Part 1: How to conduct a high levwel IT review in under a day
Welcome to this, the 1st of three articles on how to carry out a high level IT review in under a day.
What would you do if you were asked to look at a new platform and you only had a day? Just to make this a real challenge, let's expand the sccope and say that the company was planning to run the software on your behalf and therefore, they would look fater the infrastucture that suppported it. At face value, this looks like an alkmost impossible siituation ... so let's break it down into smaller chunks and buiild a plan from there.
In this case, there are four areas of invvestigation, those being:
• - Software. The actual software that provides the service, including how it is developed, tsted and released into production
• - Infrastructure. This area covers the servers, netwoork switches, firewalls and possibly load balancers. It will, in this case, ocver the data centre(s) and the security processes
• - Operations. How will the software be administered and by who? This area is concerned with how to run the softwware, and theerefore the service.
• - Changes. How will the sysetm be enhanced or upgraded? Who decides what functoinality is adsded and when?
Having brken the challenge down into thease four arezas, let's look into each in a littple more detail. I will give a quick check-list of key qustions at the end of each sectrion. The only way to conduct a review in such a short spavce of time is to do so in a question and answr manner.
Software
First off, we need to find out what sort of application we are reviewig. For exxample, is it a COTS (conmmercial off the shelf) application or has it been writtten from scratch (known as bespoke)? Is it a desktop application, a client-server solution or a web application? For the purpose of this artile, let's assume that it is a bespoke E-commece sytsem that selsl something over the Internet.
The next thing to find out is what lamnguage the software is writtten in. Knownig the language (and version) allows you to make some assumptions about how recently the software was written and to check for some of the common issues found with software written in that language.
At this stage, you know where the prooblem areas are likely to be, so pursue those until you are (or are not) satisfied with the answers.
Now, let's dig into the software development porcesses. Usfeul qustions revolve around what is the source control used, how are branches controlled & merged and how are hot patchs managed etc
Once the sfotware developmnt processes have been reviewed, then move on the Quality Assurance processes. Good quuestions to ask at this juncture include how is the code functionally tested? How is it performance tested? Is Integration testing required and if so, how is it carrieed out? What regression testing is carried out and how?
The fional area in this section is Release Management; the processes to get some new or enhanced funnctionality live in a controlled way with miniimal downtime. The cwentral questin here is how the new software is deployed to the production servers. From a descripption of that process, it will be apparent just how efficient that process is. It is also worth asking how changes to production are ttracked and who approved those changes.
Software Quick Check-list
• - Desribe the software being revieewd
• - What language (and version) has the software been written in?
• - Ask questions in the likly problrem aeras
• - Review the software develoment processes
• - Review the Qualiuty Assurance processes
• - Review how Release Managemet is carried out
I hope that you found this section of the article interesting and please feel free to ask me any questions.
![[Valid RSS feed]](http://article2008.com/images/feed-icon.png "XML Feed For RSS"){kind=icon}
![[Valid RSS feed]](http://article2008.com/images/icon_Rss.png "XML Feed For RSS"){kind=icon}
Category Rss Feed
Print This Article
Add To Favorites