Moving to the Cloud: Two Major Risks and How to Minimize Their Impact on Your Business

Q & A with Kenny Small, VP Delivery, Qualitest’s US ERP Practice  

Few quality professionals have the Enterprise tech expertise of Kenny Small, who leads Qualitest’s ERP practice in the United States. Originally from the UK, Kenny started his career as an SAP functional consultant and moved to the US in 2017 to grow Qualitest’s capabilities across ERP, CRM and HRIS applications. He has led dozens of QE projects for top brands across numerous industries, helping client-partners boost efficiency and profitability while reducing risk.

Kenny shares his insights about emerging cloud computing trends and how you can avoid the significant—and often hidden–business and technical risks posed by the cloud.    

Q: What cloud computing trends have you seen emerging since the pandemic began in 2020?

A: The year 2021 was the driver for accelerating cloud strategies and cloud diversification, resulting in hybrid cloud landscapes. Now that these landscapes are up and running, we are seeing an accelerated concern about how to manage them.  

Another trend is seamless collaboration. It’s relatively old news that the pandemic caused a shift in workplace norms, but how this disruption settles and consolidates will be the focus for many brands through 2022. It’s more than supporting remote work. Enterprise applications are being further integrated to promote collaboration not only among business users—think Slack and Salesforce integration–but also among the applications themselves. In fact, recent projections call for the data integration market to treble in the next five years.   

This means more APIs, more data integration and more business risk as we introduce complexity while redefining business processes. 

Q: Tell us a little more about these risks and their impact.

A: There are two main risks companies often face at the infrastructure and application level, although the particular cloud model and service can heighten or lower the risks.  

Data Integration (Infrastructure)

The biggest risk is integrating these applications across different landscapes, having them seamlessly share data, with a focus on the right data at the right time to support business functions. With multiple applications, often sitting on different infrastructures, exchanging business-critical data that needs to be transformed and following different security protocols, the risk of failure is likely and significant. It only takes one incorrect field, or one instance where error handling lacks enough robustness, for an integration to fail.  

Updates (Application)

Moving to the cloud also significantly limits a company’s control over updates, because cloud apps are driven by their own update protocols and schedules. Businesses have little time to respond to these changes and updates. The enterprise is moving towards a continually fresh, evergreen landscape, where cloud applications will force down updates, similar to what happens with mobile devices.  

The challenge here is not just on the cloud application itself, but also the upstream and downstream applications that exchange data with the cloud application. This is heightened when the upstream and downstream applications are also on a cloud and are receiving their own regular updates.  

Add in regular bug fixes and enhancements, and you have changes occurring weekly–even daily! It’s making us rethink slightly the age-old rule that business drives technology. In this environment, business processes need to be adapted to prosper.  

Q: How can a company take back control over quality?

A: Continuous testing is key to ensure control over the quality released into production and have constant visibility into the quality status. QE companies need to create a new narrative and define the best practice approach.  

For example, at Qualiest, we’ve recently established global COEs to challenge norms and rethink the approach. This has led us to end-end, AI-driven automation executing business process-driven test scripts, with a focus on being targeted, not just fast. In this way we are helping companies complete a transformation, evolving first from Quality Assurance to Quality Engineering and now to Digital Engineering, all working to guarantee Brand Assurance. 

In an environment with continuous, often federated updates, targeted testing helps protect a client’s schedule and budget without slowing down business processes. 

Q: How do you achieve targeted testing?

 A: We take a Risk-Based Testing approach, prioritizing tests by business and technical risk. The process has four main parts:  

• Risk-Based Testing Score First we identify what we need to test, applying business and technical risk scores to each business process in the test library using our Risk-Based Testing methodology. We then provide this information to our AI engine, so it can guide the automated solution to make decisions on what to test. This helps us determine which business processes are business-critical and which have the most likelihood of technical failure. 
• Impact Analysis Then we connect the AI automation solution into our client’s release or transport solution. When the changed code is deployed, the AI solution maps to the RBT score to enable prioritization of the areas of focus, since we know what change has the most risk.  
• Likelihood of failure Next, the AI automated solution will review the test history for each business process and map any production incidents to these processes, determining which ones fail often against which ones are robust.  
• Execution Finally, the AI solution will execute automated scripts in order of test priority, based on associated risk and likelihood of failure. At this point business-driven rules and qualifications can be introduced. For example, if there is a three-hour window for execution but it takes four hours to run all impacted tests, the AI solution will consider this as part of the execution order. 

Q: What best practices should businesses look for in a continuous testing QE partner?

A: The most essential quality is a business process-driven mindset. Businesses need QE experts who can assess the ability to execute the business process, not just the technology that supports it.  

Another best practice is business reporting. Understanding the results is often an overlooked part of continuous testing. QE needs to go beyond just pass or fail. Business-driven reporting is essential. We need to understand where the failure occurred and why, capturing all auditable evidence along the way to ensure issue triage is as fast and targeted as the solution. 

Speed is another imperative. The value of targeted AI automation is reduced if it takes a week to make a decision on the results. This is where interactive data analytics systems and reporting dashboard tools can really help.  

Finally, introducing next-gen tech is critical, not just to keep up but also to drive the narrative. Without it the solution might be fit for today, but potentially not tomorrow.