How To Assess Legacy System Risk
May 21, 2013 Dan Burger
The more applications are changed, the more complicated they get. What was originally designed with a certain set of facts in mind, over the course of 10, 20, or more years, almost always becomes convoluted, complex, and unable to keep up with changing business requirements. Many IBM midrange shops face this problem. They spend more time maintaining old complex and inflexible code than providing new business solutions. Many struggle to assess that situation.
Understanding the challenges of legacy systems is the purpose of the partnership that teams vLegaci and Databorough. The result of this partnership is a service called “Legacy Risk Assessment.” Its assessment capabilities include identifying overly complex code, non-reusable business logic, non-portable application and database design, and difficulties integrating new technologies such as mobile and cloud.
The process is designed to provide an accurate baseline for modernization or maintenance plans and strategies. It is built around an application software assessment generated by Databorough’s X-Analysis tool, which examines how RPG, COBOL, and CL programs were developed and how they run on the i OS Power Systems server. Its capabilities include the deciphering of application mapping, variable tracing technology, and interactive graphical diagramming.
During the assessment process, X-Analysis software is loaded on the system to do the investigation work. It’s considered a 30-day trial, so there’s no need to purchase a license for the software. Depending on the outcome of the analysis and the decision that results, a license for X-Analysis may be part of the project plan.
The consultation, IT management strategy, and advice that are part of the assessment come from a vLegaci software maintenance and metrics expert. In addition to the software assessment, additional assessment programs can be added to include development methodologies and team skills, which would factor into whether a company decides it has its own resources to take on the modernization tasks.
“People aren’t sure what to do with old systems,” says vLegaci founder and owner Steve Kilner. “They’re asking themselves whether it makes sense to invest a lot in their system or not. Without a clear path and obvious decision, they just go slow. We created this assessment service to help people get a better understanding of what they have with their systems.”
A Legacy Risk Assessment, on average, takes about two weeks. The report that is generated provides examples of code complexity, a list of programs with metrics for each, a program maintainability index that describes and defines the time devoted to maintaining programs and identifying those that are unmaintainable, and a report on how often programs are changed. There are more reports that go into technical aspects such as logic density, display file metrics, internal program documentation, stats on business rules, and an inventory of legacy RPG techniques that will and won’t convert if a program conversion decision was being considered.
“Each engagement will be different,” Kilner says. “There are some companies with good IT teams, but without the tools to get this info. There are some companies that don’t have much of a staff. These reports won’t mean much if there is little or no technical skills at the company. In that case, we draw the conclusions up a level to a business point of view where management wants to gain an understanding of where the company is positioned with system and what the options are.”
The options come down to three alternatives: develop a plan to improve the existing programs and stay with the system, decide that the best way to achieve the program functionality that the company needs for the future is to rewrite the programs in another language and perhaps another system, or do nothing and take what the system can provide.
In situations where a company decides it needs assistance taking the next step toward eliminating the limitations of a legacy system, vLegaci can provide the follow through with either project management of on-site, existing personnel, or it has the human resources to take on the modernization and/or rewriting of programs when on-site personnel is short on skills or time.
Kilner describes the assessment as a process that quantifies system complexity and maintenance through “forensics-based application metrics” that provide an accurate baseline from which a decision about future IT planning can be made. It’s a starting point for programmers, analysts, and management so they can understand how their RPG, COBOL, and CL programs were developed and how they run on the IBM i Power Systems server. It’s a critical piece of information in order to make future IT plans, he says.
The cost of the Legacy Risk Assessment begins at $3,500 for a maximum of one million lines of code. The price increases as the number of lines of code increases. From one million lines of code to five million lines of code, the price is $5,500. In most cases, this assessment can be done without a site visit.
The development methodologies assessment and the skills assessment pricing begin at $3,000. They are priced separately and are considered on-site assessments.