Get a clear picture of your legacy systems

Regulatory issues are forcing IT managers to dig into legacy systems to find out which applications, operating systems and...

Regulatory issues are forcing IT managers to dig into legacy systems to find out which applications, operating systems and bolt-ons are really running the business

It may come as a surprise to some IT departments, but the average age of applications that run core business processes is 15 years old.

A survey by HAL Knowledge Solutions found that almost 30% of companies are maintaining software up to 25 years old. At first glance, that seems archaic. Common technology refresh cycles run at three to four years, yet some of the largest and most advanced business in the UK are relying on software that was around when the Tories came to power in 1979.

This raises some interesting questions about the "out with the old, in with the new" mantra that the technology industry is all too often guilty of chanting.

Legacy or proprietary technology is at odds with our e-business plug-and-play world. However, if you were to lift the lid on many large organisations, underneath the customer relationship management initiatives, the e-commerce engines, the web servers and business intelligence tools sits a core of application code that pre-dates most of its support staff.

Legacy applications are commonly seen as a burden - a constant cycle of updates and maintenance where dedicated, highly skilled IT staff have to keep the heterogeneous mix of proprietary code up to date.

However, legacy applications are undergoing a renaissance of importance on the IT agenda as a result of business drivers that are forcing IT departments to take a much closer look at the "dark side" of IT management.

Issues including regulatory compliance, IT governance initiatives and accountability in areas such as outsourcing require businesses to have a deeper understanding of what makes legacy systems tick.

Applications that run core business processes are ambiguous by default and it is sometimes complicated to assess where they start and end. They are often a complicated mix of application code, operating systems and "bolt-ons". By definition, there is no such thing as a typical legacy environment, and as such it becomes incredibly difficult and time-consuming to influence or measure the way it behaves.

Without a clear picture of the legacy applications layer, implementing change or reporting against compliance and governance requirements is an educated guess at best, and holding a third party to account on service level agreements is impossible.

In fact, one of the only guarantees in legacy applications management is that the less you know about the applications, the more time and resources will be invested in establishing that understanding.

The best way to reduce potential risk or additional burden is to start with some simple questions.

  • How much of your organisation's IT infrastructure is dependent on legacy applications? 
  • How much of that software is mission-critical? 
  •  What level of visibility and understanding do you have of this area? 
  •  What business initiatives could force a review or increased accountability for proprietary applications?

Do not be surprised if you cannot respond to these questions immediately, that is the norm. In the same way it is the norm for legacy applications to hold vast amounts of "orphaned" data, or duplicated information - both symptoms of the applications management challenge.

The harsh reality is that it can take months to get an accurate picture of an enterprise applications portfolio, which belies a bigger issue: greater IT account-ability demands more from legacy applications management and most businesses are not prepared to deliver against this. Effective IT reporting is no longer about management information alone. It is about meaningful, quality data.

Therefore, if you have IT compliance or governance directives coming down from the board, and proprietary applications maintenance features on your to-do list, be prepared to unsettle the murky waters of legacy systems. When looking at the dark side of applications, the worst place to start is in the dark.

Mark Kusionowicz is vice-president of marketing at applications portfolio management company HAL Knowledge Solutions

Read more on IT risk management