Release Management:
Closing the Gap in Application
Lifecycle Management
Executive Summary
Businesses are struggling to keep up with the massive amount of change to their
software applications. According to Gartner, documented requests for change (RFCs) can range from 300 per month for a small company to more than 5,000 per week for a Global Fortune 500 enterprise.
Most businesses have invested in automating their development processes. But few have automated the most critical part of the application lifecycle: release management.
Release management is the process of deploying application changes into production without disrupting the business. But the process, for the most part, remains manual and inefficiently connected to the rest of the application lifecycle, leaving a critical gap between application development and operations. Beyond the risk of lost revenue and damaged business reputation, the release management process is often wasting millions of dollars in staff time as people struggle to keep up.
By strategically automating the release management process, you can create a crisp, accurate process that dramatically boosts the competitive edge you get from application change. You optimize the path to production. You reduce your costs and your risk. You control your changes, improve business availability, simplify software audits, and free up staff time.
One Serena customer estimated that its weekly Release Management meeting ate up $1 million a year in staff time.
Why Release Management is Critical to the Business
Today, businesses can succeed or fail based on how distinctive their software applications are – and how quickly developers can change the applications.
As a result, the pace and the volume of application changes are often challenging – and sometimes overwhelming.
For example, the development organization of a leading international bank submits more than 485,000 component builds, processes 190,000 package promotions, and installs more than 800,000 component versions each year.
“Application changes” can be anything from entirely new applications, to software updates required by law (to meet new privacy regulations, for example), to small but critical fixes for repetitive problems identified by the Help Desk.
Release management is the most critical part of the application lifecycle. It’s the “last mile” between development and production (the business). Nothing changes in the business until you put the code into production.
Unfortunately, the release management process is often the most vulnerable part of the application lifecycle, for two reasons. First, the process is complex and involves many different kinds of people. The release management team is essentially responsible for making sure that the entire application development organization – from requestors to developers to QA to operations – has done its job. Second, the process is typically the least-automated Application Lifecycle Management (ALM) process, mostly due to the difficulty of automating across departmental boundaries.
Release managers often rely on spreadsheets and word processing documents for information, and on email and long, all-hands-on-deck meetings for communications and tracking. Deploying changes into production relies on manually written scripts, on heroics by experienced “wizards,” and on inherently fallible human beings. The whole organization is inefficiently connected to the rest of the application lifecycle.
Results are inconsistent and quality is generally poor, in spite of the tremendous number of people working on the problem. And adding more people doesn’t alleviate the problem; on the contrary, it will usually aggravate it. Because the release process is manual, most of the steps involved consist of checking that someone carried out previous steps correctly. In short: most of the time and money goes into error-checking people, not the product (the code).
This is clearly very costly. For example, consider the release management process in a large pharmaceutical company. It covers six large sheets of paper, and three-quarters of the steps involve manually checking that previous steps were carried out correctly. However, many businesses are reluctant to try to “fix” their release management processes because of their complexity (see Figure 1). They worry about making the problem even worse and successful releases even more difficult to accomplish. This is where automating release tracking, approvals and deployment can really help.
Figure 1: This figure shows the release management process in a typical company. The process is incredibly complex, crossing organizational boundaries and involving many dependencies. The release management team is overworked. Release managers, the point people, are overloaded with information and constrained by basic tools such as spreadsheets and word processing documents. They are constantly interrupted by others – inside and outside the organization – for status updates. The entire process is people-bound, inefficient and risky. As you can see from this picture, adding more people won’t solve the problem. In fact, it may make it worse.
A Dangerous Gap
Poor release management can create a dangerous gap in ALM – a gap where businesses can least afford one: between development (theory) and operations
(practice). This gap may not be evident until there’s a problem – for example, a change knocks out the production environment for an hour (or for an hour that stretches into several while the team backtracks to find the root cause).
And then it’s painfully evident. A big problem can result in lost business and angry customers – even fines in some cases – and occasionally get a CIO fired if the problem is egregious or well-publicized. But even small problems can take the business offline or can become noticeable to customers.
Beyond lost revenue and damaged reputation, the release management process is often wasting millions of dollars in staff time as people struggle to keep up.
For example, one Serena customer estimated that its weekly release management meeting ate up $1 million a year in staff time; in fact, they used to call the meeting the
Ops Business Manager
Business Units
Business
Development
Ops
Data Center Distributed Mainframe Relationship Manager Auditor Release Manager CAB -Number of Reviews -Time for Reviews
Create RFC Change
Build Deploy Test Deploy Prod Dev QA
“million-dollar meeting.” Another customer learned that manual processes that worked when its banking application ran on 30 databases simply couldn’t handle 170 databases, no matter how many DBAs they put on the job; the window of time was just too narrow. A business change such as a merger or acquisition can throw established processes into turmoil.
Businesses need to turn release management from a chaotic, reactive process into a structured, proactive process. Heroics are inefficient, risky and no longer affordable.
The Solution: An Automated, Process-Oriented Approach
Fortunately, there’s a way to close the gap. It’s not a quick fix; it does involve process change. But it builds on the investments you have made in process change in other areas of the application lifecycle, with ITIL (change management) and CMMI (application development). And you can start with manageable, incremental changes.
Automated, process-oriented release management automates, connects, and controls the Release Management process (see Figure 2). It uses intelligent task automation, an XML-based framework with central data repository, federation, Web services, and Web-browser dashboards.
Using this approach, you can:
• Integrate release management smoothly into the rest of the application lifecycle. You can capture critical release information at the earliest possible point (demand management and change requests) and extend it through production deployment and validation. You maintain the information in a central data repository, while the source data (code and code artifacts) remains in its originating systems. You create an end-to-end, data-driven process that eliminates communications disconnects and ensures continuity. You gather tribal knowledge from the heads of experts and capture it in documented processes, which are then enforced by means of automation (including electronic signoffs).
• Offload repetitive, mind-numbing tasks from people – and automate the complex, multi-step deployment processes that are so frequently the occasion for errors. • Build an automated, centrally accessible “single source of truth” about releases,
so all participants – from business requestors to QA staff to release management technicians – can see the status of a release through their Web browsers, instead of paging the release manager.
• Automatically create audit trails that can speed back-outs (by identifying root causes faster) and simplify audits (eliminating all-hands-on-deck fire drills).
• Foster continuous process improvement, by having hard data about release management and the automated tools to analyze it.
By automating the process to this level, you reduce reliance on inherently fallible human beings. You reduce human error, prevent inefficient or botched handoffs, create repeatable steps, shorten deployment windows, and stop the insanity of having humans manually double-check other humans.
The Choice: Control Application Change or Let it Control You
By strategically automating release management this way, you can create a crisp, accurate Release Management function that dramatically boosts the competitive edge you get from application change. You can optimize the path to production.
The choice is yours: control application change or let it control you.
Serena Software can help make this a simple decision. We’re the recognized experts in automating change management. We’ve been helping customers automate Change management for the last 30 years and release management for the last 10 years with great results, beginning with their mainframes. We understand how applications are built and deployed. We continue to extend release management deeper into the application lifecycle, and we have a several-years technology lead over our competitors.
By strategically automating Release Management, you can make it:
• Visible • Accountable • Traceable • Auditable • Repeatable • Predictable
