Governing Citizen Developers & Analysts: How to Make Sure Your Low-Code and No-Code Initiatives Don’t Go Off the Rails

A conversation Deepak Subbarao, the Digital Transformation Lead at Zurich Insurance Group

Add bookmark

Low-Code (LC) and No-Code (NC) tools are powerful enablers of innovation. By democratizing the software development process, these platforms allow non-technical business professionals to develop their own applications and tools that align with their immediate business objectives.

However, without the proper guardrails in place, LC/NC can lead to catastrophe in the form of increased systems complexity, shadow IT, security issues and integration challenges. If left unchecked, well-intentioned business users can easily create a big technological mess that the IT team will be left to clean up. Establishing a governance framework that establishes LC/NC best practices, standards and guidelines is paramount to avoiding this fate and adding an element of structure to ensure the initiative is successful. 

With this in mind, we asked Low-Code Automation LIVE speaker, Deepak Subbarao, the Digital Transformation Lead at Zurich Insurance Group, to share 3 of his best practices for defining a sound approach to LC/NC governance. Here is what he shared. 


Proactive Low-Code Governance 

“The key is to make sure that we don't wait for the organization and users to adopt [low code tools] and then try to figure it out retroactively, but take that proactive step of building governance controls ahead of time,” Deepak explains.


Keep Things Practical

The #1 reason governance programs fail? Practicality or lack thereof. 

“We don't want to create volumes of documentation and manuals to read through, but what is that pragmatic approach you can have so that the users can use it, adopt it and then you don't have an obstacle for adoption.”

In order for governance frameworks to be effective they must be concise and align with real world priorities. A good place to start is to consider what you want your citizen developers to accomplish and what should be left to the experts. 


Security, Security and More Security

One of the major perceived downsides of low code tools is data security. As Deepak explains, “I think the worst thing that can happen is a data leak. Where you're trying to use a technology and an app, which is a third party one, and you don't realize that you're sending data back and forth and maybe the organization doesn't have the policy there to deal with it.”

Performing due diligence on the tool pre-implementation is critical for ensuring it is equipped to protect whatever data might be passing through it. However, that’s only the beginning.

It’s commonly known that the majority of data and security breaches are caused by human error. While more technical-minded employees may be well abreast of incident prevention and response protocol, the average business user might not be. 

Infusing data security and protection related guidelines into your governance framework not only protects the company and its customers from potential breaches, it also makes security everyone’s responsibility. 

Want to learn more about how industry leaders such as Procter & Gamble, Zurich Insurance Group, Edelweiss & ViacomCBS are embracing low code automation to democratize innovation and accelerate software development processes? Then join is May 18 - 19, 2021 for Low Code Automation Live where Deepak will be presenting on “Baselining Low Code Automation For Your Enterprise.” We look forward to “seeing” you there.