The risks in not undertaking this project include:

• AOC continues to maintain multiple, duplicative instances of Azure DevOps in its operating environment. Each instance requires staff with knowledge of product-specific processes and procedures to maintain.

• Source code and project tasks cannot be managed utilizing centralized AOC resources.

• ISD management cannot quickly re-allocate staff to assist with other development or project efforts as priorities shift. Reassigned staff will require multiple DevOps sign-ins (potentially as many as one per project). Staff will be required to understand how each individual project operates due to a lack of consistency in defining processes and standards. Separate teams administer each DevOps instance, further complicating access and change requests.

The risks in undertaking this project include:

• This project may only be able to partially migrate data from existing instances to the courts.wa.gov Azure DevOps instance. Some projects may experience loss of previous work items or other product information. This risk will be mitigated by allowing projects a temporary grace period after cutover (to be determined during project planning) to verify migrated data against the data available in their previous DevOps instance.

• Projects may lose access to continuous integration/continuous deployment (CI/CD) processes. Implementing CI/CD is out of scope of this project proposal. This risk will be mitigated by ensuring affected projects utilize best practice manual deployment processes until a standard is established for CI/CD.

• Disruptions to work in progress will occur as staff learn standard uses of Azure DevOps as an Enterprise software portfolio management solution. This risk will be mitigated via training plans and information transfers from existing DevOps instances. Staff will need to schedule and obtain training via the ESI Microsoft training portal.

• Projects in existing Azure DevOps instances may not match the configuration for the courts.wa.gov Azure DevOps instance. Projects will be migrated to the courts.wa.gov instance, which may result in a learning curve for users as they adjust to new standards and processes. This will be mitigated via collaborative planning processes for each migration and ensuring that the new processes are understood prior to migration proceeding.

Microsoft Azure DevOps provides a set of development tools and services to plan, develop, test, deliver, and monitor software applications. Several AOC teams implemented individual instances of Azure DevOps services. These instances were created without architectural or security review, approval, and oversight, which would have ensured standardization, creation
of best practices, and consistency of use. As AOC establishes a “permanent” Azure tenant, this is an opportunity for the agency to centralize all usage of Azure DevOps into a single location. Doing so allows ensuring that, regardless of project, workflows are consistently
defined and implemented. This improves service delivery and resource flexibility for AOC to court customers.

• This change will unify all existing cloud-based and on-premises Azure DevOps instances into a single Azure DevOps instance managed under the AOC Azure tenant.
This objective will be successful when all other Azure DevOps instances have been removed by their respective owners.

• All stakeholders will be able to log in to Azure DevOps using their Entra ID1 (Azure Active Directory) account. This objective will be successful when all stakeholders are
set up with appropriate permissions for their respective DevOps projects.
• Access control will be assigned to an appropriate tier 2 support team when a tier 2 support team is set up and able to manage all access to the Azure DevOps instance in
the AOC Azure tenant.
• All source code from cloud-based and on-premises Azure DevOps instances will be successfully transferred to the Azure DevOps instance on the courts.wa.gov Azure
tenant. This objective will be successful when all Git repositories that are utilized by the agency are present in the courts.wa.gov Azure DevOps with appropriate security
permissions grants and process controls established.

Business stakeholders are presented with fragmented and inconsistent visibility into projects
and applications. Groups creating Azure DevOps instances have formed team-specific
processes and procedures. Therefore, business stakeholders must be familiar with the unique
characteristics of each project's structure to assess its status. At times, stakeholders must
review project status from multiple Azure DevOps instances to see the bigger picture. Doing so
requires duplicative, individual access permissions to each Azure DevOps instance, which
adds complexity. Additionally, some teams are using Azure DevOps for tasks that should be
performed in a project management tool. Thus, these teams are not using it for its purpose as
a software portfolio management solution, leading to inefficiencies and weak processes. This
project looks to create consistency by enabling consistent IT service delivery for all lines of
business. Centralization eliminates complexity, duplication of effort, and the overall size of the
IT footprint. It provides more rigorous software development lifecycle standards and consistent
processes.

This project transforms AOC's application development landscape by instituting a centralized
Azure DevOps instance within the AOC Azure tenant. By creating a single instance,
developers will be able to check out code in that Azure tenant. Users will be subject to a
centralized set of rules for code review, requirements management, and task management for
all AOC applications. By introducing consistency, we promote higher agility for AOC resources
to be assigned across products on a project-by-project basis as management priorities shift.
This solution feeds into the software development lifecycle standardization effort that is
ongoing and acts to enhance and augment those standardization efforts with relevant policy
and rule enforcement.

Prioritized as Non-JIS priority #19

Prioritized as Non-JIS priority #19