Lowering costs and increasing revenues are important goals for most businesses. Likewise, as businesses attempt to meet these objectives, IT organizations are being continually squeezed to accomplish more with less. In addition to being asked to produce new applications and solutions that can adapt rapidly to new business challenges, IT organizations are being asked to take on additional responsibilities—such as helping businesses ensure compliance with new regulatory requirements.
Over the past few years, reducing risk throughout the organization has taken on new meaning, and it’s become an important goal for many IT departments at the same time that those IT departments are being asked to increase productivity.
Let’s look a little more closely at these twin issues—the need to reduce and manage risks and the need to increase productivity. The first is the issue of managing and reducing risk, and this incorporates a number of different aspects, including compliance, reliability, and security.
From a compliance perspective, development organizations need to ensure that applications, data, and business processes are consistently meeting regulatory requirements and guidelines. Otherwise, the IT department may be opening up the organization to potential legal or regulatory risks. While many companies have started by meeting SOX-type reporting requirements, organizations need to be able to proactively ensure that any changes to their applications will meet and not interfere with SOX or other regulations.
From a reliability perspective, organizations need to continue to increase the reliability and availability of their customer-facing and internal applications. Testing is a key component of helping to ensure reliability, but most organizations have too little time for testing and end up testing only what they think is important, not necessarily what might actually be important. Thus, in order to become more effective and efficient, organizations need to increase the effectiveness of their testing process, testing the most important components of an application and not simply the easiest components.
From a security perspective, organizations have started to realize that the application is the business. Any breach of an application increases the overall risk to an organization and IT groups and developers need to begin thinking about how to reduce the possibility of attack and help reduce overall risks associated with applications and data access.