Wall Street & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


08:40 AM
Lev Lesokhin
Lev Lesokhin
Connect Directly

Wall Street CIOs Have a Vendor Management Problem

If Wall Street CIOs want to stay ahead of competition and ensure high-speed trading software doesn't start the next flash crash, they need better insight into vendor delivered software.

Wall Street CIOs know better than anyone how one little hiccup in the software production line can seriously impact competitive advantage. That advantage can be weeks, microseconds, or something in between. The race to build quickly sometimes forces software updates to be done on the fly, even while the market is trading. We all know Wall Street thrives on risk, but anyone in the IT industry also knows that patching production software is like trying to change a piston inside a racecar engine at 200 mph.

Increasing velocity, combined with the constant need for IT to reduce costs, means Wall Street CIOs are under extreme pressure. Much is being outsourced to low-cost locations, through either traditional sourcing or captive development centers. So making sure what's being loaded into production won't crash or corrupt the underlying architecture is harder than ever. We have some processes in place to handle proper testing for these systems, but most of us are severely underestimating our vendor management needs and, in turn, throwing money down the drain.

Wall Street CIOs have been relying on third-party vendors for application development and maintenance (ADM) for years to help increase throughput and reduce cost. However, management has limited visibility into software quality once it's delivered, and whether vendors are making good on their promises.

The tendency is to rely on manual code reviews, combined with lots and lots of functional testing and service-level agreements that focus on application performance in production. However, these do little to tell IT executives if their money is being well spent, or if the final application is bringing undue risk into the business due to poor software quality.

Business leaders have been able to overcome these problems in other processes by measuring outcomes, where the cost and requirements of a product or service are defined up front, rather than a time and materials approach, where cost is incurred as the project progresses. But the outcome-based sourcing approach goes completely against the current state of Agile software development, which relies heavily on an iterative model.

In order to move application development into an outcome-based sourcing model, organizations and third-party outsourcers need to agree on standardized, automated measures they can track in order to measure software quality, robustness, and software output adequately.

Some IT organizations have flirted with manual function point analysis to help track the amount of ADM production over time, but it is a tedious and time-consuming process that sometimes produces a biased, and therefore untrustworthy, end result. Over the past decade, huge strides have been made in automated function point counting to ease some of the cost and time constraints while increasing consistency and objectivity. Some of the relevant software standards for outcome measurement are being developed by the Consortium for IT Software Quality, which is led by the Software Engineering Institute and the Object Management Group.

If Wall Street CIOs want to stay ahead of competition and ensure high-speed trading software doesn't start the next flash crash, they need better vendor management acumen to get insight into vendor delivered software. Or, if cost cutting is the objective, it's easy to negotiate the rate card, but that doesn't guarantee lower factor costs. With most of the IT industry going to outcome-based sourcing, CIOs have more work to do to know they are improving their unit cost of software production without sacrificing quality.

At the end of the day, Wall Street CIOs cannot blame development teams or third-party vendors for their lack of insight into their application portfolios. And if they are ignoring outcome-based sourcing, doubly so. The only way to reduce IT costs and validate outsourced work is to proactively monitor application quality standards for security, performance, and reliability before acceptance and implementation.

Lev Lesokhin is executive vice president of strategy for CAST. He is responsible for market development, strategy, thought leadership and product marketing worldwide. He has a passion for making customers successful, building the ecosystem, and advancing the state of the art ... View Full Bio
More Commentary
A Wild Ride Comes to an End
Covering the financial services technology space for the past 15 years has been a thrilling ride with many ups as downs.
The End of an Era: Farewell to an Icon
After more than two decades of writing for Wall Street & Technology, I am leaving the media brand. It's time to reflect on our mutual history and the road ahead.
Beyond Bitcoin: Why Counterparty Has Won Support From Overstock's Chairman
The combined excitement over the currency and the Blockchain has kept the market capitalization above $4 billion for more than a year. This has attracted both imitators and innovators.
Asset Managers Set Sights on Defragmenting Back-Office Data
Defragmenting back-office data and technology will be a top focus for asset managers in 2015.
4 Mobile Security Predictions for 2015
As we look ahead, mobility is the perfect breeding ground for attacks in 2015.
Register for Wall Street & Technology Newsletters
7 Unusual Behaviors That Indicate Security Breaches
7 Unusual Behaviors That Indicate Security Breaches
Breaches create outliers. Identifying anomalous activity can help keep firms in compliance and out of the headlines.