Managing IT debt and obsolescence: Preserving IT agility, security and innovation capacity

16 juillet 2021 | ACTUALITÉS, Cigref in english, Communiqués, Publications du Cigref

Cigref has published its latest report entitled « Managing IT debt and obsolescence: Preserving the agility, security and innovation capacity of IT ». This report, which is the result of meetings of a working group led by Franck Denié, Director of Information Systems at Pôle emploi, aims to provide Cigref’s digital managers, and more generally anyone interested, with keys to understanding and some good practices for better controlling the phenomenon of IT debt and obsolescence, which is growing steadily over time.

This report is also published in French: click here to consult the French version

IT debt, an increasingly strategic issue for companies

In the current context of digital transformation, IT debt and obsolescence in companies is becoming an increasingly strategic issue for IT departments, but also for Top Management and business units. In the face of the threat to the overall level of business agility, these concerns must be known and shared by all players at all levels.

To facilitate this collective awareness, it is possible to highlight, for example:

  • the role of IT debt management in meeting new strategic requirements, new business needs and new functionalities.
  • the business risk associated with not addressing IT debt.
  • the control of security issues achieved through effective IT debt management.
Needing to qualify, measure and control IT debt to reduce it

The IT debt management process is recent and still needs to mature in organisations. Measuring assets as IT debt can be difficult due to systems’ complexity, incomplete mapping, lack of a public product lifecycle repository and multiplicity of suppliers. Nevertheless, this identification and assessment work is essential for effective IT debt management on the one hand, and can feed into other projects – such as cloud migration – on the other.

I often use the metaphor of the city to explain this phenomenon of aging Information Systems. Indeed, the evolution of a city requires a global vision of all of its districts and infrastructures. There is of course a strong motivation to create new and modern districts in order to attract new populations and expand its territory. But it is also necessary to maintain, modernise and restore the older and even historic districts, which are mostly located at the heart of the city and on its outskirts, because they support a large part of the activity and city attractiveness. Although these renovations are sometimes costly and complex due to the constraints of the existing heritage, they have become absolutely necessary. – Franck Denié – Chief Information Officer of Pôle emploi, Leader of the “Management of IT debt and obsolescence” working group –
Gaining maturity in the IT debt management process

The treatment of debt is sometimes costly and complex due to the constraints of the existing assets, but it is nevertheless absolutely necessary. It is recommended to dedicate a budget, like for cybersecurity projects, in order to have a minimum of financial resources even if other difficulties – particularly those linked to project prioritisation or deadlines – may nevertheless slow down this management. The management of the legacy systems, whether to modernise or replace it, can be done through major programmes but it is advocated to transform it over time.

In this context, one of the major challenges is to improve and sustainably anchor IT debt management by placing it at the heart of the company’s processes and by involving all stakeholders.

Main recommendations

In summary, here is a vade mecum of recommendations that have been formalised for IT departments in order to best manage the subject of IT debt and obsolescence:

  • Adopting an approach that presents the business risks associated with IT debt.
  • Leveraging cybersecurity and service continuity issues. 
  • Formalising an IT map and make IT debt and obsolescence visible.
  • Establishing indicators to monitor the evolution of IT debt.
  • Building a reference grid or obsolescence matrix for software.
  • Developing a pedagogical discourse anchored in the reality of the organisation.
  • Raising awareness among Top Management and business units of the challenges of shared control of IT assets.
  • Allocating a dedicated budget for IT debt management.
  • Decommissioning of the least used applications.
  • Integrating the decommissioning of IT elements into transformation projects.
  • Using all digital transformation projects as levers to control IT debt.
  • Take advantage of cloud migration and available automation tools.
  • Balancing the need to maintain the skills required for the legacy systems with the development of the skills required to master new technologies.

Guide de mise en œuvre de l’AI Act : Cartographie des obligations applicables aux organisations

La loi européenne sur l’Intelligence Artificielle, plus communément désignée comme AI Act, vise à créer un cadre global de confiance avec pour objectif le développement et le déploiement d’une IA respectueuse des valeurs européennes.  À partir du 2 février 2025,...

Guide de mise en œuvre de l’AI Act : Points clés – Introduction

La loi européenne sur l’Intelligence Artificielle, plus communément désignée comme AI Act, vise à créer un cadre global de confiance avec pour objectif le développement et le déploiement d’une IA respectueuse des valeurs européennes. Ce guide pratique s'adresse à...

Migration dans le cloud : point d’étape

Après deux années de travaux sur la migration vers le cloud, de 2020 à 2022, le Cigref avait marqué une pause sur ce sujet. L'objectif de cette interruption était de permettre aux organisations de poursuivre leur programme de migration et de recueillir, l'année...

IT Job Profiles Nomenclature 2024 version

Since 1991, Cigref has maintained a nomenclature of existing job profiles in the digital departments of Cigref member companies. This tool does not represent what IS professions "should" or "will" be, but what they are today in these organizations. It therefore...

Cloud migration : update

After two years of work on cloud migration, from 2020 to 2022, Cigref took a break from the subject. The aim of this pause was to allow organisations to continue with their migration programme and to gather updated, clear and constructive feedback the following year....