So we issued our 2020 DevOps predictions, but we were limited in number and format, and there were a lot of great ideas. Here are some of the additional trends Forrester is tracking in DevOps for 2020:
- The end of plan/build/run and stage gates. We’ve governed and managed IT for decades on the plan/build/run operating model, but it’s not agile enough. Pausing between build and run while experts run their quality controls simply can’t work in the new digital world. (Deming dismissed “inspecting quality in” decades ago, and yet here we still are doing it in too many IT organizations.) IT governance, which (even as of COBIT 2019) still has a strong plan/build/run bias, needs to change, moving away from stage gating to . . .
- Continuous governance based on principles, dynamic controls, and automation. Governance by no means goes away, however. It will focus more on guiding principles, and more companies will use self-correcting dynamic controls, such as Numerify’s change prediction software for delivery teams, or site reliability engineering practices, where production support reverts back to product teams that are delivering poor-quality systems. Finally, automated platforms will subsume much governance: templated patterns and environments provided to the delivery team, automatically managed for drift from policy compliance.
- Flatter organization models. How does the semiautonomous product team survive and thrive? Some are turning to Teal and Holacracy, seeing them as a better fit for this new world. And how do such teams maintain alignment? My view is that we will move from governance of the “how” to governance of the “what.” Governance will challenge teams to make and keep promises but will give them substantial freedom in how to do so.
- Psychological safety. I see increasing interest in the human environment surrounding digital systems delivery and more understanding that employee experience leads to customer experience. Following in Google’s footsteps, leading firms will start to measure psychological safety as a key performance indicator. I wouldn’t be surprised to see risk managers flag low psychological safety scores as a serious organizational risk! Just like we’ve predicted that chaos engineering will become recognized as a controls strategy, will organizations institute corresponding measures around organizational culture? Thoughts?
- Resilience engineering. Beyond site reliability engineering and chaos engineering lies resilience engineering. Resilience engineering combines academic disciplines from industrial engineering to human factors to cognitive psychology and beyond, but it’s no ivory tower. Safety professionals (aviation, fire/police/medical, etc.) follow its precepts and consume its research. The digital and DevOps communities are late to this party, but professionals like John Allspaw are pioneering new insights here. (I just found this fascinating applied writeup by AWS’s Adrian Cockcroft today.) Look for the pervasive “craft wisdom” of traditional IT service management and monitoring to give way to resilience engineering’s much greater rigor.
- The reemergence of (some) standardization. Enterprise architects often are responsible for achieving economies of scale through reuse of common shared platforms and design approaches. They’ve had tough sledding lately, with increasingly autonomous product teams. And yet organizations should standardize at the undifferentiated “heavy lifting” level. What are the degrees of freedom? Do developers get to choose their preferred cloud provider? No? Where do you draw the line? Legitimate developer autonomy can lead to innovation and customer delight . . . but there’s also résumé padding. How can we have better, more fact-based management of these tradeoffs?
All in all, it promises to be an interesting year! Stay tuned, and keep us posted on what you’re seeing!