This View has been designed for QA Engineers or IT Managers, and allows to see the results of the analysis performed on the application code grouped by portfolios, an essential information for the government of the applications at executive level.
There are four default portfolios to help you manage your providers or development teams activity: Business value, Provider, Technology and Quality Model. Besides, you can create all the portfolios you need to sort your applications.
This screen has two parts: Indicators and Historic data.
On Summary screen you will see the information for the selected group of applications or portfolio.
It shows aggregated indicators about risk, quality and effort to target for all the applications in the portfolio. Its meaning is similar to those obtained in the same indicators at the Portfolio View.
It displays also other globally significant metrics, such as: total number of lines of code (LoC), total number of files or total number of defects found, considered very critical —very high—.
In the bottom of the screen, Kiuwan shows the history of these three indicators, with the possibility of setting the time scale:
The data on this screen can be sent to a report in PDF format —see option on the top right—.
Clicking on 'Decision Quadrant', you will land to a page where your applications will be showed in four different graphics, depending on their business value, failure probability, maintenance risk and security risk. You will be able to see any of these graphics clicking on the proper button: Business, Production, Development or Security.
Below each of these graphics, there are some metrics with data of your applications: the number of them, the total lines of code and the results of the main indicators. And then you will be able to see all your applications in a list, sorted by different criteria.
You can group the applications shown by portfolios, and so the graphics will vary.
The business value decision quadrant is aimed to identify those applications in your portfolio that require immediate action based on their criticality for the business and their exposure to any of risks you are facing: Global Risk (Risk index), Failure Probability (Production Risk), Maintenance (Development Risk) and Security Risk.
You want to have all your applications as far to the left of the graph possible, regardless of the risk you are displaying. The higher the applications in the graph the more you want these applications closer to the left axis, since these are your most critical applications. The applications with higher and right most position are the ones needing immediate action (higher risk).
In the vertical axis we represent the business value (criticality) you have decided your applications have. It can have 5 different values, from critical to very low. The metric in the horizontal axis can be chosen from the 4 types of risk we calculate for your applications:
The Production quadrant is aimed to identify those applications in your portfolio that could cause problems in production, and if they will be able to recover from these errors easily. The applications with higher exposure to this kind of risk will be those in the upper-right area of the quadrant.
In the vertical axis we represent Failure Probability. This indicates if applications are likely to provoke frequent errors in production. Applications with high Failure Probability could be a problem in the short term.
In the horizontal axis we represent application Complexity, a normalized (between 0 and 100) metric based on applications’ cyclomatic complexity by function, duplication of code and maintainability index.
The Development quadrant is aimed to identify those applications in your portfolio exposed in the midterm given the difficulty and associated cost to maintain them. The applications with higher exposure to this kind of risk will be those in the upper-right area of the quadrant.
In the vertical axis we represent the Maintenance Risk: this indicates if applications’ maintenance costs are going to be higher than expected, or if it is going to be complex and costly to add new functionality to them. It is based on the evidence gathered from the code for the maintainability index.
In the horizontal axis we represent application Complexity, a normalized (between 0 and 100) metric based on applications’ cyclomatic complexity by function, duplication of code and maintainability index.
The Security quadrant is aimed to identify those applications in your portfolio that are exposed to potential internal or external attacks, that can compromise the integrity of you organization, and if these potential vulnerabilities can be easily corrected. The applications with higher exposure to this kind of risk will be those in the upper-right area of the quadrant.
In the vertical axis we represent the Security risk: This indicated how vulnerable an application is to internal or external attacks based on the number of vulnerabilities found in the application’s code as listed by CWE and OWASP.
In the horizontal axis we represent application Complexity, a normalized (between 0 and 100) metric based on applications’ cyclomatic complexity by function, duplication of code and maintainability index.
On this screen, you can control and manage the activity of all your software providers, develpment teams, different applications technologies... In sort, you can filter the activity by any of the groups of portfolios you have in your account.
By selecting a time period you can access to all the information for that period of time: lines of code analyzed, risks, global indicators, effort to target…
The information displayed indicates the variation of that item within the selected period of time.
In the Ranking screen we have all our applications sorted by their posicion in that ranking. You can group the applications in the ranking by portfolios. If we click on any of them, a dashboard will be displayed, showing us useful data, such as:
At Global View level, Kiuwan provides one preconfigured report in PDF format, which show the following information:
On this screen you can see a table where you can pick the metric whose values you want to see, crossing the data of two different portfolios you want to compare.
This can help to make decisions depending on the crossing selected. For example, you can see the lines of code (metric) developed by your different providers (portfolio 1) according to the business value of the applications (portfolio 2):
