October 5th, 2022 by inflectra
September 8, 2022: Inflectra and Tezza Business Solutions collaborated in a joint webinar aimed to raise awareness of the importance of the symbiotic relationship between Risk Management and Software Quality Assurance, particularly related to the financial industries in West Africa. The webinar brought together three eminent panelists, West Africa’s first EC-Council Licensed Penetration Tester, Obadare Peter Adewale, Head of Enablement for FNB Mozambique, Gui Texeira, and the Chief Executive Officer of Tezza Solutions, Roland Omoresemi. The session was moderated by Inflectra’s Enterprise Agile Evangelist, Sriram Rajagopalan, who navigated the panelists through the challenges of adopting Agile framework in West Africa, the binding regulations in the financial industry, and the technology tools required to improve transparency, inspection, and adaptation.
Mr. Adewale set the stage for the webinar when he stated that “Agile is the famous buzzword within the financial industry in West Africa.” He emphasized that there is a gross misalignment between technology and business and used the term “Irresponsible Programming” to highlight how quality is compromised in Agile approaches. When releasing functionality to the market faster is prioritized without first assessing the impact of risks on these functionalities, quality begins to slip. Mr. Texeira also raised the related issue where organizations often implement Agile frameworks in one or two departments alone, siloing themselves from other departments. This causes issues down the line when, for example, the HelpDesk team, who did not adopt agile practices, is not able to relate and provide the required critical feedback for product teams.
Mr. Texeira recounted another issue he sees in Agile adoption, when Agile team members are not exposed to the risk management principles but focus only on their domain knowledge and rely on outside processes for risk and compliance. In some organizations, the team members play a “Hierarchy Game” where they implement numerous steps in the approval of business requirements, test case development, or defect triaging. The unavailability of the persons required in this multi-step workflow approval creates a longer waiting time and bottleneck effect. Some reasons for this multi-step process involve excessive process controls denouncing self-organization within the team or the lack of team member’s cross-functional knowledge to account for risks.
Mr. Omoresemi strategized that both the “Irresponsible Programming” and “Hierarchy Game” further compound the challenges with the “multiplier effect.” When leaders fail to develop the culture and mindset of employees in understanding risk management, quality management, and domain knowledge, the employees don’t understand the impact of failing to mitigate risks and the harmful results from poor quality releases. The lack of understanding the total cost of ownership multiplies the problems exponentially.
These observations are not far from the findings that the Agile community faces, said Dr. Rajagopalan. Even the State of Agile surveys done between 2018-2021 show that the alignment between Business and IT Globally has been hovering around 47-50%. “Failing fast should not be the focus, but rather, failing forward,” said Dr. Rajagopalan. Security principles are compromised where plaintext passwords are part of the programming modules because the user story is only a proof of concept and the acceptance criteria doesn’t preclude ‘backdoor’ security principles to be accounted for! So, it is not that Agile itself has failed but rather that people have failed Agile due to their lack of Agile framework understanding.
“When it comes to binding regulations, the agencies creating and upholding the regulations are always catching up based on how technology is progressing,” said Mr. Texeira. He recalled how some of the countries in the African continent still do not recognize the Cloud Technology-related trends. Mr. Adewale also highlighted that the Central Bank of Nigeria has introduced the IT BluePrint Standards requiring compliance and governance on the strategic end, and traceability and audit trail on the execution end.
Similar to General Data Protection Regulations (GDPR) popular in the European Union, Mr. Adewale also mentioned Nigeria Data Protection Regulations (NDPR). Mr. Omoresemi talked about the enforcement at all levels where not only companies but also their employees need to be the “voice of testing” in establishing guidelines and guardrails. To be quality champions, employees must learn about the influence of risk on their responsibilities.
“Doing things manually helped us realize the pain points,” recalled Mr. Texeira. He had this realization when he began an extensive search on a tool that provides transparency and traceability across all the areas of both software development and project management. Although each organization is different, Mr. Omoresmi mentioned the focus of the organizations in using the total cost of ownership as a critical consideration while selecting the tool. Mr. Adewale highlighted that the teams should ask themselves three questions when selecting the tool:
Is the tool allowing them to do the right thing?
Is the tool allowing them to do things right?
Is the tool providing visibility for how well things are getting done?
Connecting these thoughts with Drucker’s principles of effectiveness (leadership) and efficiency (management), Dr. Rajagopalan concluded the session that tools should not just focus on pricing or their selection be based on one’s comfort zone, but many other factors, such as the cloud and on-premise support, framework agnostic outlook, business process support, and end-to-end lifecycle management. The panelists and the moderator put a major limelight on how the areas of risk management play a critical role in software quality management in today’s emerging regulatory landscape regardless of the project delivery framework.
This webinar is a joint effort between Tezza Business Solutions and Inflectra.
Interested in doing a joint event or webinar with Inflectra? Contact partnerships@inflectra.com.
And if you have any questions, please email or call us at +1 (202) 558-6885