back to insights

Application Portfolio Management

Application Portfolio Management (APM) is a strategy that helps businesses manage their software applications efficiently, ensuring they deliver value and align with business objectives. It's akin to stock portfolio management but for software, where companies assess the performance of each application, deciding which to keep, improve, or discard using methods like T.I.M.E analysis (Tolerate, Invest, Migrate, Eliminate). This approach categorizes applications based on their utility and value, using visual tools and scoring systems to evaluate their business relevance and technical compatibility. Through surveys among IT staff, users, and leaders, businesses can make informed decisions on which applications to invest in, update, or eliminate, optimizing their software portfolio for maximum return on investment.
Listen to the Podcast
Application Portfolio Management

Let's dive into the world of Application Portfolio Management (APM) – its a smart way businesses keep track of all their software applications, making sure they're getting the most bang for their buck.

Think of Application Portfolio Management (APM) like managing a stock portfolio. Just as investors track their stocks to maximize returns, businesses use APM to keep an eye on their software applications to ensure their delivering value. APM is like a financial advisor for your software, helping you identify which applications (or "stocks") are high performers, which are not pulling their weight, and which ones you might consider letting go of.

In this world, applications are your investment. Some are like blue-chip stocks—reliable and crucial for your business's growth. Others might be like penny stocks—risky and not necessarily contributing to your goals. And just as investors group stocks into portfolios based on sectors or risk levels, APM groups applications into portfolios based on their function or business value, making it easier to manage and make decisions about them.

This process goes beyond merely listing what you have. It's about strategically managing your software assets to ensure they align with your business objectives, much like adjusting your stock portfolio to match your financial goals. It involves evaluating which applications are worth further investment, which should be updated or replaced, and which are no longer serving your business well and can be retired. Just as in stock management, the goal is to optimize your portfolio for maximum efficiency and return on investment.

T.I.M.E Analysis

T.I.M.E analysis is a clever method within APM to sort Applications and Tools into four categories, kind of like sorting your clothes into piles of keep, donate, fix, or throw away. T.I.M.E stands for Tolerate, Invest, Migrate, and Eliminate.

  • Tolerate: means you keep using some applications even if they’re not perfect, because, for now, they do what you need without too much fuss.
  • Invest: is where you find the applications that are really making a difference. These are the ones you want to make even better because they’re worth it.
  • Migrate: involves moving applications from old to new technology—like moving your favorite songs from CDs to your smartphone, so they're more useful.
  • Eliminate: is straightforward: saying goodbye to applications that just don’t fit your needs anymore, freeing up space and resources.

To make these concepts clearer, here’s a pie chart for TIME analysis, dividing a company's software into those four categories. This chart is like a snapshot, giving you an instant feel of where most of the company’s applications fall. Are you investing in the right places? Or is it time to clean house?

Next, we look at each portfolio (or groups of like Applications) in more detail using a 2x2 quadrant, sprinkling various applications across these four zones. This chart mixes three big ideas: how valuable each tool is to the business and whether it’s a technical fit within the organization. It also uses the Application’s cost as part of the size of each bubble. Such plots can help you see which applications are stars (high value and modern tech), which are hidden gems (high value but need tech updates), and which might be relics from the past.

These visuals aren't just pretty pictures; they're useful maps that help businesses decide where to go next with their technology. By looking at what applications they have, how these applications are helping (or not helping), and where they could invest or cut back, companies can make smarter choices. This way, they ensure their application landscape is filled with exactly what they need to build a successful future, leaving out the clutter.

Scoring the Business Value and Technical Fit

In Application Portfolio Management (APM), it's important to figure out how well each software application works for the company and how valuable it is. To do this, we look at two main things for each app: how well it fits with the company's technology and how much it helps the company achieve its goals.

  • Business Value: This measures how important an app is for the company's success. Does it help make more money? Does it save money? Is it important for the company's future plans? Each app gets a score for its value to the company.
  • Technical Fit: This is about how well an app matches the company's technology needs and rules. For example, does it use the right kind of technology? Is it secure? Can it work well with other apps? We give each app a score to show how good a match it is.

To figure out these scores, you need to talk to different people in the company, like those who work in IT and those who use the apps. You must ask questions, look at how the apps are used, and check how they fit with the company's goals.

Using Surveys for Scoring

Surveys are an effective way to develop such scores for each application. We recommend using a multiple-choice format for the answers. Such surveys reduce subjectivity as well as the time it takes to complete them. The responses can be used to create averages or weighted averages to develop scores for each application.

Here's an outline of an approach to plan and execute these surveys.

  1. Set Goals: Decide what you want to learn, like how to save money or work better.
  2. Make a Survey: Ask key questions about each app's cost, ease of use, performance, value, and tech level.
  3. Pick Respondents: Choose a mix of IT staff, users, and leaders who know about these apps.
  4. Distribute the Survey: Share it with these people, explaining why it matters.
  5. Analyze Answers: Use the feedback to rate each app based on what's important for your business.
  6. Make Decisions: Decide which apps are doing well or need changes, like updates or removal.

Scoring Criteria

The Survey Questions that can be used to assess Business Value are:

  • Types of Users
  • User Adoption
  • Usability
  • User Satisfaction and Feedback
  • Business Criticality
  • Business Requirements Match
  • Operational Impact of Downtime
  • Level of Disaster Recovery
  • Data Analytics and Reporting Capabilities
  • Number of Data
  • Level of Support
  • Mobile Accessibility and Responsiveness
  • Level of Compliance
  • Functional Redundancy

The Survey Questions that can be used to assess Technical Fit are:

  • Application Lifecycle Stage
  • Integration Capabilities
  • Use of Cloud or Plans to Migrate to Cloud
  • Architecture Compatibility
  • Data Quality
  • Security Compliance
  • Performance
  • Availability
  • Scalability
  • Technical Debt and Obsolescence
  • Frequency of Change
  • Maintenance & Support
  • Vendor Stability Risk
  • Flexibility & Customizability

Business Value

Types of Users

Question: Who are the primary users of this application?

Understanding the user base aids in prioritizing development efforts, creating more effective training and support materials, and ensuring the application aligns with its intended audience's requirements. This insight can also inform security and access controls, usability enhancements, and feedback mechanisms to drive continuous improvement.

A. Public Users - The application is available to the general public, necessitating broad accessibility, high scalability, and robust security measures to handle diverse user needs and large volumes of traffic.

B. Customers - The main users are external customers who use the application to engage with the organization’s products or services, requiring a focus on user experience and reliability.

C. Regulatory Bodies - Used by external regulatory or compliance entities to audit, monitor, or review the organization's adherence to industry regulations, prioritizing data integrity and reporting capabilities.

D. Internal Employees - The application is primarily used by employees within the organization for day-to-day operations, internal management, or productivity purposes.

E. Business Partners - Primary users include external business partners, such as suppliers, distributors, or B2B customers, emphasizing collaboration features and integration capabilities.

F. IT/Administrative Staff - Specifically used by IT or administrative staff for technical management, system monitoring, or support tasks, focusing on advanced functionalities and administrative controls.

User Adoption

Question: How would you describe the level of user adoption for this application?

User adoption refers to the extent to which an application's intended users actively engage with and utilize the application as part of their regular workflow or activities.

A. Widespread Adoption - The application is widely used by its target user base, indicating high satisfaction and alignment with user needs.

B. Growing Adoption - Adoption rates are steadily increasing as more users become aware of the application and its benefits, suggesting positive trends in user engagement and satisfaction.

C. Moderate Adoption - The application has achieved a moderate level of adoption, with a stable user base that could benefit from targeted improvements or marketing efforts to boost engagement.

D. Limited Adoption - Adoption is currently limited, with a significant portion of the target user base not using the application regularly. This may indicate potential barriers to adoption or misalignment with user expectations.

E. Negligible Adoption - Very few users have adopted the application, raising concerns about its relevance, usability, or value to its intended audience.

Usability

How user-friendly is this application?

A. Usability refers to the ease with which users can interact with an application to achieve their desired outcomes effectively, efficiently, and satisfactorily. It encompasses elements such as intuitive design, accessibility, learnability, and user satisfaction.

B. Highly Usable - Users find the application extremely intuitive and easy to use, with minimal training required. It consistently meets or exceeds user expectations for efficiency and satisfaction.

C. Generally Usable - The application is considered user-friendly, with some areas for improvement. Most users can navigate and use it effectively with limited guidance.

D. Moderately Usable - Users can achieve their goals with the application, but there may be some usability challenges that impact efficiency or satisfaction. Additional training or support may be needed.

E. Poor Usability - The application presents significant usability challenges, making it difficult for users to perform tasks efficiently or satisfactorily. Substantial redesign or improvement is required.

F. Usability Not a Priority - The application was designed with a focus on functionality or other priorities over user-friendliness, and usability has not been a major consideration.

User Satisfaction and Feedback

How satisfied are users with this application, and what feedback have they provided for improvement?

User satisfaction and feedback are critical indicators of an application's effectiveness, usability, and overall impact on its intended audience. Measuring satisfaction helps identify strengths and areas for improvement, guiding development priorities and enhancing user experience.

A. Highly Satisfied - Users are extremely satisfied with the application, reporting that it meets or exceeds their expectations in all key areas.

B. Satisfied - Most users are satisfied with the application, though they have suggested minor improvements or additional features.

C. Moderately Satisfied - Users are generally satisfied but have identified specific areas where the application could be improved to better meet their needs.

D. Dissatisfied - Many users express dissatisfaction with the application, citing significant usability issues, missing features, or performance problems.

E. Highly Dissatisfied - Users are highly dissatisfied, indicating that the application fails to meet their needs and requires major revisions or overhaul.

Business Criticality

How critical is this application to your business operations?

The business criticality of an application refers to the level of importance the application holds in daily operations and strategic goals. High-criticality applications may require more robust disaster recovery plans, frequent updates, and closer performance monitoring, whereas lower-criticality applications might have more flexibility in these areas.

A. Mission-Critical - The application is vital for daily operations, and any downtime directly impacts the business’s ability to function. Loss of this application would lead to significant financial or reputational damage.

B. Business-Important - While not mission-critical, this application plays a significant role in business processes and efficiency. Downtime affects productivity, but workarounds may be available.

C. Business-Enhancing - This application provides value through enhancing efficiency, data analysis, or customer satisfaction but is not critical to core business operations. Temporary unavailability is manageable without severe impact.

D. Supportive - The application supports internal processes or minor tasks that do not directly impact customer service or revenue generation. Downtime is inconvenient but does not critically affect business operations.

E. Experimental - Used primarily for testing or experimental purposes, the application is not essential for current business operations. Its unavailability poses no immediate risk to business processes.

Business Requirements Match

How well does this application meet the current business requirements?

This evaluation helps in identifying gaps between application functionalities and business needs, guiding decisions on application enhancement, replacement, or retirement.

A. Fully Aligned - The application meets all current business requirements, supporting essential business processes and objectives effectively without any significant gaps.

B. Mostly Aligned - The application meets most of the business requirements, but there are minor gaps or areas for improvement that do not significantly impact overall business operations.

C. Partially Aligned - While the application serves several key business needs, there are notable gaps in functionality or performance that affect its effectiveness and may require additional investment or workaround solutions.

D. Minimally Aligned - The application meets only a few business requirements, with significant gaps in functionality that hinder business operations, indicating a need for major enhancements, replacement, or retirement.

E. Not Aligned - The application does not meet current business requirements, fails to support necessary business processes or objectives, and is likely a candidate for replacement or retirement.

Operational Impact of Downtime

What would be the impact of downtime on this application?

The operational impact of downtime assesses the consequences of an application becoming temporarily unavailable or non-functional on business operations.

A. Catastrophic - Downtime would result in severe disruption of business operations, potentially leading to significant financial losses, legal liabilities, or safety risks.

B. High Impact - The application's unavailability would disrupt important business processes, affecting productivity, customer satisfaction, or revenue generation.

C. Moderate Impact - Some business functions would be affected, but workaround solutions or alternative processes could minimize disruptions to operations.

D. Low Impact - The application's downtime would have a minor effect on operations, with most business activities able to continue with minimal interruption.

E. Negligible Impact - There would be virtually no noticeable effect on business operations, either due to the application's limited use or the availability of effective alternatives.

Level of Disaster Recovery

What is the current level of disaster recovery planning and capability for this application?

Disaster recovery planning is aimed at ensuring business continuity and minimizing downtime in the event of a disaster. This encompasses both natural disasters and cyber-attacks.

A. Fully Redundant - The application and its data are fully replicated in a geographically separate location, allowing for immediate failover with no data loss and minimal downtime.

B. High Availability - The application has been designed for high availability with redundant components and failover capabilities in the same or a nearby location, ensuring quick recovery from failures with minimal data loss.

C. Regular Backups - Regular backups of the application data are performed and stored offsite. Recovery times may vary, and there might be some data loss based on the backup frequency.

D. Basic Plan - A basic disaster recovery plan exists, including periodic data backups and a conceptual framework for recovery. However, detailed recovery processes, failover mechanisms, or offsite data replication may not be fully developed.

E. No Formal Plan - There is no formal disaster recovery plan in place. The application may have ad hoc backups or none at all, with no clear strategy for recovery in the event of a disaster.

Data Analytics and Reporting Capabilities

What capabilities does this application offer in terms of data analytics and reporting?

The data analytics and reporting capabilities of an application refer to its ability to collect, analyze, and present data in a meaningful way to support decision-making processes. These capabilities can range from basic reporting functions to advanced analytics features, including real-time data analysis, predictive analytics, customizable dashboards, and comprehensive data visualization tools.

A. Advanced Analytics and Reporting - The application offers comprehensive analytics and reporting features, including predictive analytics, customizable dashboards, and real-time data visualization.

B. Standard Reporting with Some Analytics - It provides standard reporting functions and some analytical capabilities but lacks advanced analytics features.

C. Basic Reporting Only - The application includes basic reporting features for data summarization and presentation, without analytics capabilities.

D. Limited Reporting - Only limited reporting capabilities are available, offering minimal support for data-driven decision-making.

E. No Reporting or Analytics - The application does not include any built-in reporting or analytics capabilities.

Number of Data Integrations

How many data integrations does this application have?

The number of data integrations to and from an application is an important metric that reflects the application's connectivity within the broader IT ecosystem.

A. No Integrations - The application does not integrate with any other systems or data sources and operates independently.

B. 1-5 Integrations - The application has a few integrations, connecting it with a limited number of systems or data sources for specific purposes.

C. 6-10 Integrations - A moderate number of integrations, indicating the application plays a significant role in the organization's data ecosystem.

D. 11-20 Integrations - The application is highly integrated, connecting with a wide range of systems and data sources, reflecting its central importance in operations.

E. More than 20 Integrations - The application has extensive integrations, indicating it is a critical component of the organization's IT infrastructure with broad connectivity.

Level of Support

What level of support is available for this application?

The level of support available for an application encompasses the range of services provided to assist users and maintain the application's functionality. This can include technical assistance, troubleshooting, updates, and training.

A. Full Support - Comprehensive support services are available, including 24/7 technical assistance, regular updates and patches, detailed documentation, and user training resources.

B. Limited Support - Some support services are available, such as standard business hours technical assistance, and occasional updates, but may lack immediacy or comprehensive resources.

C. Self-Support - Users rely mainly on self-help resources such as forums, online documentation, and community support, with minimal direct assistance from the provider.

D. No Formal Support - There is no formal support structure in place; users may have to rely on external resources or third-party services for troubleshooting and assistance.

E. Support Not Required - The application is simple enough that it does not require a formal support structure, or it is used in a context where users can manage without direct support.

Mobile Accessibility and Responsiveness

Is this application accessible and responsive on mobile devices, supporting remote and flexible work arrangements?

Mobile accessibility and responsiveness refer to an application's ability to provide an optimal user experience across various mobile devices, such as smartphones and tablets. This involves a design that adjusts smoothly to different screen sizes, touch interface compatibility, and features that support effective use on mobile platforms. In today's increasingly mobile and remote work environments, having applications that are accessible and responsive on mobile devices is crucial for ensuring productivity, flexibility, and user satisfaction. It also facilitates seamless work processes and collaboration, regardless of location.

A. Fully Mobile Optimized - The application is fully optimized for mobile use, offering a seamless experience across all types of mobile devices and screen sizes.

B. Partially Mobile Optimized - While accessible on mobile devices, the application offers a limited experience or reduced functionality compared to desktop versions.

C. Mobile Accessible but Not Optimized - The application can be accessed on mobile devices, but it is not optimized for mobile use, leading to potential usability issues.

D. Not Mobile Accessible - The application is not accessible on mobile devices, requiring users to rely on desktop or laptop computers for access.

E. Mobile Use Not Applicable - The application is designed for use cases where mobile accessibility and responsiveness are not relevant or required.

Level of Compliance

Does this application need to comply with any specific regulations or standards?

Compliance ensures that the application meets legal, industry, and security requirements, including data protection, privacy laws, financial reporting standards, and more. Understanding the specific compliance requirements for an application helps in aligning its development, operation, and maintenance with necessary regulatory obligations, thereby mitigating legal and operational risks.

A. Data Protection and Privacy (e.g., GDPR, CCPA) - The application must adhere to data protection and privacy regulations, requiring robust data handling, privacy controls, and user consent mechanisms.

B. Industry-Specific Standards (e.g., ISO 27001, ISO 9001) - The application may need to meet specific industry standards focusing on quality management systems or information security management.

C. No Specific Compliance Requirements - The application does not fall under any specific regulatory compliance requirements but follows general best practices for security and operational integrity.

Functional Redundancy

Are functions of this application offered by other applications within the organization?

Identifying whether the functions provided by an application are duplicated by other applications within the organization is crucial for optimizing the application portfolio and avoiding redundancy. Redundant applications can lead to unnecessary complexity, increased maintenance costs, and potential data inconsistencies.

A. Unique Functions - This application provides unique functions not available in any other application within the organization, highlighting its distinct value.

B. Some Overlap - There are some overlapping functions with other applications, but this application also offers unique features that justify its use.

C. High Overlap - Most functions of this application overlap with those of other applications, raising questions about the need for consolidation.

D. Complete Redundancy - All functions provided by this application are also offered by other applications, indicating potential for rationalization and cost savings.

Technical Fit

Application Lifecycle Stage

What is the lifecycle stage of this application?

The Lifecycle stage indicates whether an application is under development, maturing, or nearing its end of life, each carrying different implications for resource allocation and strategic planning.

A. Development Stage - The application is currently being developed and is not yet in production. This stage involves designing, coding, and testing the application.

B. Launch/Production Stage - The application has been released to users and is actively being used in a live environment. The focus at this stage is on monitoring, managing performance, and user support.

C. Growth Stage - The application is experiencing user growth and may require scaling, feature enhancements, and optimization to meet increasing demand.

D. Maturity Stage - The application has a stable user base with minimal growth. Efforts may focus on maintaining performance, security updates, and incremental improvements.

E. Decline Stage - The application is experiencing a decrease in users or has become less critical to operations. Decisions may include maintaining with minimal effort, decommissioning, or planning for replacement.

F. Retirement Stage - The application is planned for decommissioning. This involves ensuring data migration, user transition plans, and archival processes are in place.

Integration Capabilities

How would you rate the application's ability to integrate with other systems and applications?

Integration capabilities refer to an application's ability to connect and work seamlessly with other systems, software, and applications within the technology ecosystem.

A. Highly Integrable - The application easily integrates with a wide range of systems and platforms, supporting various standards and protocols for seamless interoperability.

B. Moderately Integrable - The application supports integration with several key systems and platforms, though some custom work may be needed for less common integrations.

C. Limited Integration - Integration capabilities are present but limited to a few specific systems or require significant custom development effort to achieve interoperability.

D. Not Integrable - The application has minimal to no built-in support for integration with other systems, posing substantial challenges for data exchange and process automation.

E. Integration Not Required - The application operates independently without the need for integration with other systems, focusing on standalone functionality.

Use of Cloud or Plans to Migrate to Cloud

Is this application currently utilizing cloud services or are there plans to migrate to the cloud?

Cloud computing offers scalability, flexibility, and cost-efficiency, enabling organizations to adapt to changing business needs and technological advancements more effectively.

A. Fully Cloud-Based - The application is already hosted on a cloud platform, leveraging cloud services for scalability, flexibility, and efficiency.

B. Partially Cloud-Based - Some components or functionalities of the application are hosted on the cloud, with plans to increase cloud utilization over time.

C. Cloud Migration Planned - There are concrete plans to migrate this application to the cloud, with timelines and strategies already defined.

D. Cloud Migration Under Consideration - The possibility of migrating to the cloud is being explored, but no definitive plans have been made yet.

E. No Cloud Usage or Plans - The application is currently not using cloud services, nor are there any plans to migrate to the cloud in the foreseeable future.

Architecture Compatibility

How compatible is this application with the current IT architecture?

Architecture compatibility assesses how well an application fits within the existing IT architecture in terms of technology stack, standards, security protocols, and design principles.

A. Fully Compatible - The application seamlessly integrates with the current IT architecture, adhering to all relevant standards, protocols, and design principles without requiring any modifications.

B. Mostly Compatible - The application is largely compatible with the existing architecture, requiring minimal adjustments or workarounds to integrate effectively.

C. Partially Compatible - Some aspects of the application are compatible with the current architecture, but significant modifications or custom integrations are needed to ensure full functionality.

D. Incompatible - The application does not align with the existing IT architecture, necessitating substantial changes to either the application or the infrastructure to enable integration.

E. Architecture-Independent - The application operates independently of the core IT architecture, minimizing direct compatibility concerns but potentially raising issues of data integration or siloed operations.

Data Quality

How would you rate the quality of data managed or generated by this application?

Data quality refers to the accuracy, completeness, consistency, and reliability of data managed or produced by an application.

A. Excellent - The data is consistently accurate, complete, and timely, with robust validation processes to ensure integrity and reliability across all data points.

B. Good - Generally, the data is reliable with minor issues in accuracy or completeness that do not significantly impact overall data utility.

C. Adequate - The data meets basic requirements for accuracy and completeness, but there are noticeable areas for improvement to enhance reliability and consistency.

D. Poor - There are significant issues with data accuracy, completeness, or consistency, affecting the application's utility and requiring corrective measures.

E. Varies Widely - Data quality varies significantly depending on the specific data sets or sources involved, with some data meeting high-quality standards and other data showing notable deficiencies.

Security Compliance

How does this application comply with security standards?

Security compliance involves adhering to established security standards, and best practices to protect data, ensure privacy, and mitigate risks associated with cyber threats. An application's compliance with security standards indicates its level of security measures, vulnerability management, and overall commitment to protecting user and organizational data.

A. Fully Compliant - The application meets or exceeds all relevant security standards and regulations, demonstrating a high level of data protection and risk management.

B. Mostly Compliant - The application is compliant with the majority of applicable security standards, but there may be minor areas for improvement or pending updates to achieve full compliance.

C. Partially Compliant - The application meets some security standards, but there are significant areas where it does not comply, indicating a need for enhanced security measures or updates.

D. Not Compliant - The application does not comply with necessary security standards and regulations, posing serious risks and requiring immediate attention to address compliance issues.

E. Compliance Under Review - The application's compliance with security standards is currently being evaluated to determine its adherence and identify any gaps.

F. Compliance Not Applicable - The application operates in a context where specific security standards and regulations are not applicable, or it is used in a manner that does not require compliance.

Performance

How would you rate the performance of this application?

The performance of an application encompasses its responsiveness, efficiency, and stability under varying workloads. High-performing applications deliver a seamless user experience, with quick load times and consistent operation, even during peak usage periods. Performance metrics might include transaction speeds, system responsiveness, and uptime percentages, among others.

A. Excellent Performance - The application consistently operates at peak efficiency, with fast response times and no noticeable delays, even under heavy load.

B. Good Performance - Performance is generally strong, with occasional minor issues under high demand that do not significantly impact user experience.

C. Adequate Performance - The application meets basic performance expectations, but some noticeable delays or inefficiencies could be improved.

D. Poor Performance - The application frequently experiences slowdowns, downtime, or other performance issues that negatively affect usability and satisfaction.

E. Varies Widely - Performance is inconsistent, varying significantly based on factors such as time of day, specific functionalities used, or user location.

Availability

How available is this application?

Availability refers to the degree to which an application is accessible and functional for users as intended, without unplanned downtime or disruptions. High availability is essential for applications that support critical business processes or require constant access by users. It involves redundancy, failover mechanisms, and robust infrastructure to ensure continuous operation, even in the event of failures or maintenance activities. Assessing an application's availability helps in understanding its reliability, planning for disaster recovery, and ensuring that the application meets business continuity requirements.

A. Always Available (99.99% uptime) - The application achieves near-continuous availability, with very minimal downtime only during planned maintenance.

B. Highly Available (99%-99.9% uptime) - The application is available most of the time, with occasional downtime for maintenance or unexpected issues.

C. Moderately Available (95%-99% uptime) - The application is generally available, but there may be more frequent disruptions or scheduled downtime periods.

D. Occasionally Unavailable (<95% uptime) - The application experiences notable periods of unavailability, affecting its reliability for critical operations.

E. Not Applicable - The application is not designed for continuous operation, or availability is not a critical factor due to its specific use case or function

Scalability

How scalable is this application?

Scalability refers to an application's ability to handle increasing workloads or to be expanded to accommodate growth without compromising performance or user experience. This could mean scaling up to support more concurrent users, larger data volumes, or additional functionalities.

A. Highly Scalable - The application can effortlessly handle significant increases in users, data volume, or transaction rates without needing substantial modifications or upgrades.

B. Moderately Scalable - The application is capable of scaling to meet moderate increases in demand, though this may require some planned adjustments or optimizations.

C. Slightly Scalable - There are some limitations to the application's scalability. It can handle small increases in workload but may struggle with larger growth without considerable changes.

D. Not Scalable - The application has significant scalability limitations and cannot handle increased workloads without major rework or performance degradation.

E. Scalability Not Required - The application serves a fixed scope or user base where scalability is not a consideration or requirement.

Technical Debt and Obsolescence

To what extent is technical debt and obsolescence an issue for this application?

Technical debt refers to the implied cost of additional rework caused by non-optimal design or implementation decisions instead of using a better approach that would have taken longer. Obsolescence refers to application components that have become outdated and no longer effective.

A. Significant Issue - Technical debt and obsolescence severely impacts the application, necessitating immediate action to address performance, security, or compatibility issues.

B. Moderate Issue - Some level of technical debt and obsolescence is present, affecting the application's efficiency or maintainability but not to a critical extent.

C. Minor Issue - There are minimal concerns related to technical debt and obsolescence, with only slight impacts on the application's overall performance or future development.

D. Not an Issue - Technical debt and obsolescence are not currently issues for this application, either due to recent updates or inherently sustainable design.

Frequency of Change

How frequently are updates or changes made to this application?

The frequency of updates or changes to an application can impact its usability, security, and functionality. Regular updates may introduce new features, fix bugs, and address security vulnerabilities, contributing to the application's overall health and user satisfaction. Conversely, infrequent updates might indicate a static application that could become outdated or less secure over time.

A. Continuous Updates - The application receives updates continuously, with new features, fixes, and security patches deployed regularly.

B. Frequent Updates - Updates are made frequently, typically on a monthly or quarterly basis, to address user needs and security requirements.

C. Periodic Updates - The application is updated periodically, such as semi-annually or annually, with planned releases for major enhancements or fixes.

D. Infrequent Updates - Updates are infrequent and may only occur when critical issues need to be addressed, leading to potential gaps in functionality or security.

E. Static - The application rarely receives updates, with no regular schedule for changes or enhancements, potentially leading to obsolescence.

Maintenance & Support

What is the level of maintenance and support required for this application?

The level of maintenance and support required for an application includes the ongoing efforts needed to ensure its operational effectiveness, security, and adaptability to changing needs. This includes routine updates, bug fixes, security patches, and user support services.

A. High Maintenance - Requires frequent updates, patches, and active user support to address performance issues, security vulnerabilities, or functional enhancements.

B. Moderate Maintenance - Needs regular maintenance activities and user support but at a manageable level that does not demand excessive resources.

C. Low Maintenance - Minimal maintenance is required, with infrequent updates and limited user support needs, indicating a stable and efficient application.

D. Self-Sustaining - Designed to operate with minimal intervention, utilizing automated updates and self-help resources for user support.

E. Varies by Usage - Maintenance and support needs vary significantly based on usage patterns, features utilized, or user base size.

Vendor Stability Risk

What is the risk associated with the stability of the software vendor?

The stability of the software vendor refers to the vendor's financial health, market position, and ability to continue supporting and updating the software over time.

A. Very Low Risk - The vendor is well-established with a strong market position and financial stability, indicating minimal risk of discontinuation or lack of support.

B. Low Risk - The vendor is stable with a good track record, though subject to normal market risks. Minor concerns may exist but do not significantly threaten the software's future.

C. Moderate Risk - Some warning signs or uncertainties regarding the vendor's stability exist, potentially affecting their ability to support the software long-term.

D. High Risk - Significant concerns about the vendor's stability due to financial issues, market position, or other factors that could jeopardize software support and updates.

E. Very High Risk - The vendor is facing serious challenges that highly risk the continuity of the software, including potential discontinuation or drastic changes in service terms.

Flexibility & Customizability

How would you rate the flexibility and customizability of this application?

Flexibility and customizability refer to the ability of an application to adapt to changing business needs, user requirements, and technological advancements. High flexibility and customizability allow an application to evolve, accommodating new workflows, user roles, or integration with other systems without requiring significant redevelopment.

A. Highly Flexible and Customizable - The application can be easily adapted or customized to meet a wide range of business needs and user preferences, supporting scalability and integration with minimal effort.

B. Somewhat Flexible and Customizable - The application offers a moderate level of flexibility and customization options, accommodating some changes or integrations but with certain limitations.

C. Minimally Flexible and Customizable - There are limited options for adapting or customizing the application, making it challenging to align with changing business requirements or integrate with other systems.

D. Not Flexible or Customizable - The application cannot be significantly adapted or customized, requiring extensive workarounds or manual processes to meet new or evolving business needs.

E. Customization Not Applicable - The application is used as-is, with no need or expectation for customization or adaptation.

What to read next

9. Why and how to use Architecture Tools

Copyright License

This license enables reusers to distribute, remix, adapt, and build upon the material in any medium or format, so long as attribution is given to the creator. The license allows for commercial use.

You may also be interested in

Get in touch.

Embarking on setting up your foundational Enterprise Architecture (EA) or looking to Improve your existing EA?