Enforcing Coding Standards in Global Teams

by Mike Oara
June 25, 2009

Application portfolios consist of a diverse array of languages, so managers must realize they need to apply standards across different environments.

Generate Software Insights

Software can be managed from multiple business perspectives. You may wish to control the quality of code in a core business process. You may wish to apply stricter standards to code that manages customer data. Or, you may wish to monitor the adherence of outsourcing providers to Service Level Agreements (SLAs).

To do so, managers should overlay “business context” or metadata onto their applications. This step lets users apply different standards to different business groups in their application portfolio. Users can then isolate code by context into a project that can be individually assessed for standards adherence. This helps development teams ensure adherence in business contexts that matter to the organization.

Define Governance Policies

Responsible individuals should define the policies to which software assets must adhere. Creating these policy frameworks should be simple and actionable. They should be instantly applicable against source code. Commercially available software lets users define policy criteria in its querying engine’s wizard. Adding, sharing, reconfiguring, and chaining these policies simplifies the identification of misalignments.

Invoke Policies

Next, we can think about when the policies are to be applied. Numerous parties will want to govern how well their software assets align with corporate policies. For instance:

• Management may want to determine the level of service or performance that a set of software assets provides to a business unit.
• An outsourcing manager will want to verify that the provider is adhering to SLAs for code quality.
• An architect may decide to validate architectural quality before sending an application into production.
• A development professional may monitor how his changes are affecting alignment with corporate standards.

When the policies are invoked will determine the likely path for reporting non-compliance. For instance, they could be flagged during development as a list of violations. They could be marked in a collaborative development environment as tasks that warrant follow up. Or measurements could be tracked and presented via a dashboard to management.

In some commercially available tools, application source code is parsed into a repository where all characteristics of the code are captured in a model. Where coding standards exist, it’s possible to create searches in your analysis tool that identify where application source does not adhere to these standards. These searches can be chained together and executed in a batch environment to provide an automated method of identifying non-adherence to standards.