Configuration Management, is it all about TRUST - Thoughts prompted by the BCS Configuration Management Specialist Group Conference, 9/5/17

Written By:
Content Copyright © 2017 Bloor. All Rights Reserved.
Also posted on: The Norfolk Punt

As we near the end of the second decade of the 21st century, we see the rise of the, the agile organisation in a constant state of evolutionary change as it responds to its changing environment in near real time. There is no room for manual control procedures, with stuff sitting in email queues for hours – often days – waiting for signoff.

There is a technology story here, but the really fundamental story is TRUST. Can we trust the automated systems in the mutable business to do the right thing? Even in the 21st century, that means “good governance” – “just enough governance” that doesn’t get in the way of Agility. But Agility won’t be much defence against a multimillion dollar General Data Protection Regulation fine if some Agile programmer picks up some neat data she doesn’t have permission to use, as part of a clever customer profiling initiative that rocks the market – and one of your customers complains about being profiled in the first place (they ask, you have to tell them, or the fine will probably be bigger).

Automation, of course, is the key, but you do need to know what data you have, who is responsible for it, what systems are affected, what consent is in effect, which policies apply (and from when). And, if you do address the issue, you need to be sure that “old code” can’t sneak back into production. And dealing with GDPR is just one scenario. What you need is “configuration management” (CM) – and it had better be agile, low overhead, automated and all those good things.

Nevertheless, this isn’t a plea for the purchase of CM automation tools. They are probably necessary, as long as you choose the right ones for your needs, but not sufficient. This is a plea for CM process, institutionalised within your automation culture, so that all stakeholders can assess the impact of change and can trust that it won’t have unintended consequences.

The need for CM process is why I’m suggesting that attending the 2017 CMSG conference is a good idea. Not just because of the lectures, but because of the chance to network with practitioners who have “been there, done that” and know all about the pitfalls on the way: what works and what doesn’t.

The conference is split into 3 main streams throughout the day:

  • Devops
  • Change, Configuration and Release.
  • Software Asset Management and licensing.

Its exciting keynote speaker, Rebecca Horton of Red Hat, will bind the streams together. Rebecca will discuss how SAM and Configuration Maturity can enable dynamic, agile and innovative business-focused decision making.

The program is still being finalised, but includes a session on preparing for software licensing audits, with Martijn Braamskamp of Softline Solutions, a session on the importance of normalised data with Mark Howell of BDNA, and DevOps and Open Source Software Continuous Compliance with Martin Callinan of Source Code Control.

The CMSG itself has been running since 1996 and has changed and evolved over the years. Its primary activities involve holding CPD (Continuous Professional Development) events, at BCS London in Southampton Street and in the north of the UK, in cities such as York, Leeds and Manchester. These take a variety of forms, with its annual conference, held in May/June, being a key event.

Save the conference date! 9th May 2017 – at BCS HQ (1st Floor, The Davidson Building, 5 Southampton Street, London, WC2E 7HA), on the Strand in London.

Signup here. It’s £45 for BCS & itSMF members, £80 for non-members, £10.00 for Students (all plus VAT) but there’s a special 25% discount code (entered on the final page) for Bloor readers: 2419-HVW-JQR.

Free entry for bona-fide journalists, email your details to