lean, TPM, JIT have all been lapped up by the software industry at an amazing speed. On the one hand while this is a good thing from the standardization and quality perspective, it poses the question of cost incurred in these processes and the benefit derived there-of.
The simplest way to start is to ask the basic question: “Why do I want to implement a Quality System?” If you are using the standard as a marketing gimmick (a plaque on the wall; a logo on a website), or just because a customer requires it, then the standard will be a burden, not a benefit. If the honest reason for implementing the standard is improvement, then it can truly help your organization become better. Again, if certification is the only goal then you may gain certification but miss the benefit of the standard. An organization can employ the standard, and benefit from it, without ever seeking certification.
The purpose of a Quality System is to create an internal control system through defining and documenting processes with well-written procedures so that a company can address a few key areas such as Compliance, Operational Needs, Manage Risks, Knowledge Sharing and Continuous Improvements. For e.g. complying with the law of the land is a basic function of an organization and so is ensuring that the activities fundamental to the organization’s success are properly guided by the management and are performed in a consistent way that meets the organization’s need. While processes and procedures themselves may not demonstrate compliance, well-defined and documented processes (i.e. procedures, training materials) along with records that demonstrate process capability can make evident an effective internal control system and compliance to regulations and standards.
Standards/Processes – How many?
The question that pops up is whether to adopt any specific Quality Standard or whether to adopt multiple standards. This is interesting as in the past decade companies have adopted more than one standard and have got themselves certified for these standards. Companies first comply themselves with one standard, then come up with a mapping strategy between this standard and the next standard that they want to get certified on and add more processes / procedures to fill the gaps. This mapping leads to making things a bit bulky for both standards. Things become even bulkier when the company tries to add another standard.
Creating dozens and dozens of procedures is usually not helpful. In fact, such an approach can create more problems than it resolves. They can’t be found, they aren’t used, they aren’t updated, and a glut of uncontrolled copies are scattered throughout the organization. This is exactly what happens when Quality Standards are imposed on businesses without due deligence.
The basic reasons for which Standards and Processes are defined are actually lost and questions like “What processes are required, which of these require high control and where is the improvement required?” are often lost in the rat race to acquire certifications. The futility of this whole cycle has been aptly demostrated by the Satyam fraud, where despite all the processes in place, the basic underlying deficiency could not be tracked, that too by highly experienced auditors.
On the other end of the spectrum are a set of companies, that have not gone for certifications, but instead have chosen to pick and choose the best of the processes from various standards based on their applicability to their businesses. E.g. of such companies are Oracle Corporation and Microsoft Corporation, both of which have stayed away from formal CMMi certification but do get an external auditor to benchmark once in a while how they are placed viz-a-viz the industry. Of course, such a strategy works well for product based companies rather than services company which needs to assure clients that it has the process to handle their requirements, but what this shows is that Quality Standards are not required for certification alone, but for a specific benefit. So what is the benefits that the organization plans to derive decides what Quality Standards are to be followed.
Standards/Processes – Lean Methodology
Lean thinking is an emerging methodology to reduce wasteful processes. It is more a mindset of viewing things in the right light, focussing, removing waste, and increasing customer value. It is predominantly another manufacturing concept that is slowly beginning to make an entry into the IT industry.
Lean processes tend to retain the processes that add value to the customer while cutting out those processes that do not. The simple fact is that if a process does not add value or generate revenue then it simply adds cost!! Lean Processes follow 5 basic steps:
- Identify activities that create value.
- Determine the sequence of activities.
- Eliminate activities that do not add value.
- Ensure that products/projects are available when the consumers want them.
- Continuously improve processes.
So for e.g. suppose a company is providing an IT support to a customer and bills the company for the time and material spent on providing the support, then it might not require the overhead of a completly bulky project planning and tracking mechanism. Instead they might want to have a task tracking and issue tracking mechanism with minimal project planning aspects involved on a day-to-day basis.
Six Sigma on the other hand states:
So while the former considers non-value addition as a waste, the later considers non-conformance to defined standards as a waste. Lean Operations redefines waste as anything the customer won’t pay for—everything from clerical errors to idle machine operators.
The process identifies seven types of waste:
- Waiting—for products, personnel, parts, the availability of machines;
- Transportation time—for equipment and parts needed for repairs;
- Processes—duplicate data entry, inefficient stocking;
- Excessive inventory;
- Unnecessary motion by people and machines;
- Correction of defects or service errors.
Given this, it might be worthwhile to revisit the Quality Standards and apply Lean processes on them to prune out all those non-value adding activities. Note that not all of Lean processes might be applicable per se to the Software Industry, but those that do could result in significant benefits.
Standards/Processes – Documentation
The common belief seems to be that implementing Quality Standards can create a bureaucratic documentation nightmare with volumes of complicated procedures that require heavy oversight and manpower to create and maintain. That is not really the case. In fact, implementing Quality Standards can actually streamline and simplify your documentation/record creation and management. For e.g. suppose we consider ISO:9001, there are only 6 mandatory procedures for the same namely:
- Record Control (per ISO 9001 clause 4.2.4)
- Internal Audit (per ISO 9001 clause 8.2.2)
- Control of Non-Conformities (per ISO 9001 clause 8.3)
- Corrective Action (per ISO 9001 clause 8.5.2)
- Preventive Action (per ISO 9001 clause 8.5.3)
As it is difficult for most organizations to get by with these six procedures alone, they add more procedures over and above these. But, the fact that these are the only required procedures should send a message that, despite the perception of the opposite, ISO 9001 is not about tons of procedures. The same generally holds good for other Quality Standards.
What actually creates the bulk is usually the records. For e.g. ISO 9001 has 21 mandatory records to go with the 6 procedures. All organizations going for the certification either have these records in place or are in the process of getting them in place. But, the key fact here is not having the records, but what is done with these records? The ultimate goal of a Quality Standard is improvement and one key to improvement is record keeping that captures important data related to performance metrics. So a simple question that any organization needs to ask is “What do we do with the records? What are the improvements that have been triggered by the metrics captured in these records?” If there is no visible or quantifiable improvement in the metrics, then these records and the process associated with these records need to be re-looked at both from their usability aspects as well as their capturing aspects.
Standards/Processes – Other Areas of Improvements
There are other problems that usually bloat up standards and processes. Simply put, they are hard to find, hard to read, not used, not followed, too long, poorly written, poorly formatted, out of date, and not accurate. Wow!! That’s a lot of baggage, but the truth is not all of the above said are simple ramblings or cribbings, but some of these are facts. Let’s examine some of the stark realities that lead to some of these.
Horses for Courses
Who would you get to frame the processes? Too often the task of developing and writing important organizational documentation falls to those who have little experience or training in this area. They may have extensive process and organizational knowledge, but without proper experience or training, this expertise gets translated very poorly into a document.
The end result is something that is hard to understand and implement and in some cases leading to the actual reason of the process being lost in translation. Identifying key resources like the Process Owner, the Technical Writer, Process User is the first step in ensuring to avoid thne same. You can not realistically expect the process expert or process owner to magically transform into a technical writer and expect positive results. It also results in reducing the cost incurred in maintaining of these processes, time spent on training and getting a buy-in on these procedures.
Most of the quality trainings are done in bulk and are more used by people for dozing off rather than to actually inculcate the processes mentioned. Usually hands-on training and training on the relevant pieces at appropriate times ensure that the processes are better understood. Guides and mentors to explain the usability and the benefit of the processes great enhance the valueadded by the processes.
One of the major irritants that I have faced with Quality Processes is when I am told to follow a process without knowing how it benefits me. It makes it all so easy when I know the value I get from following a process. Improper or Inadequate training has other drawbacks, as people in order to ensure that they are not flagged off for following processes tend to create records without following or understanding the actual process. This most of the times results in additional non-required records and documentation and again adds no real value at all.
Usually best practices from one area are tried to be generalized and pushed into other areas. While in some cases it is good, in most cases it just is there an overhead adding little if any value. For e.g. RCA is a great tool for finding long term solutions to recurring issues and issues which arise late in the product lifecycle. But then process organizations tend to push RCA into all stages including the design stage. Imagine in the design stage when teams are trying out the feasibility and benefits of different solutions and the process asks them to do an RCA to find out why the best design was not the first design to be tried out!!
Knee Jerk Reactions
Sometimes some gap in the process when highlighted as an audit finding or when is criticized by observers or stakeholders leads to knee jerk reactions from the organizations. They tend to have more processes in place to avoid this situation without completely weighing in the pros and cons of the same. Over a period of time such processes not only add costs to the organizations, they also tend to provide little or no value.
With the advent of internal audits, the frequencies of these audits has been increased highly. Most organizations have quarterly audits and the emphasis of these audits has moved over from the actual improvement due to the process to the simple verification of records.
Part of the problem is due to the fact that the increased frequency means that more auditors have to be identified with little or no training which means that all they can do is follow instructions for verfication of records. Even for competent auditors the load of auditing projects frequently means that unless something is overtly out of place, they tend to just verify the existing records. Funnily enough, when it comes to verification of the records, the auditors approach it in a very hawkish manner as well. It must be understood that auditors have to perform serveral duties and have to act as “Watch Dogs” but not as “Blood Hounds”. Several enlightened firms of auditors have readily agreed to adopt ideas of process simplification, but some conservative members do not show the same willingness and need to be persuaded.
The Standards and Processes are the basic building blocks of the performance of an organization. Over a period of time, they tend to clutter and grow in size and actually become an overhead instead of a value-addition. Companies need to constantly prune and re-define them to be of maximum value and a recession gives an added incentive to cut through all the redundant and non-value adding processes and emerge out as a lean and mean organization ready to face the competition.
The Paperwork Jungle – C. N. Parkinson/M.K. Rustomji/ A.V. Deshmane