Professional Documents
Culture Documents
QDigitz
QDigitz
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Assuring DevOps
variations and contexts involved, activities and
outcomes involved, there is a role for Quality
Analyst to perform constructively,’
Delivers Well!
DevOps Focus
DevOps Excitement DevOps implementation in Engagements has
several key driving factors. However, few of the
important drivers are,
urpose
P
Culture
Automation & Environment
Architecture
DigitQ.in
Q!Digitz Vol 1 Aug 2019
It depends on how compatible each of the The human e ort, prioritization and application of
software packages is and how they get upgraded skill to develop product/application features to be
and what trainings we provide to people. Also, paid adequate attention. Application of the Agile
there is someone to monitor the pipeline runs method helps stories/smaller functionalities,
without issues. Next comes Architecture with simpli ed development cycle and supports
Micro-service architecture, dockers, shipping ,etc continuous integration. Agile Methodologies
where the architectural team has to take complete (Kanban, SAFe, etc can well manage the upstream
advantage of the model and the environment they part of development). This improves the
use. These drivers also help a quality analyst know application of DevOps automation , as periodic
, each part has a role, failure points, needed delivery and deployment is possible with
improvements, monitoring performances, automated pipelines.
veri cation and validation needs.
A Quality Analyst can spend adequate time in
There are multiple context exist when we talk The regression test cases release schedules to be
about DevOps, so here we will take the case of maintained for the context. In addition, usage of
DevOps engagement using Agile Practices and cloud should control security practices to ensure
Cloud Environment for development and delivery. authentication & it maintains authorization
The Engagement has to ensure it has the practices.
environment as per its expectations achieved and
they sign Performance SLA with cloud providers. Continuous monitoring of the deployed code and
The licenses needed for the tools are managed by addressing of the incidents can be handled as per
cloud provider or any of existing licenses will be typical IT service management practices.
used from organization has to be decided. We Continuous improvement plays an important role
design the work ow architecture with the number in reducing the waste and minimizing the failures
of user, server required, tools con guration to at any stage. In one case, we saw there were too
enable the pipeline set up. Automating the many quality gates and approvals, which delayed
work ow of development and delivery doesn’t & denied the faster deployment bene t itself.
mean the requirement, design and coding will get
automated.
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Quality Assurance in
as the context variation and need variation will
evolve; hence the following shall we shall check
e ned Work ow
D
Pipeline con guration blueprint/architecture ccess to Tools–log
A
Work instructions of pipeline Security key storage
Training material/Guideline Licenses management
SLA for cloud( as Applicable)
Veri cation & Validation in Development practices
shall have the following: Monitoring of the pipeline and health of the
pipeline to be checked with the following:
DigitQ.in
Q!Digitz Vol 1 Aug 2019
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Quality is
focus to enable the project team to succeed in
their work. Let the delivery model be any there can
be two ways in which we can look at quality
Retaining Clients assurance, a) circle of risk and b) circle of
improvement. Often we believe the project is
stable, so assurance team has nothing to do or the
Business Value of project is in re ghting so they don’t want
assurance person to visit them. Both scenarios
Quality show how missed the chance to in uence and
deliver better. Most assurance teams get confused
The contractual terms and delivery models have in setting up a clear focus and how to build on to
drastically changed with technology upgrades. The it.
challenges faced by Quality Assurance few years
before is no longer seems to be critical. The
To make the case simple, we will assume the
involvement of the client in delivery has brought
clients give us 3 or 5 year contract of digitizing
in better functionality delivery and control over
their application portfolio and mange the existing
milestones. Quality Assurance in many
Infra and applications. The focus for the
organizations focused as multi-point weighted
assurance team should be progressive quality
activity, where we try to cover each and
assurance to enable the project to develop
everything.
abilities and perform to the context and build
maturity. The result would be obvious; the project
However, the critical focus areas have loosened shall be able to renew the contract successfully
up, as the defect or schedule slippage is not the with the client irrespective of market competition.
concern, but few others are. So, we have Quality The progressive journey of assurance is not an
Assurance which has no focus, but delivers accident, but a strategy to build focus and abilities
compliance score. In some places, it is a just task to perform in the next level.
by task observations and misses the point. So
where is the Business Value Addition from
The Assurance roadmap shall enable stabilizing
Quality? Can quality assurance have a critical
the account and converting the account to
focus and show how it's important? We will
capable. From there lead towards contract
discuss here.
renewal.
Strategizing Focus in
Project
DigitQ.in
Q!Digitz Vol 1 Aug 2019
In the progress of unstable account to stable We focus circle of Improvement on improving the
account, the application of “Circle of Risk” as a performance to move from the stable state to a
focus is critical to address the challenges and capable state , where client expectations are
make compliant and productive outcomes. In the ful lled e ectively and e ciently. The circle of
progress of Stable account to Capable account, the improvement is about using opportunities and
application of “Circle of Improvement” is critical to being foresighted to achieve the results and
address the opportunities and excel the getting ready for renewing the contract.
performance.
The faster we achieve stability by applying the
Circle of Risk and circle of risk, the more cycle time is available to
improve the performance with the circle of
DigitQ.in
Q!Digitz Vol 1 Aug 2019
I ndustrialization These data are vital for the client and for the
Automation organization to know and take any calculated risk
Knowledge Database & Reusable in the delivery and pricing model. Every
Components organization undergoes many changes in a few
Tools Enhancement years of the contract period of the project; hence,
Technology upgrade there can be many new improvisers or changes
Innovation available to the project team. These has to taken
Process changes & Upgrade in to consideration as improvisers. Ideally, 5 to
Client intimacy 20% cost reduction of a similar scope is possible
Continual Improvement with the improvisers and people's knowledge gain.
Simpli cation & Integration
Cost Saving The assurance team not only baseline and
The more year on year savings and make the supports in the binding of improvisers from
project ready for contract renewals are done with multiple corners, they also can take part in
the above given practices. developing process architecture, building request
for proposal components and involve in due
diligence participation. The assurance team can
Contributing in review the delivery model for successful delivery.
contract renewal
This is not about communicating what certi cation
Roadmap to Renewal
in assurance the organization has to a client. It's with Assurance
about building on to the “Circle of Improvement”
to focus on competitive and unique solutions for Contract Renewal is not the last 2 months
the contract. The assurance team can play a vital performance based activity, but it’s the outcome of
role in the contract's journey renewal process. client realization of service/product of quality for
the given cost and meets their business need. The
project has to cross the hurdles of instability and
reach stable delivery and then reach performing
state. The Assurance team has to ensure these
transformation happens and the goal they want to
achieve is , to enable renewing the contract. Its
easy to loose the path or relax by delivering in the
same manner, however this wont make the
organization has the undeniable leader to get the
contract renewed.
Taking ahead from Circle of Improvement , the last
6 to 8 months ahead of contract renewal time, it's
The Circle of Improvement and combined Contract
important that we start baselining the project
renewal focus can get enormous success.
parameters.
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Cooking an
This is possible, as we like few abilities and
characteristics across the regions. Does this mean
the globally successful products are successful in
Arti cial every region at the same level, and are they better
successful than regional products? The answer is
Recipe for Client common always. This is the reason I feel A. I recipe
is better suited for making the service for client
Delight
delight.
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Instead, we can apply machine learning technique For example, we might get the result like in 15
like Decision Tree. As said earlier, we believe we percent of client dissatisfaction the key
have a reasonable amount of data for us to combination of drivers were, Private Sector >
construct the decision tree. The data shall have aerospace> product development> Germany>
relevant characteristics (Drivers) like Sector Cloud Technology> Time & Material > Incremental
(private vs public), Domain (Healthcare, aerospace, models. In this when the incremental model
etc), Type of service (Application maintenance, changed to Agile, the value is much lesser.
Product development, etc), Region (countries or
states), Technology (Digital, cloud, big data, Such insights about client satisfaction are gold for
mainframe, .Net, etc), year of contract (1st year, any quality or delivery person to work towards
2nd year, etc), Type of contract (Fixed price, Time building a better recipe for developing software
and Material, etc), Method (Agile, DevOps, with the client. The strength of these machine
Incremental, etc) and many more relevant data. learning models is that it can read a volume of
It's always certain there will be few who will look data and correct the learning to give better
for a pattern in every organization, however results.
pattern in a condition of other variables are
di cult for simple visual inspection. It needs
better application models like a decision tree to
The application of Decision Tree is only an
provide insights and give results quickly. To know
example, like that they are many algorithms exists
more on the decision tree, watch the youtube
which are better or comparative. The reason we
video https://youtu.be/DCZ3tsQIoGU.
are talking about it here is, that we as a quality
analyst shall not just baseline client satisfaction
We can use the existing data in the organization for and leave it there. We can predict the behavior
training the decision tree and for this we might split and we can nd the in uencing characteristics
2 parts for training and 1 part of data for testing. which makes the good recipe for client delight.
We can use the Scikit learning library with Python Let's explore A.I for application in Quality Engine.
for supervised and unsupervised learning of
data. The decision tree was established and
visualized with the decision branches. The nodes
from which the branches starts are the drivers
which we need to watch out for and their values
which leads to client dissatisfaction shall be
controlled or actions to be taken to balance it out.
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Agile Culture
way IT and business interacts, which will fetch
quality deliverables to business with speed to
market. Building the right skills on emerging
adoption and technologies with combination to team
restructuring will bring in more awareness about
contentment
Author – Aarti Patil
DigitQ.in
Q!Digitz Vol 1 Aug 2019
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Managing
with their on-premise IT System is also when they
know their landscape of IT well and then not
having much clarity on Migration and what kind of
E ective Cloud outcome they can see with less pain.
Migration with QA
Validations
Cloud will cover the IT world soon, with 60%
global market growth in next 3 years and 80%
organization to move to cloud by 2025(Reports
from Gartner and computer world UK). Many
organizations have principally embraced the
cloud, but often there is one challenge ‘The Detail’. Cloud service providers understand the problems
Organizations choose cloud for multiple reasons and expectations of the organizations. Most of the
including data center reduction, increase global top service providers have come out with their
presence, need of processing power, cost bene t, own migration life-cycle with phases and
etc. As they move from principal agreement to the deliverables list. They start from an initial
evaluation of public or hybrid cloud service assessment to the tool which can simplify the
providers and services they need, they have to get migration activities. These are important to boost
in to detail. the IT team’s con dence in the Business
Organizations. However, migration is not a simple
process even with current level of capabilities,
hence a stronger life-cycle based phased
The details include the various applications,
approach can enable smoother migration.
servers, dependent con gurations, criticality,
compliance, users, etc. Getting an understanding
of their own IT systems and their criticality takes
adequate time. Then they need to prioritize what
applications or servers have to be moved to cloud
rst. Which also involves who is the cloud service
provider and what kind of migration support they
will provide.
DigitQ.in
Q!Digitz Vol 1 Aug 2019
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Check for the updated list of migration ready Post Migration Report & Acceptance
components/server/data/application
The success criteria meeting, performance
Pilot Report (As Applicable) measures, recorded issues/resolution, etc. Check
for the approval.
Check for Go/No Go Decision and the
challenges/risks & lessons learnt documented. The Pre & Post Migration Technical Review Checklist
lessons to be taken to migration activities.
Check if the project team used the pre & post
Migration schedule migration checklist & any tool for evaluating the
migration. Also, the checklists are used in the
Check for the intermediate milestones and project.
percentage completion planned. Check for
dependencies identi ed for meeting schedules Migration Metrics
and the risks.
Agree with project on the migration metrics and
Master list with con guration details and Status review the data on a monthly basis/ biweekly
(&/) Run Book basis. De ned threshold and violations supported
with analysis
Check for the schedule, Status of Migration,
Pending issues, Runbook - Detailed steps/activities The checks on the above given activities and
with con gurations & checkpoints & status detail deliverables will enable the cloud migration to
resolve the challenges quickly and to have a clear
Test Report view on work items progress. Often migration is
the process weakly addressed after an
enthusiastic start. Then based on time availability,
Check for the functional, security, and the depth of migration happens in the accounts,
performance test cases and the test report
which often impacts the quality of migration. So
it's important for us to ensure a right level of
Cut Over Plan progress happens in every front in migration. The
above given thought process can help in building
Check for the Readiness and Roll back plan. stronger connect.
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Agile @ Scale–
Agile is here to stay and now almost 9 years in that
line, it's seen that Agile has stayed and now Agility
has taken up predominant importance at next
What does it levels as well i.e., Agile @ Scale.
Think Large
celebration for every stakeholder associated with
the project for the success they had experienced
through Agile life cycle.
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Design Ways of
Working across all
Agile Teams
While di erent Scaling models like SAFe, LeSS,
Nexus etc would provide guidance on what
practices needs to be de ned, how the team
needs to be structured, how the practices needs to
be implemented etc, as a quality professional we
Always Derive Quality themes and quality still have a lot of work to do for setting up of Ways
strategies for the large program at the overall of Working within the team.It starts right from
account level. Never start at the team level to de ning and agreeing with all scrum masters,
establish quality goals. This is one mistake we do product owners etc on what standards to follow
when we support large programs for quality (eg: development framework, defect tool, testing
assurance. We start o small- trying to de ne a tool, etc) to de ning collaboration mechanisms for
governance plan, tailoring of the processes, various roles within the teams ( eg: between
establishing a measurement system etc for the solution architects, between Business analysts
rst scrum team and then when another scrum etc).
team onboards, we repeat the same process.
It could also be simple things like what should be
Slowly, we realize that what ts one team is not the defect status work ow while tracking defects.
tting another. And it leads to chaos in the middle For eg: if there is a visual board which is decided
of the program execution. So always look at the to be used by one scrum team for tracking, ensure
account/program understand what the Business it gets used in a similar fashion across all teams. It
Organization and technology goals are and then will help remove many overheads during program
derive the Quality themes and strategy such that it level metrics tracking.
gets embedded within the overall account
strategy. When the themes are set at larger
Bigger the team, they require the better
program level, it ows in as quality goals to
facilitation skills to bring every stakeholder to the
individual scrum teams and the focus and
table and agree on the Ways of working for the
importance is in built into the processes itself. Eg:
team. It doesn’t just stop there, once it's agreed, it
De ne KPI for UI/UX teams or test automation
becomes a prime responsibility for the QA
teams; Establish Feedback mechanism at various
professional to determine how it needs to be
levels, etc
introduced to the newly added teams, how they
are trained, and how we monitor the quality and
progress throughout.
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Identify systemic
failures
Establishing ways of working also leads to the next
imminent step of managing its implementation.
One of the obvious ways to do this is by
monitoring and understanding the quality trends
from di erent teams. As a QA person, we are
uniquely positioned to see the complete big
picture using the parameters from all the teams
and can assess the overall system quality.
DigitQ.in
Q!Digitz Vol 1 Aug 2019
DigitQ.in
Q!Digitz Vol 1 Aug 2019
The auditor here can ask for the inventory of the he auditor should verify the contract to
T
mandatory compliance needs of the bank. understand services o ered by the CSP and
Depending on the business needs, there could be its impact due to outages.
set of compliance needs common across all banks Geographical diversity of data center
and the rest would be case basis for the speci c architecture and its fault tolerance.
bank. Availability management processes of CSP
and BCP of CSP.
re all the regulatory and compliance needs
A Impact of non-availability of the database on
satis ed by the CSP? How can that be application and transactions in process.
veri ed? What communication mechanism is agreed
Would the CSP provide certi cates that between the CSP and Bank in case of such
validate adherence to compliance needs? outages.
Extending on the same lines whether the Impact analysis by the bank which has
CSP can be audited? helped to establish the RTO and RPO
With the banks, the challenge gets more baselines and the subsequent agreement by
tough. With increasing globalization and CSP.
changing nancial scenarios, certain Contingency plan developed by Bank for
compliances not applicable may become outage periods.
mandatory in the near future. For these Interoperability and Portability
scenarios, would the CSP have the ability to
comply and provide support?
In the fast-changing business landscape, they may
So, in this community cloud, an auditor needs to sometimes require it to change the CSP. There
focus on speci c compliance needs of the bank could be multiple reasons for doing so. In these
and the controls CSP deploys for the assurance. scenarios, it makes sense to assess portability and
interoperability. Not doing so may cause a risk of
Reliability and Availability - In the digital age and being stuck to the vendor.
with features like mobile banking, availability of
the applications becomes a very critical factor. From an IaaS perspective, the storage capability of
CCID (Cloud Computing Incidents Database) has the CSP would be of highest concern.
shown Cloud outages ranging from few minutes to Interoperability would not be a major issue with
48 hours, which amply shows Cloud is not immune IaaS because the banks would own applications
to outages. themselves. Hence, there would be no impact on
application interfaces.
In our example of IaaS for Community Banking
Cloud–IaaS delivery model would be used for
computing, storage infrastructure along with
certain services like account management,
message queue service, database service, etc.
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Physical Security
Network Security
DigitQ.in
Q!Digitz Vol 1 Aug 2019
DigitQ.in
Q!Digitz Vol 1 Aug 2019
DigitQ.in
Q!Digitz Vol 1 Aug 2019
Comparative
Productivity Gain
The context of projects where we apply RPA varies,
and it’s tough to have like-to-like comparison. The
simpler way to handle this problem is to compare
the e ort spend to do certain tasks with the known
level of quality and then after implementation of
RPA what is the level of e ort spent to do the same
task with same scope and to the same level of
Quality.
DigitQ.in
Q!Digitz Vol 1 Aug 2019
This would ensure the boundary of operation In a better way, we can go for cost reduction by
remains the same and the parameters are also introducing RPA services. In this model, it did the
remained the same, as we measure the e ort work before the RPA period for a scope with a
impact. certain cost and after RPA it reduces the cost. The
In this model, we measure the outcome produced cost computation here will consider all the cost
and e ort spent together. involved in Initial and Operational cost of the bot.
DigitQ.in
Q!Digitz Vol 1 Aug 2019
My Corner!
DigitQ.in
Q!Digitz Vol 1 Aug 2019
DigitQ.in
Q!Digitz Vol 1 Aug 2019
DigitQ.in