The opportunity for IT investment is always larger than the budget available. It’s true in small shops, big shops, and IT mega shops. IT investment typically falls into one of three buckets:
- Keeping the lights on
- Carefully selected strategic initiatives
- The “squeaky wheel” that requires immediate attention
It is common in many organizations, and particularly so with our government clients, that legacy applications do not fall into the first two buckets and suddenly show up in the third bucket with urgency and a significant price tag attached. How do you avoid that unpleasant “surprise”?
In most cases, custom developed legacy business applications run quietly in the background, with a very knowledgeable support staff able to keep them operational. But over time, they become brittle, making modifications difficult, risky, and costly. Compare that to COTS products. COTS vendors require upgrades to their products over time and “encourage” you to apply those upgrades with end-of-support announcements. Hardware vendors ease their aging solutions out in a similar manner, eventually declaring the end of support. But custom developed applications have no such organized retirement approach.
What the COTS vendors and the hardware vendors know, and CIOs should consider for their legacy applications is that you have to periodically reset and move forward. Otherwise, the risk of supporting a solution increases to an unreasonable level yet is hidden from view.
Typically, the cost of continuing to use a custom legacy application is not significant enough to catch the attention of executive management. That’s usually because a small handful of operations and maintenance staffers have sufficient working knowledge of the application to keep it running and overcome quirky behavior. And that works well—until it doesn’t. Then you have a general-alarm IT event to get that critical business system running again. It doesn’t happen often, but the risk is there in many enterprises.
In the opening paragraph, I used the word surprise in quotes. The reason for the quotes is that, generally speaking, IT executive management knows that legacy applications are aging and will become a problem for the organization at some point, but the level of concern is not significant enough to allocate funding to address the issues. The longer that goes on, the bigger the price tag when it occurs.
To protect the business, legacy applications should be methodically assessed at least every few years to determine the current risk of continuing reliance on these applications. Risk factors to consider include the uniqueness of the application, its brittleness, technology dependencies (a big concern), and skillset dependencies. Where the assessment indicates that the application is on the fringe of viability, there is risk; the more fringy areas there are, the greater the risk. When an assessment identifies this type of an application, planning to replace it should commence as a high priority. If not, it is only a matter of time when the application(s) shows up in the squeaky-wheel bucket.