4 Rs for Scaling Outsourced QA. The first steps towards a rewarding engagement

Expanding nature of products, need for faster releases to market much ahead of competition, knee jerk or ad hoc reactions to newer revenue streams with products, ever increasing role of customer experience across newer channels of interaction, are all driving the need to scale up development and testing. With the increased adoption of DevOps, the need to scale takes a different color altogether.

Outsourcing QA has become the norm on account of its ability to address the scalability of testing initiatives and bring in a sharper focus on outcome-based engagements. The World Quality Report 2020 mentions that 34% of respondents felt QA teams lack skills especially on the AI/ML front. This further reinforces their need to outsource for getting the right mix of skill sets so as to avoid any temporary skill set gaps.

However, ensuring that your outsourced QA gives you speed and scale can be a reality only if the rules of engagement with the partner are clear. Focusing on 4 R’s as outlined below while embarking on the outsourcing journey, will help you derive maximum value.

  1. Right Partner
  2. Right Process
  3. Right Communication
  4. Right Outcome

Right Partner

The foremost step is to identify the right partner, one with a stable track record, depth in QA, domain as well as technology, and the right mix of skill sets across toolsets and frameworks. Further, given the blurring lines between QA and development with testing being integrated across the SDLC, there is a strong need for the partner to have strengths across DevOps, CI/CD in order to make a tangible impact on the delivery cycle.

The ability of the partner to bring to table prebuilt accelerators can go a long way in achieving cost, time and efficiency benefits. The stability or track record of the partner translates to the ability to bring onboard the right team which stays committed throughout the duration of the engagement. The team’s staying power assumes special significance in longer duration engagements wherein shifts in critical talent derails efficiency and timelines on account of challenges involved with newer talent onboarding and effective knowledge transfer.

An often overlooked area is the partner’s integrity. During the evaluation stages, claims pertaining to industry depth as well as technical expertise abound and partners tend to overpromise. Due care needs to be exercised to know if their recommendations are grounded in delivery experience. Closer look at the partner’s references and past engagements not only help to gain insight into their claims but also help to evaluate their ability to deliver in your context.

It’s also worthwhile to explore if the partner is open to differentiated commercial models that are more outcome driven and based on your needs rather than being fixated on the traditional T&M model.

Right Process

With the right partner on board, creating a robust process and governing mechanism assumes tremendous significance. Mapping key touchpoints from the partner side, aligning them to your team, and identifying escalation points serve as a good starting point. With agile and DevOps principles having collaboration across teams as the cornerstone, development, QA, and business stakeholder interactions should form a key component of the process. While cross-functional teams with Dev QA competencies start off each sprint with a planning meeting, formulating cadence calls to assess progress and setting up code drop or hand off criteria between Dev and QA can prevent Agile engagements from degrading into mini waterfall models.

Bringing in automated CI/CD pipelines obviates the need for handoffs substantially. Processes then need to track and manage areas such as quality and release readiness, visibility across all stages of the pipeline through reporting of essential KPIs, documentation for managing version control, resource management, and capacity planning. At times, toolset disparity between various stages and multiple teams driving parallel work streams creates numerous information silos leading to fragmented visibility at the product level. The right process should focus on integration aspects as well to bridge these gaps. Each team needs to be aware and given visibility on ownership at each stage of the pipeline.

Further, a sound process also brings in elements of risk mitigation and impact assessment and ensures adequate controls are built into SOP documents to circumvent any unforeseen event. Security measures is another critical area that needs to be incorporated into the process early on, more often it is an afterthought in the DevOps process. Puppet 2020 State of DevOps report mentions that integrating security fully into the software delivery process can quickly remediate critical vulnerabilities – 45% of organizations with this capability can remediate vulnerabilities within a day.

Right Communication

Clear and effective communication is an integral component of QA, more so when DevOps, Agile, and similar collaboration-heavy initiatives are pursued achieving QA at scale. Effective communication at the beginning of the sprint ensures that cross-functional teams are cognizant of the expectations from each of them and have their eye firmly fixed on the end goal of application release. From then on, a robust feedback loop, one that aims at continuous feedback and response, cutting across all stages of the value chain, plays a vital role in maintaining the health of the DevOps pipeline.

While regular stand-up meetings have their own place in DevOps, effective communication needs to go much beyond to focus on tools, insights across each stage, and collaboration. A wide range of messaging apps like Slack, email, and notification tools accelerate inter-team communication. Many of these toolkits are further integrated with RSS feeds, google drive, and various CI tools like Jenkins, Travis, Bamboo, etc. making build pushes and code change notifications fully automated. Developers need notifications when a build fails, testers need them when a build succeeds and Ops need to be notified at various stages depending on the release workflow.

The toolkits adopted by the partner also need to extend communication to your team. At times, it makes sense for the partner to have customer service and help desk support as an independent channel to accept your concern. The Puppet report further mentions that companies at a high level of DevOps maturity use ticketing systems 16% more than what is used by companies at the lower end of the maturity scale. Communication of the project’s progress and evolution to all concerned stakeholders is integral irrespective of the platforms used. Equally important is the need to categorize communication in terms of priority and based on what is most applicable to classes of users.

Documentation is an important component of communication and from our experiences, commonly underplayed. It is important for sharing work, knowledge transfer, continuous learning and experimentation. Code that is well documented enables faster completion of audit as well. In CI/CD based software release methodology, code documentation plays a strong role in version control across multiple releases. Experts advocate continuous documentation as core communication practice.

Right Outcome

Finally, it goes without saying that setting parameters for measuring the outcome, tracking and monitoring those, determines the success of the partner in scaling your QA initiatives. Metrics like velocity, reliability, reduced application release cycles and ability to ramp up/ramp down are commonly used. Further, there are also a set of metrics aimed at the efficiency of the CI/CD pipeline, like environment provisioning time, features deployment rate, and a series of build, integration, and deployment metrics. However, it is imperative to supplement these with others that are more aligned to customer-centricity – delivering user-ready software faster with minimal errors at scale.

In addition to the metrics that are used to measure and improve various stages of the CI/CD pipeline, we also need to track several non-negotiable improvement measures. Many of these like deployment frequency, error rates at increased load, performance & load balancing, automation coverage of delivery process and recoverability helps to ascertain the efficiency of QA scale up.

Closely following on the heels of an earlier point, an outcome based model which maps financials to your engagement objectives will help to track outcomes to a large extent. While the traditional T&M model is governed by transactional metrics, project overlays abound in cases where engagement scope does not align well to outcome expectations. An outcome based model also pushes the partner to bring in innovation through AI/ML and similar new age technology drivers – providing you access to such skill sets without the need for having them on your rolls.

If you are new to outsourcing, or working with a new partner, it may be good to start with a non-critical aspect of the work (for regular testing or automation), establish the process and then scale the engagement. For those players having maturity in terms of adopting outsourced QA functions in some way or the other, the steps outlined earlier form an all inclusive checklist to ensure maximization of engagement traction and effectiveness with the outsourcing partner.

Partner with us

Trigent’s experienced and versatile Quality Assurance and Testing team is a major contributor to the successful launch, upgrade, and maintenance of quality software used by millions around the globe. Our experienced responsible testing practices put process before convenience to delight stakeholders with an impressive industry rivaled Defect Escape Ratio or DER of 0.2.

Trigent is an early pioneer in IT outsourcing and offshore software development business. We enable organizations to adopt digital processes and customer engagement models to achieve outstanding results and end-user experience. We help clients achieve this through enterprise-wide digital transformation, modernization, and optimization of their IT environment. Our decades of experience, deep domain knowledge, and technology expertise delivers transformational solutions to ISVs, enterprises, and SMBs.

Contact us now.

Outsourcing QA in the world of DevOps – Best Practices for Dispersed (Distributed) QA teams

DevOps is the preferred methodology for software development and release, with collaborating teams oriented towards faster delivery cycles augmented by early feedback. QA is a critical binding thread of DevOps practice, with early inclusion at the story definition stage. Adoption of a distributed model of QA had earlier been bumpy, however, the pandemic has evened out the rough edges.

The underlying principle which drives DevOps is collaboration. With outsourced QA being expedited through teams distributed across geographies and locations, a plethora of aspects that were hitherto guaranteed through co-located teams, have now come under a lot of pressure. Concerns range from constant communication and interworking to coverage across a wide range of testing types – unit testing, API testing as well as validating experiences across a wide range of channels. As with everything in life, DevOps needs a balanced approach, maintaining collaboration and communication between teams while ensuring that delivery cycles are up to speed and the quality of the delivered product meets customer expectations.

Outlined below some of the best practices for ensuring the effectiveness of distributed QA teams for an efficient DevOps process.

Focus on right capability: While organizations focus to a large extent on bringing capabilities across development, support, QA, operations, and product management in a scrum team, paramount from a quality perspective would be QA skills. The challenge is to find the right skill mix. For example, a good exploratory tester; good automation skills (not necessarily in the same person). In addition, specialist skills related to performance, security, accessibility also need to be thought through. The key is to choose an optimum mix of specialists and generalists.

Aim to achieve the right platform/tool mix: It is vital to maintain consistency across the tool stacks used for engagement. As per a 451 research survey, 39% of respondents juggle 11 to 30 tools so as to keep an eye on their application infrastructure and cloud environment; 8% are even found to use over 21 to 30 tools. Commonly referred to as tool sprawl, this makes it extremely difficult to collaborate in an often decentralized and distributed QA environment. It’s imperative to have a balanced approach towards the tool mix, ideally by influencing the team to adopt a common set of tools instead of making it mandatory.

Ensure a robust CI/process and environment: A weak and insipid process may cause the development and operations team to run into problems while integrating new code. With several geographically distributed teams committing code consistently into the CI environment, shared dev/test/deploy environments constantly run into issues if sufficient thought process has not gone into identification of environment configurations. These can ultimately translate into failed tests and thereby failed delivery/deployment. A well-defined automated process ensures continuous deployment & monitoring throughout the lifecycle of an application, from integration and testing phases through to release & support.

A good practice would be to adopt cloud-based infrastructure, reinforced by mechanisms for managing any escalations on deployment issues effectively and quickly. Issues like build fail or lack of infra support can hamper the productivity of distributed teams. When strengthened by remote alerts and robust reporting capabilities for teams and resilient communication infrastructure, accelerated development to deployment becomes a reality.

Follow good development practices: Joint backlog grooming exercises with all stakeholders, regular updates on progress, code analysis, and effective build & deployment practices, as well as establishing a workflow for defect/issue management, are paramount in ensuring the effectiveness of distributed DevOps. Equally important is the need to manage risk early with ongoing impact analysis, code quality reviews, risk-based testing, and real-time risk assessments. In short, the adoption of risk and impact assessment mechanisms is vital.
Another key area of focus is the need to ascertain robust metrics that help in the early identification of quality issues and eases the process of integration with the development cycle. Recent research from Gatepoint and Perfecto surveyed executives from over 100 leading digital enterprises in the United States on their testing habits, tools, and challenges. The survey results show that 63 percent start to test only after a new build and code is being developed. Just 40 percent test upon each code change or at the start of new software.

Devote equal attention to both manual and automation testing: Manual (or exploratory) testing allows you to ensure that product features are well tested, while automation of tests (or as some say checks!) helps you with improving coverage for repeatable tasks. Planning for both during your early sprint planning meetings is important. In most cases, automation is usually given step-motherly treatment and falls at the wayside due to scope creep and repeated testing due to defects. A 2019 state of testing report, shows that only 25 percent of respondents claimed they have more than 50 percent of their functional tests automated. So, the ideal approach would be to separate the two sets of activities and ensure that they both get equal attention from their own set of specialists.

Early non-functional focus: Organizations tend to overlook the importance of bringing in occasional validations of how the product fares around performance, security vulnerabilities, or even important regulations like accessibility, until late in the day. In the 2020 DevSecOps Community Survey, 55 percent of respondents deploy at least once per week, and 18 percent claim multiple daily deployments. But when it comes to security, 45 percent of the survey’s respondents know it’s important but don’t have time to devote to it. Security has a further impact on CI/CD tool stack deployment itself as indicated by the 451 research in which more than 60% of respondents said a lack of automated, integrated security tools is a big challenge in implementing CI/CD tools effectively.

It is essential that any issue which is non-functional in nature be exposed and dealt with before it moves down the dev pipeline. Adoption of a non-functional focus depends to a large extent on the evolution of the product and the risk to the organization.

In order to make distributed QA teams successful, an organization must have the capability to focus in a balanced and consistent way across the length and breadth of the QA spectrum, from people and processes to technology stacks. It is heartening to note that the recent pandemic situation has revealed a positive trend in terms of better acceptance of these practices. However, the ability to make these practices work, hinges on the diligence with which an organization institutionalizes these best practices as well as platforms and supplements it with an organizational culture that is open to change.

Trigent’s experienced and versatile Quality Assurance and Testing team is a major contributor to the successful launch, upgrade, and maintenance of quality software used by millions around the globe. Our experienced responsible testing practices put process before convenience to delight stakeholders with an impressive industry rivaled Defect Escape Ratio or DER of 0.2.

Test our abilities. Contact us today.

Make Sure You Are Not a Victim of Ransomware Attack

A few weeks ago, I was trying to surreptitiously pay off a speeding violation ticket such that my wife would not know, and that’s when I encountered another problem. The Baltimore payments portal was not accepting payments, and said that they were the victims of a ransomware attack. In fact, the whole City of Baltimore was a victim and all the records for several years were locked out with the cyber thieves demanding a huge amount of money. Towns in Florida paid huge amount of money recently to cybercriminals. Not following basic simple security protocols can land your company into a ransomware mess.

Gartner says, “Malwarebytes found that ransomware families have grown by more than 700% since 2016, and Datto asserts that as many as 35% of attacks are resolved through paid ransoms. Threat analysis isn’t about the threats themselves. It’s about the organization’s specific vulnerabilities and the exposure of those vulnerabilities.”

Don’t lose sleep over the threat of ransomware attacks. Don’t be vulnerable and take steps today. Do what you can and follow basic systems and processes to prevent them. Learn more about how being smart in IT can help you reduce the risk. Talk to Raghu, our IT specialist at Trigent and get a free assessment done.

Read our brochure to know more.

How SMBs can leverage strategic partnerships – Leapfrogging the technology explosion

Deloitte’s `Tech Trends 2015 The fusion of business and IT’ Report says “We have it on good authority that the only constant in life is change. Yet, given the magnitude of the change we witness daily and the staggering pace at which it now unfolds, the term “constant” seems inadequate as we attempt to define and understand the highly mutable world around us.”

Undoubtedly, businesses are picking up speed, fuelled by fast and furious technology innovations. With more and more people adopting smartphones as the smart way to communicate, digitization has stomped into traditional industries such as banking and manufacturing.  Cloud computing, mobile and unified communications technologies are essential for businesses today, irrespective of their size or scale.   Small and Mid-sized Businesses (SMBs) are turning to these innovations to save time, increase productivity and decrease costs.  They are looking at the mobile to decrease response time, the cloud to access cost effective technology and applications to be more agile to changing market conditions. This proliferation of applications and devices is providing customers with seamless connectivity, new modes of engagement, business agility, decreased costs and operational efficiency.

It is essential to harness the power of emerging technologies while viewing the future through magnifying glasses.  It is easy to fall into a trap and adapt a technology solution which everyone is talking about.  This kind of a reaction could actually lead to compromised investments and functional silos.  It is, therefore, important to slice through the landscape into the heart of the business and from there reach out to technology innovations with the goal of making the business smarter, faster and cheaper.

For organizations, SMBs especially, it is difficult to separate business strategy from technology.  However, the fact of the matter is, to remain competitive and increase productivity, there is the need for seamless merging of strategy and IT.  Companies need to identify, check and then apply next generation technologies to the business road-map. This is a tightrope walk as it requires balancing actual present business scenario, with future requirements and then rewriting processes to transform the business.  All this has to be achieved without losing sight of costs, complexity, risk and feasibility.

For SMBs, attracting and retaining customers, thinking of new products, services, and competencies are more important now than ever before.  Technology is aiding this revolution. According to a report by Harvard Business Review Analytic Services, “57 percent of the business and technology leaders surveyed view IT as an investment that drives innovation and growth.”

Thus, using technology innovations, SMBs can compete with larger players. They can do more with less, instantaneously, remain accessible at all times and all achieve all this with limited investment.  Collaboration is simple and backup is low cost and low maintenance. Engagement rules are changing and interaction is always on, on any device.

Excerpts from whitepaper:  Seven Simple Ways for SMBs to leapfrog the Technology Explosion’

Did your root canal work for you?

Imagine calling your doctor and getting him immediately online. Or finding out what’s happening at your clinic through Facebook.  Or your dental clinic asking you feedback on your root canal and posting satisfaction surveys online.  Some of these instances may happen, but such interactions are rare.  However, the National eHealth collaborative is promoting a Patient Experience Framework.  Providers will strive to have more meaningful interaction with their patients to improve patient outcomes and reduce costs.  This will happen through Social, Mobile and Cloud Solutions to a large extent.  Not many providers are ready.  Read more about the framework at http://www.nationalehealth.org/patient-engagement-framework .

Trigent provides the high tech edge to solution providers in the healthcare space.  Read a Case Study.

SharePoint Adoption and Social Media Features That Help

SharePoint as a social media platform

Nice article on how Microsoft SharePoint scores as a Social Media platform for internal users. SharePoint evangelist Christian Buckley compares SharePoint with platforms like Facebook, Jive Salesforce, Yammer and Ning.
SharePoint’s Social Media Scorecard.

It is interesting to see how SharePoint has evolved from a simple intranet application to a social media platform for collaboration between employees and partners/vendors. Thousands of web parts are getting added daily, for work and for fun which you can add to your intranet. There is even a free Dilbert Web Part at Amrein Engineering which I thought was fun.

In our experience social media applications dramatically increase SharePoint adoption within organizations. Typical applications are sharing information through wikis, departmental discussion boards, surveys and blogs. SharePoint 2010 Profile Pages can be customized to look similar to Facebook pages with social content like a Facebook wall. Social tagging features include Social tags, which enable users to save and share items of interest, a Note Board, Ratings and Bookmarklets for tagging content that is external to the SharePoint site. A few social features and a couple of daily organizational workflows, all that is needed to get your organization’s users hooked on to SharePoint. Consider this, Microsoft says they are adding 20,000 users a day!

For more web parts and white papers visit here.

Meanwhile enjoy the last week of the fall color season. Just a few more days to go before the mighty trees on the Old Man Of The Mountain shake their leaves off….

Also Read The Birth of Yammer in SharePoint 2013