Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage Risk Content on InfoQ

  • From Compliance-First to Risk-First: Why Companies Need a Culture Shift

    Transitioning from a "Compliancе-First" approach to a "Risk-First" mindset rеcognizеs that compliancе should not be viеwеd in isolation, but as a componеnt of a broadеr risk managеmеnt strategy.

  • Secure Delivery: Better Workflows for Secure Systems and Pain-Free Delivery

    The software delivery process has been transformed in the last decade; we’ve adopted well-understood workflows around functions such as testing, release management and operational support. In this article we'll explore the impact that security workflows have on software delivery, explain the root causes and share battle-proven techniques to show how we can make delivering secure software easier.

  • Building Stronger Human Teams by Managing the Inner Lizards

    Each of us has an inner lizard that frets constantly about our safety. People come with brains that are pre-configured to scan everything you say for threats to their safety. Learning to recognize when you're operating under reptilian influence is a great start. This article introduces some techniques to help you manage the lizard within you along with those around you.

  • Signs You’re in a Death Spiral (and How to Turn It around before It’s Too Late)

    Don’t let feature work blind you. Enterprises are ramping up their software delivery to compete in the digital-first world. But more features and faster time-to-market can lead your business into a death spiral if you neglect technical debt and risk work. Learn how to use value stream metrics to identify whether your business is in danger and how to reverse the trajectory before it’s too late.

  • Kick-off Your Transformation by Imagining It Had Failed

    Large scale change initiatives have a worryingly high failure rate, the chief reason for which is that serious risks are not identified early. One way to create the safety needed for everyone to speak openly about the risks they see is by running a pre-mortem. In a pre-mortem, we assume that the transformation had already failed and walk backward from there to investigate what led to the failure.

  • Q&A on the Book Risk-First Software Development

    The book Risk-First Software Development by Rob Moffat views all of the activities on a software project through the lens of managing risk. It introduces a pattern language to classify different risks, provides suggestions for balancing risks, and explores how software methodologies view risks.

  • Cultivating a Learning Organisation

    This article explores how creating an internal culture of experimentation and learning enabled a company to keep pace with the rapid iterations in tech that have become the regular way we do business. It shows that psychological safety is a key component of the learning organisation; employees need to be able to experiment and learn from any outcome - without fear that failure will be punished.

  • Three Keys to a Successful “Pre-Mortem”

    Talking about what might go wrong acknowledges that many things are out of our control, and that we might mess up the things which are within our control. To have this conversation safely involves a structured activity called a pre-mortem. If held with some regularity, and always with creative problem solving time at the end, it can build a safe space for adaptation in the face of adversity.

  • What Should Software Engineers Know about GDPR?

    EU General Data Protection Regulation (GDPR) is moving out of the transition period next summer to become enforceable GDPR strongly emphasizes risk-based thinking; you take every step to mitigate privacy risks until the risks become something you can tolerate. As a software developer, this will affect you. This is what you need to know.

  • Q&A on The Antifragility Edge: Antifragility in Practice

    In the book The Antifragility Edge, Sinan Si Alhir shows how antifragility has been applied to help organizations evolve and thrive. He provides examples of how antifragility can be used beyond agility on an individual, collective (team and community) and enterprise level, and explores a roadmap for businesses to achieve greater antifragility.

  • Continuous Delivery Coding Patterns: Latent-to-Live Code & Forward Compatible Interim Versions

    This article describes two novel practices for continuous delivery: Latent-to-live code pattern and Forward compatible interim versions. You can use these practices to simultaneously increase speed and reliability of software development and reduce risks. These practices are built on top of two other essential continuous delivery practices: trunk-based-development and feature toggles.

  • Q&A on Conscious Agility

    The book Conscious Agility (Conscious Capitalism + Business Agility = Antifragility) by Si Alhir, Brad Barton and Mark Ferraro describes a design-thinking approach for business to benefit from uncertainty, disorder, and the unknown. An interview about conscious agility and antifragility, increasing business agility, dealing with uncertainty, and the three phases of a conscious agility initiative.