API Management

Governance-First Development: Ensuring Speed with Quality

Today our Chief Architect Andy Medlicott covers the three tenets of governance-first development that will actually speed up, rather than slow down, your lifecycle.


Andy Medlicott – Chief Architect – digitalML

Governance-First Development: a Developer’s Worst Nightmare?

It certainly can be if you have ever had to go through a governance review at the end of a software development lifecycle – encountering people who just seem to want to find problems with your solutions so that you miss your deadlines!

How many times has a solution been built that relies upon a cache to help it perform well enough – but then you discover you also need to key it against user to avoid a cache hit for something you don’t have permission for… so immediately the cache is less effective… But even that doesn’t work, as you later discover that each retrieve needs to check permissions… making a cache hit need an additional check, which may well make the cache ineffective… sigh!

In another example, I remember the first time I implemented a data access layer and forgot to include the concept of transactions to support rollback. Due insufficient review processes, it wasn’t discovered until we were only a few weeks away from go-live. Retro-fitting that concept was no trivial exercise, but it appeared less work than redesigning it… Later we realised the costs of pushing a design beyond what it had been intended for!! If it had been picked up near the start of the project, it would have been trivial to include it.

 

1. Apply Baked-In Governance: Design Thinking Saves Trouble Later On

What is common to both of the previous scenarios is that if the important criteria had been thought of initially then it would have not been a problem, and the costs associated would be negligible in the context of the whole design and implementation effort.

Governance is often considered a dirty word and seen as more hoops and hurdles for designers to get over, but good governance is about ensuring software is fit for purpose – that it actually works in the real world rather than just in the lab.

The challenge is, often governance is not baked into the thinking at the outset of a project. When designing an API and/or a microservice, it’s not something you automatically consider. It probably isn’t obvious if you’ve not been exposed to the governance needed, and even if it’s a nagging thought, it seems too hard and slow to involve a governance team early on.

But what if governance teams actually were able to help rather than hinder? What they were able to offer suggestions on how to meet governance early on, with speed?

You need to have two things: knowing early on there’s a governance impact, and being at a point where you can change designs easily – i.e. not in the last few weeks before release!

 

2. Use Automatic Governance Checklists

To help tackle baked-in governance, ignite provides automatic governance checklists, which are evaluated and displayed ALL the time. So from the very earliest stages of building MVPs, you can see clearly what is needed to check the boxes for your governance standards.

Sometimes it’s as simple a name change, or realizing a log entry needs to be masked because it’s displaying PPI information… other times it’s harder… but then you can reach out to a governance team and seek some early advice before building in the wrong direction!

Governance-first development should make use of completion guides
Completion guides help development check the boxes for good governance.

Governance doesn’t slow you down when you are prototyping an idea… on the contrary, just knowing the governance issues avoids those “Oh!” moments when you realise your prototype will never work because you’ve relied on something forbidden by a regulator!

 

3. Create a Governance-First Culture

Governance reviews become a breeze as you’ve already considered your developers’ concerns, and if they’ve helped design the solution, there’s shared ownership fostering a one-team approach rather than a “them and us” culture.

Having a governance-first culture may seem impossible. But a little understanding of what governance is trying to do, and having a platform in place which encourages governance collaboration makes it a lot easier to get there and to get solutions running in the real world far quicker and more securely than before!


How does digitalML’s ignite platform help enterprises create a governance-first culture?

We typically start small with our customers, beginning with a subset; one team or a small group of teams to spin out a few pilots for quick wins. Then, we prove success in terms of the speed and quality of those governance-backed projects, which gives large organizations the buy-in to roll out to more teams and regions.

ignite’s self-serviceability goes a long way; it doesn’t take a rocket scientist to understand how to start building; all roles are able to use ignite. We find that by deskilling the manual parts of your lifecycle with built-in guidelines that remove bottlenecks rather than create them, you give highly-skilled roles a way to scale themselves for greater things (e.g. customer experience, innovation, to name a few).

To learn more about how ignite helps large organizations create a governance-first culture, book a call with one of our experts today.

Related Articles

Close