One of the leading reasons a project takes more time than was estimated is because an proper impact analysis was not carried out. In some cases, they may not be done at all. If and when an impact analysis is carried out, rarely is there thought put into how the new development is going to be supported.

In this post, I'm going to go through what an impact analysis is, and how you should do it with Support Driven Development in mind.

An impact analysis is usually done by a development team when they are analysing the impact of the changes they will be making on a deployed product or application. It gives a clear view of what areas of the project that may be affected due to the change that is being planned as well as the timelines involved.

Generally speaking, an impact analysis is carried out to understand some or all of the following:

• Possible outcomes of implementing the change on performance, user experience, functionality etc.

• The files, models, and documents that may have to be modified during the course of change

• The sequence of the work that needs to be done and the effort required to make the change

• Any external dependencies that may cause the change to be delayed or blocked

Below is a very basic impact analysis list of questions that you might see when one of these changes are being carried out. Remember the password reset example I used in the first article? Let’s go back in time to pretend that this work is being carried out to implement the actual link where a user can request a change of password.

Q. What is the description of the change?

A. Adding a “Forgot Password” link to the login page for users to request a password reset email.

Q. What Area/Page is being changed?

A. The Login screen

Q. Is there a change in functionality?

A. Yes, once the change is made, the user will be able to request a login change themselves

Q. What API’s will have to be changed?

A. The Authentication API

Q. Is there a change to the UI?

A. Yes, we will be adding a new clickable link below the password field that leads to a new page where the user needs to put their email into the form

Q. Will there be changes to the tests? (Smoke tests/Functional Testing)

A. Need a new functional test to click the link

Q. Are there any PCI fields being added?

A. Email will be entered on new screen

Q. Will the encryption on any fields be changed?

A. None expected — email retrieved on the new password reset screen may need to be hashed in the logs

Q. Will any documentation need to be updated?

A. User guide will have to have instructions changed for new login page design and instructions given for resetting password

Q. Will there be changes to the DB?

A. None expected. This will use all existing fields

All of these questions are valid and the answers will give decent guidance to the developers and their work, but if you read back over this, the support team and how this feature is to be supported have not been considered at all.

This is a common problem throughout software development as the dev and product team generally don’t need to know how a product is supported as they are not involved in the day-to-day support of the platform.

If your team does not do an impact analysis then you should definitely start one. You can’t always think of all of the ins and outs that may impact the different areas of the platform and if all of the relevant questions are saved in a list like the above, it can be easier to hand this task to others.

Keeping Support in Mind

Two things can be done to improve on the above Impact analysis checklist.

Firstly, you can consult your support team and ask them for some questions to add to the list. Getting support to add their own questions will cover the questions you and your development team didn’t think of, while also making the support team gain a bit of ownership in the work.

Having a good working relationship between the dev team and the support team should help to improve the working environment and could even reduce the staff turnover in the support team.

The other thing you could do is add a “Support” Column to the impact analysis, where the support team can add their own comments or requirements. Once the product/dev team has done their first draft, support can fill out their section with their own thoughts. It will then be passed back to the product/dev team for further comments and clarifications.

So, with that in mind, let’s revisit the above list. I’ve added the new support related questions to the bottom. The dev team’s responses to the support answers will be in italic. Support Answer is SA below.

Q. Give brief description of change

A. Adding a “Forgot Password” link to the login page for users to request a password reset email. 
Send password reset button will also be added to support UI

SA. We should add the option for support to send a password reset email to the customer if they phone support.

Q. What Area/Page is being changed

A. The Login screen
Support UI

SA. Change support UI with new button

Q. Is there a change in functionality?

A. Yes, once the change is made, the user will be able to request a login change themselves
Support will also be able to send them their password reset

Q. What API’s will have to be changed?

A. The Authentication API

Q. Is there a change to the UI?

A. Yes, we will be adding a new clickable link below the password field that leads to a new page where the user needs to put their email into the form
Also will be a button beside the user’s email on the support UI “Send password reset email”

SA. Add the support button onto the user management page if possible

Q. Will there be changes to the tests? (Smoke tests/Functional Testing)

A. Need a new functional test to click the link

Q. Are there any PCI fields being added?

A. Email will be entered on new screen

Q. Will the encryption on any fields be changed?

A. None expected — email retrieved on the new password reset screen may need to be hashed in the logs
Will also add the user ID to the support UI in place of the email. User ID is searchable in the logs

SA. We use this email when searching the logs for issues, we’ll need some alternative way to search the logs if this email will be hidden

Q. Will any documentation need to be updated?

A. User guide will have to have instructions changed for new login page design and instructions given for resetting password

Q. Will there be changes to the DB?

A. None expected. This will use all existing fields

Support Questions

Q. Does training/support material need to be provided to support staff?

A. Yes, the user guides will be updated and sample logs will be provided.

SA. Providing us with a sample log line should be sufficient here

Q. Will the support UI change?

A. No
Yes, adding the user ID to the support UI along with the button to send a password reset

SA. See above

Q. Will any logs be changed?

A. We’ll have to hide the email field from the logs due to GDPR

SA. If we can search with the user ID then this is not an issue

Q. What kind of logs will be added?

A. Logs will be added for the sending of the email, requesting the password reset and the submitting of the password form
Create a task to add the logs to the support UI Audit log

SA. Please make sure to add this password reset to the customer’s audit log on the support UI.
Also log when a support member clicks the send password reset button

Q. What actions will be logged?

A. As Above

Q. Will a correlation ID be added to the logs?

A. Yes, will add correlation ID to all above actions

SA. Please provide sample log lines when work is underway

See where I’m getting at here?

With that list alone, we’ve solved or planned for almost half of the issues I originally raised in the example in my first post. Have any other support questions you’ve had to add to your own impact analysis? Feel free to let me know in the comments!

Looking for some reading material? Check out our speaker recommended reading list here: https://youngleaders.tech/podcasts-books-blogs-people/

Originally published at https://youngleaders.tech on May 24, 2021.