In a previous blog I suggested that the biggest operational risk to an organization these days relates to System Development Life Cycle (SDLC) failures. I was again reminded of this when I saw the article in the Wall Street Journal this morning related to Finish Line Inc. According to the article, “a new warehouse and order-management system caused a supply-chain disruption” as “the new system couldn’t process orders fast enough.” This systems failure significantly impacted sales revenue, profitability, and stock price and the organization is now planning to close a quarter of its stores and change its chief executive.
In the Digital world today, it seems as if almost all organizations are becoming critically dependent on software in one way or another. Bringing new software on board, operating, changing and retiring software can pose material risk to organizations, potentially even putting them out of business. The management of software system risks requires a thorough understanding of the interconnectedness of the software in supporting the organization’s business processes, product delivery, and strategic objectives. SDLC mistakes can manifest themselves in myriad ways including but not limited to transaction processing errors, unacceptable response times, information security vulnerabilities, regulatory compliance violations, the inability to recover from a disaster, the inability to effectively manage third party relationships, and reputational damage.
As with any operational risk, the first step in managing this risk is to acknowledge that it exists and reasonably estimate how big it is worst-case scenario. From that point you can plan the risk mitigation and transfer steps and move into a monitoring mode to ensure the issues get resolved as quickly as necessary to meet your objectives. All of this is much easier said than done but you’ve got to see through and understand the complexity if you want your organization to have sustained success.