Inspire, develop, and guide a winning organization.
Create visible workflows to achieve well-architected software.
Understand and use meaningful data to measure success.
Integrate and automate quality, security, and compliance into daily work.
Understand the unique values and behaviors of a successful organization.
LLMs and Generative AI in the enterprise.
An on-demand learning experience from the people who brought you The Phoenix Project, Team Topologies, Accelerate, and more.
Learn how making work visible, value stream management, and flow metrics can affect change in your organization.
Clarify team interactions for fast flow using simple sense-making approaches and tools.
Multiple award-winning CTO, researcher, and bestselling author Gene Kim hosts enterprise technology and business leaders.
In the first part of this two-part episode of The Idealcast, Gene Kim speaks with Dr. Ron Westrum, Emeritus Professor of Sociology at Eastern Michigan University.
In the first episode of Season 2 of The Idealcast, Gene Kim speaks with Admiral John Richardson, who served as Chief of Naval Operations for four years.
New half-day virtual events with live watch parties worldwide!
DevOps best practices, case studies, organizational change, ways of working, and the latest thinking affecting business and technology leadership.
Is slowify a real word?
Could right fit help talent discover more meaning and satisfaction at work and help companies find lost productivity?
The values and philosophies that frame the processes, procedures, and practices of DevOps.
This post presents the four key metrics to measure software delivery performance.
August 26, 2022
In this series of blog posts, follow along as we revisit Mark Schwartz’s book A Seat at the Table: IT Leadership in the Age of Agility. Five years after its publication, it’s still highly relevant and chock full of tips, tactics, and learnings. Join us as we follow along with Online Marketing Assistant Lucy Softich as she reads through the book for the first time. Make sure you start with the introduction post!
Chapter 10: Risk sounds fairly straightforward, and it begs the question: in an Agile world, where there’s an emphasis on speed and continuous deployment, how can you also ensure that your systems are safe and secure?
Risk comes down to uncertainty, and uncertainty is guaranteed whenever you’re talking about unknown unknowns (which you usually are when it comes to knowledge work). Heck, even very stable businesses can be upturned by unforeseen events such as pandemics. Mark talks from the perspective of 2017, but with my 2022 perspective, I am all too familiar with world-altering levels of uncertainty.
No matter how many statistical models you run or how many precautions you take, things will occasionally go wrong. Mark talks about the responsibility of a CIO who goes with the least risky option, only to watch a competitor soar to success with the risky venture. Was this CIO wrong to have chosen the less-risky option, even though it ended up being less successful? Well, if you define success purely financially, maybe; but do you really want that risky CIO heading things when the next decision presents itself? Could you trust them to get lucky twice?
An Agile leader’s job is to calculate risk and make important decisions. And fortunately, this modern CIO has some extra tricks up his sleeve.
Speed feels inherently risky. If you’re moving too fast, there’s a danger that you will miss something, cut corners, or outright ignore safety protocols in order to deliver quickly. But, the danger there lies when you are delivering to a deadline. In an Agile structure, however, your aim is for “as soon as possible,” in the true definition of that phrase: as soon as this can safely and properly be delivered, and not before or after.
It turns out that an Agile framework is actually ideal for managing risk, as Mark says:
Surprisingly, one of the most powerful risk-management techniques introduced in the Agile world is the idea of testing in production.
Mark talks at length in this chapter about the value of testing. If you deploy in frequent small batches, you can constantly test for issues and immediately catch problems while they are still on a very small scale. And when you test in production, you can see how something functions in its real, live environment, instead of a test environment that can never be 100% identical to reality. You are able to work with agility (ha!) and efficiency while making your system safer.
Mark also discusses the importance of maintenance as part of security, the less flashy part, but also less risky.
Our instinct is to focus on the fancy protections against the extremely subtle attacks, but the basics of security are not complex, and it is the basics that we mess up on consistently.
He recommends a push for rugged systems where security and prevention are built into software from the ground up. This line of thinking speaks very much to modern conversations around DevSecOps or shifting left to allow security measures to be built into software instead of added later. Remember when I talked about 2nd Generation DevOps back in our introduction post? This conversation was happening back in 2017, and it’s only more relevant today.
Indeed, Mark talks about this “ruggedness”—this structural focus on safety and security—as a marker of quality. And look, our next chapter is Chapter 11: Quality!
—
Introduction & Chapter 1Chapter 2: Kept from the TableChapter 3: A Nimble Approach to the TableChapter 4: PlanningChapter 5: RequirementsChapter 6: TransformationChapter 7: Enterprise ArchitectureChapter 8: Build Versus BuyChapter 9: Governance and OversightChapter 10: RiskChapter 11: QualityChapter 12: Shadow ITChapter 13: The CIO’s Place at the Table & Chapter 14: Exhortation and Table Manners
Lucy is the Marketing & Social Media Coordinator at IT Revolution. She has a background in writing, marketing, and business.
No comments found
Your email address will not be published.
First Name Last Name
Δ
As we reflect on 2024, we're proud to share a year marked by groundbreaking…
"This feels pointless." "My brain is fried." "Why can't I think straight?" These aren't…
As manufacturers embrace Industry 4.0, many find that implementing new technologies isn't enough to…
I know. You’re thinking I'm talking about Napster, right? Nope. Napster was launched in…
