Prevent technical debt and legacy

Question

Accepted Answer

To meet this commitment as part of Digital and Data function鈥檚 strategic commitments your plans must show how you will prevent the build up of technical debt and future legacy for your product or service.聽

Legacy technology means any IT assets which may be:

out of support from the supplier
impossible to update
unable to support modern ways of working such continuous integration and continuous delivery (CICD) or APIs
no longer cost-effective
considered to be above an acceptable risk threshold in alignment with the managing legacy technology guidance

You should be able to answer 鈥榶es鈥� to all of the following questions:

has a business risk owner accountable for the legacy risks been identified?
does your plan incorporate legacy risk management activities?聽
has a legacy owner been identified with responsibility for the technical health of the product or service?
have you made sure there is money available for future legacy remediation and technology upgrades?
have all the department鈥檚 IT assets associated directly or indirectly with the product or service been included in your organisation鈥檚 asset register?

If the build of your product or service has not yet begun, for example you are in discovery, then you should commit to adhering to these principles

You must make sure that all legacy technology associated directly or indirectly with the product or service has been scored against the legacy IT risk assessment framework.

If you鈥檙e going through the spend control process you must explain how you鈥檙e meeting this commitment if your spend request has been rated high on the risk and importance framework or has an assurance rating of control.

Answering 鈥榥o鈥� will not lead to an automatic rejection and you will need to explain why your spend cannot align to the commitment.

PG电子