How to Deliver Resilient, Secure, Efficient and Agile IT Systems in Line with CISQ Recommendations


Dr. Richard Soley, Chairman and CEO, Object Management Group

This paper is a seminal work on the requirements and approach needed to build secure and resilient software. It was written to help CIOs, CTOs, Enterprise Architects, Application Owners, and IT executives take the next step toward an effective software quality policy.

In complex software applications, the same piece of code can be of excellent quality or highly dangerous. So, excellent code quality within an independent program does not guaranty a resilient, safe and efficient IT system. Correlations between architectural programming mistakes and production defects unveil something counter-intuitive. Studies show that basic coding errors within a program account for 92% of the total errors in source code but only account for 10% of production defects. Yet, software flaws at the Technology and System Level account for 8% of total errors, but consume over half the effort spent on fixing problems and lead to 90% of the most serious production issues.