Software Risk Assessments
As a rule of thumb, software systems have a long life span. During their life cycle, they are at the mercy of changing needs and demands. Demands that were initially not taken into account. This raises concerns about the future-proofness of the system, and necessitates objective insight into a whole range of quality issues.
Insight - The quality aspects of a system
Software users usually want to know what is happening to the maintainability, future-proofness, scalability or security of a system. We give impartial, independent and objective answers to these questions.
A Software Risk Assessment is mainly concerned with product quality based on source code analyses. It is less concerned with process or design quality. After all, research has shown that a good development process does not necessarily guarantee good software. It is precisely for this reason that SIG focuses on your core investment: software and software quality.
Analysis - From source code to human insight
A Software Risk Assessment consists of a detailed, automated analysis of the source code of a system. This information is supplemented with interviews and consultations with system experts, where we validate the analyses with them. This ensures likely consequences are given a strong objective foundation and support base in your organisation.
Approach - Building a bridge from source code to boardroom
Where possible, we use external, publicly available sources such as ISO 25010 and the Software Engineering Institute (SEI, the founder of CMM/I). Next, we report back our insights to senior management and offer recommendations to facilitate the decision-making process.
We report our findings in plain language that is understandable to our customers: technical and detailed (up to lines of code) for system experts. Strategic consequences and recommendations are communicated in clear terms, aimed at managerial level. This is how SIG builds a bridge from source code to boardroom.
Assessment questions - Quality aspects
The purpose of Software Risk Assessments is to facilitate the decision-making process by laying down concrete and objective foundations. They answer key questions such as:
For CXOs, senior management and technical management - Independent advice
Users of Software Risk Assessments are typically C-level executives or are directly answerable to C-level executives: board members, CIOs, contract managers. They choose SIG because they know that SIG is independent and impartial. We do not sell technology. We do not offer ICT recruitment solutions. We do not carry out software development or renovation projects. In other words, SIG has no vested interest in the research results or recommendations extracted from the assessment.
Scope - From big to small. In the Netherlands and worldwide
SIG offers broad expertise. We analyse software systems, developed internally or externally, on behalf of our customers. Custom or package solutions. Under development or maintenance. From small to big. In the Netherlands and the rest of the world. We know the qualities of all the major software houses and can handle all technologies: from SAP, from customisation in J2EE and .net to embedded or proprietary languages. And everything in between.
The business case
What is the value of knowledge and insight? In some cases, it can add considerable value. SIG has been known to advise clients to terminate dead-end projects. This results in accelerated depreciation of such a project, which can - with a little effort - be seen as a cost saving. Project termination can in any case prevent the damage from escalating. Occasionally, SIG recommends several minor - yet crucial - improvements. This ensures years of faithful service, provided of course the system is properly maintained.
Software Risk Assessments are also deployed in acceptance protocols and Service Level Agreements (SLAs), so that the client can lodge a complaint if quality standards are not met.
Without substantive insight, adequate software control is virtually impossible. This is regrettable to say the least, as vital interests are at stake. With its Software Risk Assessment, SIG provides that much-needed insight.
A few project examples...
Insight - The quality aspects of a system
Software users usually want to know what is happening to the maintainability, future-proofness, scalability or security of a system. We give impartial, independent and objective answers to these questions.
A Software Risk Assessment is mainly concerned with product quality based on source code analyses. It is less concerned with process or design quality. After all, research has shown that a good development process does not necessarily guarantee good software. It is precisely for this reason that SIG focuses on your core investment: software and software quality.
Analysis - From source code to human insight
A Software Risk Assessment consists of a detailed, automated analysis of the source code of a system. This information is supplemented with interviews and consultations with system experts, where we validate the analyses with them. This ensures likely consequences are given a strong objective foundation and support base in your organisation.
Approach - Building a bridge from source code to boardroom
Where possible, we use external, publicly available sources such as ISO 25010 and the Software Engineering Institute (SEI, the founder of CMM/I). Next, we report back our insights to senior management and offer recommendations to facilitate the decision-making process.
We report our findings in plain language that is understandable to our customers: technical and detailed (up to lines of code) for system experts. Strategic consequences and recommendations are communicated in clear terms, aimed at managerial level. This is how SIG builds a bridge from source code to boardroom.
Assessment questions - Quality aspects
The purpose of Software Risk Assessments is to facilitate the decision-making process by laying down concrete and objective foundations. They answer key questions such as:
- Is the system easily maintainable?
- Is the quality of the system acceptable?
- Can I grant a discharge to the supplier?
- Is the system scaleable?
- Can the current system be effectively adapted to new legislation?
- Can I / should I renovate?
- Which renovation strategy is feasible?
- Do I need to replace the system?
- Is this possible without a Big Bang scenario?
- Are there quick wins if we carry out fast-track improvements?
For CXOs, senior management and technical management - Independent advice
Users of Software Risk Assessments are typically C-level executives or are directly answerable to C-level executives: board members, CIOs, contract managers. They choose SIG because they know that SIG is independent and impartial. We do not sell technology. We do not offer ICT recruitment solutions. We do not carry out software development or renovation projects. In other words, SIG has no vested interest in the research results or recommendations extracted from the assessment.
Scope - From big to small. In the Netherlands and worldwide
SIG offers broad expertise. We analyse software systems, developed internally or externally, on behalf of our customers. Custom or package solutions. Under development or maintenance. From small to big. In the Netherlands and the rest of the world. We know the qualities of all the major software houses and can handle all technologies: from SAP, from customisation in J2EE and .net to embedded or proprietary languages. And everything in between.
The business case
What is the value of knowledge and insight? In some cases, it can add considerable value. SIG has been known to advise clients to terminate dead-end projects. This results in accelerated depreciation of such a project, which can - with a little effort - be seen as a cost saving. Project termination can in any case prevent the damage from escalating. Occasionally, SIG recommends several minor - yet crucial - improvements. This ensures years of faithful service, provided of course the system is properly maintained.
Software Risk Assessments are also deployed in acceptance protocols and Service Level Agreements (SLAs), so that the client can lodge a complaint if quality standards are not met.
Without substantive insight, adequate software control is virtually impossible. This is regrettable to say the least, as vital interests are at stake. With its Software Risk Assessment, SIG provides that much-needed insight.
A few project examples...