Innovation Case Study: Test Automation & Ambit Enterprise Upgrade

A business case of how technology innovation successfully integrated into the business operations an improved the way of working that supported business success.

  
Areas of Science and TechnologyData Engineering, Computer Science
R&D Start DateDec 2018
R&D End DateSeptember 2019
Competent ProfessionalRenier Botha

 

Overview and Available Baseline Technologies

Within the scope of the project, the competent professionals sought to develop a regression testing framework aimed at testing the work carried out to upgrade the Ambit application[1] from a client service solution to a software as a service solution (SaaS) operating in the Cloud. The test framework developed is now used to define and support any testing initiatives across the Bank. The team also sought to automate the process, however this failed due to lack of existing infrastructure in the Bank. 

Initial attempts to achieve this by way of third-party solution providers, such as Qualitest, were unsuccessful, as these providers were unable to develop a framework or methodology which could be documented and reused across different projects. For this the team sought to develop the framework from the ground up. The project was successfully completed in September 2019. 

Technological Advances

The upgrade would enable access to the system via the internet, meaning users would no longer need a Cisco connection onto the specific servers to engage with the application. The upgrade would also enable the system to be accessed from devices other than a PC or laptop. Business Finance at Shawbrook is comprised of 14 different business units, with each unit having a different product which is captured and processed through Ambit. All the existing functionality, and business specific configuration needed to be transferred into the new Enterprise platform, as well as the migration of all the associated data. The competent professionals at Shawbrook sought to appreciably improve the current application through the following technological advances:

  • Development of an Automated Test Framework which could be used across different projects

Comprehensive, well executed testing is essential for mitigating risks to deployment. Shawbrook did not have a documented, standardised, and proven methodology that could be adopted by different projects to ensure that proper testing practises are incorporated into project delivery. There was a requirement to develop a test framework to plan, manage, govern and support testing across the agreed phases, using tools and practices that help mitigate risks in a cost-effective and commensurate way.

The test team sought to develop a continuous delivery framework, which could be used across all units within Business Finance. The Ambit Enterprise Upgrade was the first project at Shawbrook to adopt this framework, which lead to the development of a regression test pack and the subsequent successful delivery of the Ambit upgrade. The Ambit Enterprise project was the first project within the Bank which was delivered with no issues raised post release.

The development of a regression test pack which would enable automated testing of future changes or upgrades to the Ambit platform

Regression testing is a fundamental part of the software development lifecycle. With the increased popularity of the Agile development methodology, regression testing has taken on added importance. The team at Shawbrook sought to adopt an iterative, Agile approach to software development. 

A manual regression test pack was developed which could be used for future testing without the need for the involvement of business users. This was delivered over three test cycles with the team using the results of each cycle (bugs identified and resolved) to issue new releases. 

173 user paths were captured in the regression test pack, across 14 different divisions within Business Finance. 251 issues were found during testing, with some being within the Ambit application. Identifying and resolving these issues resulted in the advancement of Ambit Enterprise platform itself. This regression test pack can now be used for future changes to the Ambit Enterprise application, as well as future FIS[2] releases, change requests and enhancements, without being dependent on the business users to undertake UAT. The competent professionals at Shawbrook are currently using the regression test pack to test the integration functionality of the Ambit Enterprise platform.

  • Development of a costing tool to generate cost estimates for cloud test environment requirements

In order to resolve issues, solutions need to be tested within test environments. A lack of supply was identified within Shawbrook and there was an initiative to increase supply using the Azure cloud environment. The objective was to increase the capability within Business Finance to manage an Azure flexible hosting environment where necessary test environments could be set up on demand. There was also a requirement to plan and justify the expense of test environment management. The competent professionals sought to develop a costing tool, based on the Azure costing model, which could be used by project managers within Business Application Support (“BAS”) to quickly generate what the environment cost would be on a per day or per hour running basis. Costs were calculated based on the environment specification required and number of running hours required. Environment specification was classified as either “high”, “medium” or “low”. For example, the test environment specification required for a web server is low, an application server is medium while a database server is high. Shawbrook gained knowledge and increase its capability of the use of the Azure cloud environment and as a result are actively using the platform to undertake cloud-based testing.

The above constitutes an advance in knowledge and capability in the field of Data Engineering and Computer Science, as per sections 9 a) and c) of the BEIS Guidelines.

Technological Uncertainties and activities carried out to address them

The following technological uncertainties were encountered while developing the Ambit Enterprise upgrade, mainly pertaining to system uncertainty:

  • Implementation of the new Ambit Enterprise application could disrupt existing business processes

The biggest risks for the programme of change, was the potential disruption of existing business processes due to the implementation of the change without validation of the upgraded application against the existing functionality. This was the primary focus of the risk mitigation process for the project. Following the test phases set out in the test framework would enable a clear understanding of all the residual risks encountered approaching implementation, providing stakeholders with the context required to make a calculated judgement on these risks.

When an issue was identified through testing, a triage process was undertaken to categorise the issues as either a technical issue, or a user issue. User issues were further classified as “training” or “change of business process”. Technical issues were classified as “showstoppers”, “high”, “medium” and “low”. These were further categorised by priority as “must haves” and “won’t haves” in order to get well-defined acceptance criteria for the substantial list of bugs that arose from the testing cycles. In total, 251 technical issues were identified.

The acceptance criteria for the resolution of issues were:

  • A code fix was implemented
    • A business approved work around was implemented
    • The business accepted the risk

All showstoppers were resolved with either a code fix or and an acceptable work around. Configuration issues were within the remit of Shawbrook’s business application support (“BAS”) team to resolve, whilst other issues could only be resolved by the FIS development team. When the application went live, there were no issues raised post release, and all issues present were known and met the acceptance criteria of the business. 

  • Business processes may no longer align with the new web-based application

Since the project was an upgrade, there was the potential for operational impact of existing functionality due to differences between the Ambit client server solution, and the upgraded Ambit Enterprise web-based solution. The BAS team at Shawbrook were required to make changes to the business processes in order to align with the way the Ambit Enterprise solution now operated. Where Shawbrook specific issues could not be resolved through the configuration of the application with the business processes, changes were made to the functionality within Ambit, for example, additional plug-ins were developed for the Sales Portal platform to integrate with the Ambit Enterprise application. 

Because Ambit Enterprise was a web-based application, application and security vulnerabilities needed to be identified so that the correct security level was achieved. Because of this, performance and security testing, which was currently not being executed, needed to be introduced to the test framework. Performance testing also needed to be executed so that speed and stability requirements under the expected workloads were met.

Summary and Conclusions

The team at Shawbrook successfully developed a test framework which could be used across all projects within Business Finance. The development of the test framework lead to the generation of a regression test pack for the Ambit Enterprise upgrade. By undertaking these R&D activities, Shawbrook gained knowledge in the use of Azure Cloud Environment for testing, and increased its automated testing capabilities, enabling the transition to a continuous delivery framework whereby the majority of testing is automated.


[1] Ambit is the asset finance application operating within the business unit, 70-80 percent of transactions on all lending is captured and managed through Ambit

[2] FIS is the Ambit Enterprise vendor

Top 10 Technology Trends Impacting Infrastructure & Operations for 2018

Does your IT strategy include infrastructure, operations (I&O) practices and data center architectures that are sufficient to meet the demands of the digital business. Digital transformation requires IT agility and velocity that outstrips classical architectures and practices.

David Cappuccio, from Gartner outlines the top 10 trends that will impact IT operations (I&O) in 2018. Each will have an impact on how IT operates, plans, enhances internal skill sets, and supports the business.

 

Guest Blog: Original Article @ Gartner

Outside forces will shape IT’s journey towards a digital infrastructure.

Legacy infrastructure and operations (I&O) practices and traditional data center architectures are not sufficient to meet the demands of the digital business. Digital transformation requires IT agility and velocity that outstrips classical architectures and practices.

In 2018, IT will be increasingly tasked with supporting complex, distributed applications using new technologies that are spread across systems in multiple locations, including on-premises data centers, the public cloud and hosting providers.

David Cappuccio, vice president and distinguished analyst at Gartner, says I&O leaders should focus on 10 key technologies and trends to support digital transformation.

“These are not necessarily the top 10 technologies, or the hottest trends in IT, but rather the 10 trends we feel will have an impact on I&O teams over the next few years,” says Cappuccio. “Some are happening already, some are just beginning, but each will have an impact on how IT operates, plans, enhances internal skill sets, and supports the business.”

Strategic

Trend 1: Geo Planning
Outside factors including the European Union’s General Data Protection Regulation (GDPR), geo specific workloads and global and regional network access are driving IT to spend more time on geo planning as part of their longer term strategies. The long term objective is not to own a global infrastructure, but to build the infrastructure needed to support the business via partners, as well as leveraging an organization’s partner’s infrastructure to help support initiatives such as multiple network connections and infrastructure design and support.

Trend 2: The Intelligent Edge
Many digital business projects create data that can be processed more efficiently when the computing power is close to the thing or person generating it. Edge computing solutions address this need for localized computing power. For example, in the context of the Internet of Things (IoT), the sources of data generation are usually things with sensors or embedded devices. The intelligent edge serves as the decentralized extension of the campus networks, cellular networks, data center networks or the cloud. Organizations that have embarked on a digital business journey have realized that a more decentralized approach is required to address digital business infrastructure requirements.

Trend 3: Intent-based Networking (IBNS)
Gartner predicts that by 2020, more than 1,000 large enterprises will use intent-based networking systems in production, up from less than 50 today. Intent-based networking (IBNS) is not a product, or a market. Instead, it is a piece of networking software that helps to plan, design and implement/operate networks that can improve network availability and agility, which becomes increasingly important as organizations transition towards digital business.

With IBNS, rather than explicitly defining to the network what needs to be done, the software translates the business intent to determine the “correctness” of the network configuration before deployment. The system then continuously compares the actual and desired state of the running network.

Say no to business as usual
Gartner IT Operations Strategies & Solutions Summit 2018

LEARN MORE

Tactical

Trend 4: APIs – Integration Economy
A digital business is supported by technology platforms in five areas: information systems; customer experience; data and analytics; IoT; and ecosystems. The ecosystems technology platform supports the creation of, and connection to, external ecosystems, marketplaces and communities. Application performance interface (API) management enables the digital platform to function.

Organizations should design APIs from the “outside in,” based on ecosystem requirements, not “inside out,” based on existing applications or technology infrastructure. “Ensure that your organization takes an ‘API first’ approach, designing APIs based on the requirements of your organization’s ecosystem,” says Cappuccio. “APIs designed in this way can be mapped to internal technology infrastructure. This approach is more effective than simply generating APIs based on existing infrastructure and data models.”

Trend 5: Reputation and Digital Experience
There are two interlinked trends impacting business today that have nothing to do with IT infrastructure, but everything to do with infrastructure design. Digital experience management (DEM) is the impact of presenting the right digital experience to customers. The experience could be mobile or web-based, and should be always available, continually improving and perform quickly and consistently. If any of these tenants are lacking, customer satisfaction is in peril. If customer satisfaction is in peril, especially in today’s social media savvy world, corporate reputation could quickly be damaged.

Trend 6: Beyond Traditional IT – New Realities
Business units are demanding agility, in opening new markets, taking on emerging competitors, bringing in new suppliers, and creating innovative ways of interacting with customers. Over 30% of current IT spend is not part of the IT budget, but overall responsibility for supporting these new initiatives, once they are tested and stabilized, will reside with traditional IT. Managing those new providers, managing workflows and managing new types of assets in this hybrid environment, regardless of where they are located, will become crucial to IT’s success.

Operational

Trend 7: DCaaS as a Strategy
In a perfect world, at least from the perspective of many business leaders, IT and the data center would be essentially a very agile provider of service outcomes, rather than the owner of the infrastructure. To do this organizations are creating a data center as a service (DCaaS) model, where the role of IT and the data center is to deliver the right service, at the right pace, from the right provider, at the right price.

“Making key short-term decisions can lead to a long-term strategy that incorporates the best of ‘as a service’ and the cloud without compromising IT’s overall goals to both protect and enable the business,” says Cappuccio. “In this manner, IT can enable the use of cloud services across the business, but with a focus on picking the right service, at the right time, from the right provider, and in such a way that underlying IT service and support does not get compromised.”

Trend 8: Cautious Cloud Adoption
For many enterprises the journey to the cloud is a slow, controlled process. Colocation and hosting providers have established private or shared clouds on their premises to provide customers some basic cloud services, enabling controlled migrations, staff skills training and a “safe” cloud environment as a stepping stone to increased cloud adoption in the future. As customers get comfortable with these services and costs, increased migrations to external providers are enabled via interconnect services. Using this partner ecosystem to enable an agile infrastructure is a rapidly emerging trend.

Trend 9: Capacity Optimization – Everywhere
Organizations need to focus on optimizing capacity and guard against stranded capacity – things that are paid for, but not really being used. This issue can be found both in existing on premise data centers and in the cloud. A change in culture is needed to fix this problem. Organizations must learn to focus not just on uptime and availability, but also on capacity, utilization and density. Doing so can extend the life of an existing data center and reduce operating expenditures from cloud providers.

Trend 10: Extended Infrastructure Management
The data center as the sole source of IT infrastructure has given way to a hybrid of on-premises, colocation, hosting, and public and private cloud solutions. These elements are being combined with a focus on providing business-enabling services and outcomes, rather than a focus on physical infrastructure. Enterprises must apply a future-looking, enterprise-wide “steady hand” to IT strategy and planning, and apply appropriate guardrails, or face the possibility of losing relevance, governance and enterprise agility.

 

IT Due Diligence – is IT an asset or liability?

Information Technology is an integral part of any organisation and enables the operations of enterprises. Through supporting business operations, IT collates and analyses business data to provide the management information required in making timely and effective decisions. IT can even be the product/service around which enterprises are built. Information is a key business asset. But IT can also be the skeleton in the closet. Technology assets can turn into liabilities costing more and/or introducing risks that are not anticipated. This makes IT a key priority consideration in strategy development, corporate governance and business risk mitigation as well as merger and acquisition (M&A) transactions.

Despite the obvious importance of IT within any organisation, do business executives, who are mostly more focused on the financial and legal aspects, often overlook it. The appropriate attention is not given to the IT diligence as part of corporate governance or during the due diligence in M&A initiatives. This might be due to the continuous limited understanding of the technology discipline amongst business executives and/or the absence of the right expertise within an organisation to conduct the needed IT review. Another contributing statistic is that IT due diligence rarely is the make or break factor in business deals, which in a lot of cases, result in unwanted surprises presented to directors. That is why IT should be part of the scope of business strategy development and be one of the key contributors in M&A negotiations, influencing the deal and price.

The key reason for IT due diligence is to ensure visibility to the directors of concerns relating to IT operations in order to develop addressing strategies and mitigating actions. Investors should also use this information in assessing a potential business asset and it’s associated opportunity versus risk.

A due diligence exercise will cover at least the following main IT considerations: Systems, Projects & Change, Data, Security and IT Service Provision. Each of these considerations should be reviewed covering at least the following four elements: People, Process, Technology and Value.

Meaningful IT due diligence can be accomplished by practitioners who can ask the right questions stemming from the appropriate industry experience and domain knowledge. The art of due diligence is in formulating the right questions around key investment and/or corporate success drivers and interpreting the answers to inform the true state of affairs and it’s associated business enablement ability, future opportunity contributions and the associated business risk. Mostly, this diligence informs on the present and future role and influence of IT assets within the overall business success, for example:

  • Product, service and information Ownership – does the business really own what IT claims to be the property and assets of the business in relation to it’s true value and the balance sheet?
  • Reliability – can the business rely on its technology, now and in the future?
  • Sustainability – does the business have the ability to sustain its IT asset and visa versa?
  • Scalability – can the technology assets keep up with the business’ growth plans?
  • Adaptability – how easy can the technology asset integrate or be adapted to integrate with other systems and new emerging technologies in the future?
  • Compliance – does an IT asset introduce unwanted risk through non-compliance? For example, the introduction of new legislation to address the continuous increase in cyber and information security concerns might have a significant impact on the legality of an IT asset that might result in serious financial risk and penalties, if not addressed.
  • Finance – how much are IT assets likely to cost the business and what contributions will these expenses have on the financial success of the organisation?

A typical IT due diligence exercise could cover the following areas of IT operations (Some of these areas might not always be applicable in all organisations.):

  • Clarity on the Business Value Chain
  • IT Staff
    • IT Organisation Structure
    • Leadership
    • Qualifications & Skills
  • Certifications & Standards i.e. ISO9001 (Quality), ISO17001 (Security), ITIL (Service Management) or ISO20000 (ITSM)
  • Products and Services
  • Documentation
  • Software Development Processes & Methodologies
  • Service Management
  • Software applications and Services utilized
  • IT Infrastructure
    • Hardware
    • IP Network Infrastructure
    • Hosting Environments
  • Business Continuity
    • Service Availability
    • Systems Up-time
    • Backup and Recovery
    • Disaster Prevention & Recovery
  • Security
    • Cyber & Information Security
    • Network Security
    • IT Services & Systems Access
    • Physical Access
  • Governance
    • Operating Model
    • Policies
    • Procedures
    • Risk Management
    • Performance & KPIs
  • Projects & delivery methodologies
  • Compliance
  • Legal
    • SLAs
    • Supplier & 3rd party Service/Support Agreements
  • Intellectual Property
  • Quality Assurance & Improvement
  • Financial
  • Client and/or Customers

Understanding this information is vital in corporate governance, strategy formulation and capital investment decisions ensuring business critical assets are sustained and developed appropriately for a viable ongoing business concern.

The content of an IT due diligence report should focus on the objectives of the due diligence review, outlining priority findings with recommendations that present a clear call to action addressing the key issues found. A typical report should contain:

  • The objectives of the IT due diligence review
  • An executive summary with the key take aways
  • Key findings and the associated risk
  • Recommendations

The review findings and recommendations should be acted upon through appropriate remediation projects and a clear transition & support plan with inclusion into IT & business strategy. The business benefits can only be realised if these post review projects and transition, are successfully integrated into the organisation.

Let’s Talk – Are you looking to achieve your goals faster? Create better business value? Build strategies to improve growth? We can help – make contact!