Right now I’m working on an application portfolio management project for a local government, and it’s got me to thinking about previous application portfolio management projects that I’ve worked on. In particular I find myself thinking about a project in this space that I worked on 7 years ago for a transportation company, and the differences between the two projects. Some of them are to be expected. For example, the core applications are different – in transportation the reservations system is the 800 pound gorilla, in my local government customer it’s the revenues and benefits system – and some of the core constraints and governance structure is different, for obvious reasons relating to the nature of the organizations themselves.
But at the same time, the nature of enterprise ICT has changed in the intervening period, changing the landscape not only for applications, but for application portfolio management.
The most obvious change here is the rise of cloud computing. The first aspect of this is the move to organizations having specialist outside organizations host their applications. Examples are Amazon’s Elastic Cloud Compute platform and Microsoft’s Azure Virtual Machines. This has two important aspects for application portfolio management. First of all, the risk profile of each application is going to vary, not least because of concerns around offshore data housing. Second, it makes it that much easier for significant shadow applications to appear within the enterprise.
A related case to cloud computing is the growing use of independent online services, some of which may be mandatory (for example, the use of systems such as e-verify in the USA and EAS in the UK, to check that workers have authorization to work). But other services such as Google Maps form a key part of some organizations operations nowadays. This raises some interesting questions as to how to classify applications - is the aforementioned Google Maps an application in its own right? It also makes the assessment of technical fit and roadmapping that much more interesting – how locked in is the organization to the vendor of this service?
Use of online services also affects the ability to assess applications and to roadmap rationalizations. Even if such a service operates as part of an overall application, understanding the interface and APIs it offers has significant implications for assessing technical fit and risk – and assessing possible costs of replacement with a different service.
A related change to these trends is that end users are more empowered and expect a much greater degree of involvement in IT decisions than before – or else they’ll go elsewhere and find their own solution. Shadow IT has become a notorious challenge for some organizations to grapple with. So an APM effort requires greater involvement with end users than before, both in terms of surveying and identifying applications, and in terms of defining and implementing any rationalization suggestions.
All these factors might be one reason for an interesting gap in the constellation of standards and frameworks that exist – I’ve yet to see anything like an industry framework for application portfolio management. Of course consultancies and vendors are going to want to keep their intellectual property to themselves, but that hasn’t stopped the emergence of frameworks in a whole host of other areas of IT management. We’ve got frameworks for governance and for enterprise architecture, and standards for process modeling and for architecture modeling, and reference models for telecoms and banking and government… yet we seem to have nothing (that I’m aware of) for APM. But I’m convinced that this is unlikely ever to happen, and it’s not just because of changing technology, but for fundamental reasons regarding the nature of applications themselves.
In my next article, I’ll be explaining precisely why I think this.