In his Behaviorally Speaking series, Bob Aiello discusses hands-on software configuration management best practices within the context of organizational and group behavior.
Application lifecycle management (ALM) and IT infrastructure library/IT service management are two halves of the effort to successfully develop and deploy technology solutions. ALM provides extensive guidance from requirements tracking through development, testing, and application deployment. ITIL does not provide guidance on software development, although otherwise it essentially picks up where ALM leaves off—to provide guidance on managing ITSM, including help desk (e.g., incident, problem management), along with change and release management. Together, they provide the guidance that you need for successful software and systems development. Read on if you want to understand how to successfully implement ALM and ITIL together to support your technology efforts
Remember the SDLC?
Early in my career, I worked to develop and implement robust software development lifecycles (SDLC) in private business organizations. SDLCs define the phases of the software development lifecycle and clarify what we need to do on a day-to-day basis to successfully develop a technology solution. This work was often frustrating when the SDLC did little more than sit in a binder on someone's shelf gathering dust. It was clear to me that the SDLC was developed to assure senior management that everyone knew what he was doing and, more importantly, that the project would be approached with a robust repeatable process. Soon I learned that defining phases isn't enough to successfully implement an SDLC, you need process automation, as well.
Automating the Process
Developing technology solutions can be a complex and stressful endeavor. Under fire, it is tempting to cut corners and it’s often necessary just to stay above water. Using a process automation tool can help by establishing checkpoints and controls to track and enforce completion of each step as planned and specified by the SDLC. ALM has taken us to a whole new level.
ALM Raises the Bar
ALM offers a lot more than the old SDLCs that I grew up on (and loved so much). ALM encompasses both a wider focus and dependence upon tools as being implicit in the process. This makes a lot of sense, because process automation cannot be traceable and repeatable without robust tools to support the software and systems lifecycle. ALM integrates the requirements management effort to the test case management work through tools integration and open standards. Source code management solutions trace changesets to the workitems (e.g., defects, tasks) that authorized the work. This integration continues throughout the lifecycle—including application release and deployment tools automation—into what I often call the deployment framework
ITIL provides valuable guidance that includes software asset and configuration management (SACM); change and release management, with an excellent description of implementing configuration management databases; definitive media library; and the configuration management system. There is much confusion about what these functions involve and how to implement the necessary tools to support them. (I provide guidance on implementing these functions and tools in my book Configuration Management Best Practices: Practical Methods that Work in the Real World, Addision-Wesley, 2010). ITIL's scope and focus is on IT service management and provides little support for software and application development. This is where ALM and ITIL complement one another; they form two halves of the software and systems development cycle.
IT Governance and Compliance
Many of us work in organizations that need to pass an audit, not to mention comply with federal laws such as section 404 of the Sarbanes-Oxley Act of 2002. ALM and ITIL can help explain how to implement the controls needed to comply with these regulatory requirements.
ALM and ITIL provide considerable guidance that can help you implement a comprehensive software and systems development lifecycle. Your organization would benefit from implementing these best practices, especially if you need to meet regulatory requirements or perhaps pass an internal audit once in a while. Your journey needs to focus on improving productivity and quality throughout the entire application development effort.