Many business leaders are hesitant to develop a custom application. They’ve experienced failed software development projects or heard horror stories: projects that come in months late and outrageously over budget. Project scope that changes and grows over time as different stakeholders weigh in with different needs. An application that costs way too much only to be so complicated that few in the organization actually know how to use it.  

There are many ways to prevent these outcomes during the software development process, but one of the biggest ways businesses can set themselves up for success happens before the process even starts. 

If you’re considering building a custom application, you need a software development plan. It will create clarity of vision among all stakeholders & dramatically improve the accuracy of time/cost estimates.

What is a Software Development Plan?

A software planning engagement involves several steps:  

  • An in-depth assessment of your current needs and business problems, as well as any solutions you’ve already tried and/or the software you’re currently using  
  • An expert-led strategy that seeks to solve the business problems from a software perspective 
  • A cursory design of what the proposed solution will look like and how it will be structured and built 
  • A roadmap for execution that allows the partner to make the best estimate for the project’s duration and cost.  

Engaging in a software development plan with your potential future development partner can help set the stage for a successful application and is the perfect first step in a potential long-term relationship.

Some firms bundle the software development plan into the actual development process or give it short shrift in the interest of making a sale, saving the hard work for after the development contract has been signed.

At MercuryWorks, we take a different approach. Potential software development projects of a certain size and importance are preceded by an initial, upfront planning engagement that is separate from the subsequent development. This arrangement ensures that the proper time and attention is given to dive deeper into each client’s business problem and propose the best solution—and if the client would like to engage with us to execute on that solution, they can.

Here’s why it works and why we recommend it.

Why Software Development Needs a Strategic Plan and Roadmap

There are three main reasons why we believe that software development is an absolute necessity for companies interested in developing custom software or modernizing their current solution.

It allows for more accurate estimates regarding

At MercuryWorks, it’s rare that a potential customer comes to us who does not have at least a “back-of-the-napkin” idea or some basic goals for a new application. They have a general idea, and along with that general idea they have two main questions:

  • How long will the application take to build?
  • How much will it cost

These are good and simple questions, but they require more information and a deeper understanding of the problem space to be answered with any level of accuracy and integrity.

While a software development partner might be able to offer a very broad range of time and budget estimates after a few discovery calls, it’s impossible to make a solid development plan with specific technical recommendations based on such limited information. Furthermore, attempting to build a detailed software development plan at this stage with only partial information would be doing the business a tremendous disservice.

A strategy and planning engagement takes a step back and surfaces all of the decisions and details that need to go into the application development process. It asks and answers two different questions:

  • What problem is the business is trying to solve?
  • How can that problem best be solved from a software development standpoint?

The answers to those questions make the typical questions around budget and timeframe much easier to answer because the development partner has taken the time to research and understand the problem, understand the full set of user needs, identify the right technologies to address the problem, and think through what is needed to support those technologies.

Any estimates at the end of the engagement aren’t shots in the dark: they’re deliverables based on facts, research, and the development team’s expertise.

A development plan creates clarity of vision between the development team and the client.

Unlike a general development proposal that follows a discovery call or two, a software strategy and planning engagement isn’t built on gut instinct and limited information. It outlines the actual business needs, recommended features and functionality, and application architecture for development, providing a detailed blueprint (with tangible deliverables) for the successful creation of the application.

But this can only happen successfully when the development partner and the client share a clear vision for the project. As the experts in the field, the development partner assumes the responsibility for bringing that vision to life by coalescing and extending the client’s thinking around the project and filling in key gaps that the client might not have considered.

By leading a collaborative planning process, the software development partner helps the client visualize and prioritize the core elements of a new application—before the actual building begins.

This type of engagement also provides the development partner with the headspace and time to dedicate to brainstorming, iteration, and feedback, thoroughly exploring the entire problem space to arrive at the best solution rather than just rushing to provide a guestimate of timeline and budget.

It aligns stakeholders and enables buy-in.

Compared to esoteric, abstract proposals that leave the details to the actual development process (and potentially introduce complexity and costly delays to the timeline), the deliverables from a software planning engagement demonstrate that the project isn’t a haphazard, poorly planned endeavor.

A good software development plan isn’t theoretical. It’s a tangible, detailed deliverable that can be shown to relevant stakeholders for approval and sign-off to enable the actual development of the application.

Having a concrete plan that articulates the vision of the project in words, illustrates its design in graphics, and diagrams the architecture of the application is key to drive organizational support from executive and IT stakeholders. The plan also anticipates common stakeholder objections and answer questions before they become sticking points.

Key Players in Software Development Strategy and Planning

A successful planning engagement involves key stakeholders on both sides of the equation. On the client side, it’s ideal to engage the decision makers and influencers who have an interest in the new software both from a functional and a financial standpoint. This includes the company’s technical and financial decision makers, along with the primary decision maker(s) for the department that will be using the software.

We find that our clients do not often have the internal technical resources that bring the experience and skillset required to formulate a vision for the product and think through that vision’s details. Or, if they do, these individuals do not have the bandwidth to focus on doing so amid their myriad day-to-day responsibilities.

At MercuryWorks, our most seasoned team members lead the core components of our assessment, strategy and development planning engagements.

Each team member brings their breadth and depth of hands-on experience in developing software, managing projects, and driving business value. They’re uniquely qualified to help guide product ideas and user needs into reality, filling in the gaps required to transform a sketch into a specific and actionable plan.

The Custom Software Development Plan Process

MercuryWorks has been consistently helping clients develop mission critical systems to more efficiently and effectively manage their business for over the past two decades. While we tailor our approach to create a unique plan to best accommodate each clients’ specific needs, this is the general process we’ve honed over the years to surface the business problem and to determine the right solutions for development.

1. Discovery and Assessment

The first step in the process centers around identifying the business problem and the vision for the new application. This phase involves planning sessions between MercuryWorks and the future application’s primary stakeholders. Both parties define goals, prioritize core features for the first working version of the software (also known as the Minimum Viable Product or MVP), and discuss long-term desires for the application.

2. Technical Architecture and Data Planning

Once goals have been clearly defined, the next step in the process is determining what technology architecture are best suited to support an application of the desired scale, client preference, and in-house resource skillsets. This is where the bulk of the technical recommendations come in and speak to the needs of the client’s IT team.

There are many questions to answer in this step: 

  • What are the client’s existing and preferred future technologies?
  • What application integration needs exist?
  • How will the application store data and enable access to it?
  • What security measures should be implemented?
  • Will the app be accessed via desktop, mobile, or both?
  • What are the reporting and analytics needs for the application?

Once these questions have been answered, the MercuryWorks architect begins to diagram the tech stack of the application to illustrate how different components such as databases, APIs, analytics platforms, and security integrations will all work together.

3. Functional and Design Planning

This portion of the development plan gives stakeholders a tangible sense of how the application will look and feel. What will the user experience be like? How will screens be organized, and how will they flow into one another?

There are several ways to visualize the application even at this early stage of the process. MercuryWorks designers create a set of wireframes, which are visual blueprints for how different elements will be arranged on each screen and how the application will be organized. High-value pages are also treated to more detailed, high-fidelity mockups that include stylistic elements like fonts, colors, and images. We believe that a picture is worth a thousand words—and that a well-conceived diagram is priceless. 

These deliverables provide visual plans and artifacts that help rapidly coalesce and advance stakeholder thinking regarding the planned application. They help make the application ideas more tangible and approachable for those concerned and are an excellent resource for organizational socialization of the planned application.

4. High-Level Development Planning and Roadmap

The final step of the strategic plan incorporates and integrates all the previous elements into a single, high-level development roadmap and implementation plan. The software development partner breaks out application epics, features, and functions that need to be built in support of the application goals. These are further broken down into user stories, which are descriptions of short development tasks that break the work into manageable chunks.

Once the needed work has been broken down, MercuryWorks and the client determine which resources (MercuryWorks or in-house) are best suited to do which components of work, understanding that client development teams often play a role. We also map out how best to effectively work together during the development process. 

Once we determine who will be doing each specific component of work, we create a planned development timeline that includes the development and rollout of application features and functions over time.

Having these epics, features, and user stories defined is what allows MercuryWorks to more accurately estimate the time it will take to complete each development project—and thus, to more accurately estimate the budget. What’s more, we now provide the client with a plan, informed by specific needs and goals, that can immediately lead to development.

5. Software Development Plan Deliverables

The engagement concludes with an executive readout presentation that typically includes several different elements: 

  • A product assessment and core requirements overview 
  • Detailed diagrams of proposed technical architecture
  • Visual wireframes and design mockups to help stakeholders better visualize the new application
  • A detailed resource plan including epics, features, and user stories for stakeholder review and input
  • Cost/benefit analyses and tradeoffs of various feature/function/technology configurations
  • Clear vision of the application and plan to commence with development

Is a Software Development Plan Worth the Time?

The timeline to complete a software assessment, strategy, design, and development roadmap planning engagement varies depending on the complexity of the problem and the scale of the solution, but on average we find that the process takes approximately 4 weeks.

It might feel like this is a step backward in the process and that it introduces an inconvenient delay. But taking this preliminary step reduces the risk of the delays that come later at a much greater cost: the ones that are the result of miscommunication, scope creep, unclear vision, and poorly defined goals.

After all, you would never start building a house without a clear set of architectural blueprints and engineering plans created in advance. By building a house based upon a well vetted set of plans, you ensure the structural integrity of the building and ensure that the finished product aligns with your vision. Successful software product development is much the same.

Ultimately, we recommend that companies considering any significant custom software project work with a development partner that offers assessment, strategy, and development roadmap planning—not as part of the development project, but as a precursor to it.

Interested in planning for your next custom software development project? Learn more about how we approach strategy and planning at MercuryWorks.

Interested in Learning More?

Fill out the form below and our team will follow up shortly.

"*" indicates required fields

Data privacy has become increasingly important in software development. Between consumer rights and data breaches, managing customer information appropriately is essential to business success. Ignoring data privacy laws can cost your business money, time, reputation, and more. Software development teams need to be aware of current data privacy laws and ensure that the software applications they are building consider these regulatory requirements. Further, they should be architecting their software solutions in a manner that provides flexibility for future regulatory mandates. 

The Current State of Data Privacy Laws in the United States

Currently, there is a patchwork of data privacy legislation in the country due to the absence of federal level data privacy laws. While this may change soon states are currently left struggling to put together their own legislative frameworks. While state laws can be protective, it’s confusing and challenging for companies doing business nationally to comply with multiple variations of the same regulations. Things get even more complicated when conducting business internationally.

In the U.S., California passed the California Consumer Privacy Act (CCPA) in 2018 followed quickly by the California Privacy Rights Act (CPRA), which further reinforces the CCPA. California’s data privacy laws were modeled after the GDPR (General Data Protection Regulation) adopted by the European Union.

As California was the first state to implement meaningful data privacy laws, many other states are creating their own data privacy laws in the image of the CCPA/CPRA. Not only are states following after California, but so are federal lawmakers. While things are currently in a state of flux, one thing is certain: software development teams should take note. State laws for data privacy are proliferating and federal regulations are fast approaching.

What Privacy Rights Does a Consumer Have?

Lady Justice

The state of California has established some guidelines and best practices that businesses should follow to protect and use customer data safely and ethically. In their laws, the state defines the major data privacy rights that consumers may exercise freely:

  • The right to delete or correct inaccurate personal information
  • The right to know what personal information the business is collecting about them
  • The right to access their personal information and/or know whether the business is using it
  • The right to know what personal information the business is selling and to whom
  • The right to opt out of the sale or sharing of their personal information
  • The right to limit the business’s use of their sensitive personal information
  • The right to not be subject to retaliation for exercising their rights

These laws, which will likely form the basis of federal data privacy laws in the months and years ahead, establish that the consumer owns all the rights to their personal data. Businesses must comply with data privacy laws and do exactly as the consumer asks them to do with that information.

Software Data Privacy Principles

As a developer, you may be wondering how or what you need to do to keep stay compliant with data privacy practices. Here are some of the important steps that companies need to adopt in their journey toward data security and compliance.

Store Customer Data Securely & Leverage Prudent Protocols

In the past, organizations weren’t held responsible for the loss of customer information, only those who stole it. However, that has changed in recent years and businesses are liable if they lack measures to properly protect consumer data. That said, current data security laws tend to use vague language and do not detail specific security methods for developers to follow. Instead, the laws typically suggest “best practice” and “reasonable” security measures. Because software security is ever-evolving, any detailed law would need constant revision.

While prescriptive edicts don’t exist, there are several ways to help improve your software application data security. These include integrating proper data-mapping techniques into software systems to ensure organizations are fully aware of all the data they collect, where it is stored and how it flows through the business. When building software, developers should work with their business counterparts to minimize the data collected in the software application to only what’s necessary. For further protection, all data should be stored securely and optimally be encrypted at rest.

In addition, adopting proper DevOps hygiene (such as automation and continuous monitoring for possible data breaches or malware) can help improve code security. As is establishing two-factor authentication in software applications. These can be paired with additional measure such as: training employees in data security, performing formal risk assessments and keeping data access as limited as possible.

Once these practices are in play, not only will the business be better protected from stolen data, it will also be better positioned should it come under compliance scrutiny.

Woman with data projected on her

Craft a Data Security and Privacy Policy

One guiding principle in data privacy laws is data transparency. Data transparency means that your business makes it clear what data you collect from the consumer and how you use it. Honoring the rights of the consumer and allowing them to know that their data is safe and accessible is the key to data privacy in software development.

This transparency is required to be communicated publicly through a data security and privacy policy on the software application or website of any company that collects or stores user data. Each data privacy policy must include the following requirements:

  • What do you collect? Do you collect personally identifiable data like name and contact information? Behavioral data? Payment data? You must disclose all the personal data you collect on the consumer whether or not they explicitly ask for it.
  • How do you collect it? Explain how you obtain consumers’ personal data. Do you rely on form fills on your own website? Use data from social platforms? Use third-party cookies?
  • How do you use it? Explicitly detail what you do with the personal data collected from the consumer. Is it only for functional or transactional purposes on your website or application, or do you use it for marketing? Do you share that data with other companies?

Allow Consumers to Exercise Their Right to Data Portability

Hand in hand with data transparency is data portability. In data privacy laws, the consumer typically has the right to all their personal data, meaning that they can instruct your business on what they want to know, how they want that used, or if they want it used at all. 

Having processes and policies in place to handle these requests will allow you to respond to these requests quickly and efficiently and help prove your compliance with data privacy laws. Here are the most common data portability requests:

  • “Tell me what you have on me.” If the consumer explicitly asks for all the information you have collected on them, you as the business must be able to provide this information.
  • “Give me access to my data.” If the consumer requests that the business give them all the personal data you have collected on them, you must be able to do so.
  • “Delete my data from your systems.” If the consumer asks you to delete all the personal data you have in your database on them, you must comply.

Developers should be mindful of how they will fulfill data subject access requests (DSAR) made by consumers when developing software applications.  

Preparing for the Consequences of Noncompliance with Data Privacy Laws

To keep your business in compliance with new data privacy laws, it’s important to prepare for what is in effect today and what could potentially come tomorrow. The consequences for non-compliance and negligence are severe. 

For example, if a business operating in California releases personal consumer data, the business can face statutory damages of $100–$750 per incident. (An incident here is defined as one piece of data, so the costs here can certainly add up quickly for companies with a large customer base.) Being prepared means taking the appropriate precautionary measures to reduce the chances that a data breach happens in the first place. 

But what will you do if a data breach does occur? In the event of a crisis, companies should have prepared an incident response plan. An incident response plan details how an organization will handle security events should they occur, including helping employees understand the role that they will play in investigating the security incident and who they should be working with. Knowing that you have a plan for dealing with a security breach and how to organize a response can help you be prepared when you are thrown a curveball. 

Why Data Privacy Should Matter to Software Developers

Being transparent in how you collect consumers’ personal data and what you do with it not only helps you comply with data privacy laws, but it also establishes trust with your customers. A good way to start is to understand what customers want in terms of data privacy, including transparency, security, and portability, along with clear communication and a solid understanding of their rights. Software development teams should be considering these business needs when developing software applications. 

Both customers and businesses benefit from awareness of data privacy laws and the rights of the consumer. Building software solutions with the flexibility to adapt and respond to the shifting tides of data privacy legislation will help better position your company for success.   

Disclaimer: This blog post is a high-level overview on data privacy law as it relates to software development. This is not a legal advisory, only a summary of current events in data privacy legislation aimed in increasing awareness of software development.  

How to Manage an Effective Digital Transformation in Changing Times

Tech leaders are facing new challenges in 2022: more pressure than ever to keep systems thriving in the midst of huge technical demand… and the threat of losing the skilled labor required to do it. In this exclusive series, we’ll share some key takeaways to help tech teams stay agile:

  • Why digital transformation is an insurance policy against attrition and change
  • How to identify and manage the technical debt that threatens employee productivity and fulfillment
  • How DevOps practices can liberate and improve tech teams
  • The playbook we use ourselves at MercuryWorks to create painless digital transformations for our enterprise clients
strategy planning for a custom application