Skip to main content

Data & Intelligence

Software Remediation Excellence


The purpose of this post is to provide a strategy for approaching and resolving a “concern” that has been identified within a application. Overall, the idea is to “add structure” to the process of responding to defects (remediation) in your application.

Steps to Remediation


Using a resolution methodology referred to as CERT, the steps to resolving an issue are:

  1. Create an identification “statement and owner”
  2. Assess and Estimate the issue and its effect
  3. Define a plan for Remediation (and execute it)
  4. Translate  the results of the remediation


The first step to resolution is to create an identification statement that clearly defines the presumption of the problem, issue or concern.  This is an absolutely critical component in the resolution process. A typical identification statement will be business oriented rather than technical oriented. Here is an example:

“The process that copies the current forecast to the prior forecast does not replicate the line item detail although account level totals are accurate…”

In addition, it is advisable that the following be included in the identification statement:

  • A unique ID
  • The steps to reproduce the issue
  • Release Version
  • Actual Results
  • Expected Results

From the business identification statement, you will then develop and add the technical specifics that support the issue, its affect and its proposed remediation or resolution. This work will be done as part of the assessment and estimation part of the CERT process.

Finally, there must be an “owner” established for the identified issue. The owner will be responsible for:

  • Verifying the identification statement – is this what seems to be the trouble?
  • Assisting in the assessment and estimation process (from a business perspective) – what will this issue cost us?
  • Verifying and approving the success of the remediation and resolution – Do I state that I agree that the issue has been resolved by implementing and deploying this remediation?
Data Intelligence - The Future of Big Data
The Future of Big Data

With some guidance, you can craft a data platform that is right for your organization’s needs and gets the most return from your data capital.

Get the Guide


During the assessment and estimation step of the CERT process you will need to perform a detailed assessment of the issue identified in the identification statement and determine how and where the application is affected (from a business and technical perspective) by the issue. In addition, several options for remediation should be identified along with estimations of effort and risk for each.  Efforts should be broken down into specific work tasks and resources assigned wherever possible (even for those tasks that are yours!).

Always keep in mind that a resolution may simply involve educating the business owner on how a particular process or feature in an application works (“it’s working as designed”) and no actual changes to the application may be needed for resolving this issue.


The remediation step involves:

  • Selecting an option for remediation (from your estimates)
  • Developing a plan for implementing and testing that option and
  • Executing the plans

Selecting the Remediation Option

After having performed a thorough assessment of the issue, you should have at least 2 options for approaching the remediation and resolution of the issue. Based upon resources, schedules and various other concerns, you can select the option most appropriate for remediation. This selection should be made with input from the issues (business) owner.

Developing Implementation and Testing Plans

Once the appropriate option has been selected it is important to establish a plan for implementing any application modifications required as well as a plan for testing – verifying that the selected option has been implemented as designed and the results of that implementation yield the expected results. These plans should involve both the technical team and the business owner and include a process for deploying the resolution as often is the case; a remediated issue’s deployment is the cause of other application issues.


Once you have developed your plans for implementing a resolution, testing it and deploying it, you can then execute your plans. It is advisable that when possible, a formal signoff take place indicating a plan has been completed and noting any deviations from the plans that may have taken place.


Summarized defect reports are one of the most important deliverables to come out of a remediation process. They have a direct impact on the quality of the product, so you should take the time to translate the CERT information into a summarized defect report.

Finally once the resolution has been implemented, tested and deployed, all of the CERT process information (issue statements, owner names, plans, execution (test) results, completion dates, resources names, etc.) should be archived (stored) with the source code that was deployed.

This documentation can be useful should a resolution deployment need to be backed or “rolled” out, during environment management and migrations, and as input to future assessments and estimating efforts.


All software will contain defects and your ability to routinely respond in an effective manner is one of the keys to your success and the success of the project. Utilizing the CERT process is a simple way of adding structure and keeping things under control.


Jim Miller

Mr. Miller is an IBM certified and accomplished Senior Project Leader and Application/System Architect-Developer with over 30 years of extensive applications and system design and development experience. His current role is National FPM Practice Leader. His experience includes BI, Web architecture & design, systems analysis, GUI design and testing, Database modeling and systems analysis, design, and development of Client/Server, Web and Mainframe applications and systems utilizing: Applix TM1 (including TM1 rules, TI, TM1Web and Planning Manager), dynaSight - ArcPlan, ASP, DHTML, XML, IIS, MS Visual Basic and VBA, Visual Studio, PERL, Websuite, MS SQL Server, ORACLE, SYBASE SQL Server, etc. His Responsibilities have included all aspects of Windows and SQL solution development and design including: analysis; GUI (and Web site) design; data modeling; table, screen/form and script development; SQL (and remote stored procedures and triggers) development and testing; test preparation and management and training of programming staff. Other experience includes development of ETL infrastructure such as data transfer automation between mainframe (DB2, Lawson, Great Plains, etc.) systems and client/server SQL server and Web based applications and integration of enterprise applications and data sources. In addition, Mr. Miller has acted as Internet Applications Development Manager responsible for the design, development, QA and delivery of multiple Web Sites including online trading applications, warehouse process control and scheduling systems and administrative and control applications. Mr. Miller also was responsible for the design, development and administration of a Web based financial reporting system for a 450 million dollar organization, reporting directly to the CFO and his executive team. Mr. Miller has also been responsible for managing and directing multiple resources in various management roles including project and team leader, lead developer and applications development director. Specialties Include: Cognos/TM1 Design and Development, Cognos Planning, IBM SPSS and Modeler, OLAP, Visual Basic, SQL Server, Forecasting and Planning; International Application Development, Business Intelligence, Project Development. IBM Certified Developer - Cognos TM1 (perfect score 100% on exam) IBM Certified Business Analyst - Cognos TM1

More from this Author

Follow Us