Accountable-By-Design
Business stops asking for guarantees on systems. It understands to attract more in 2020, it'll have to sell the guarantees themselves. It is not SLA. This goes beyond committing on leaving penalties on next billing . We deal with selling a guarantee as a building block for high trust.
Let's then build "Accountable-By-Design". Business will very soon change what it demands us, as an IT builder. Terms of contracts are toughly defined those days. Contract Units and RFP issuers are now calling expert people to assist in drafting our 2020 contract clauses since the ignition and not to add up last minute extra annexes at the end. Design accountability becomes the product sold.
Periodically audited systems become now the commercial norm for many new sectors.
Weak bricks of our IT platform disable our "capacity to guarantee". We therefore loose the potential to differentiate on the market. And the difference is the margin, it's an RFP won on the ability to say I commit, as I'm confident I'm "Accountable-By-Design".
While thinking the bricks of their stack, developers and builders must keep aware, keep a kind of civic-mindedness of risks they either generate or mitigate. It is often almost free. It is only a matter of doubt. Self questioning.
Afer encrypting end-to-end, signing all API micro-services, setting up OAuth in any calls, maintaining the whole YAML stack up-to-date in CI/CD, subscribing to kernel real time patchers, ciphering files at rest... we still have to go further to remain saleable. I don't even say anymore, to keep credible.
Just a simple, free, example about "how to properly doubt" to my fellows developers, lead developers and solution architects: