BE A RACER
Home
Services
Cloud MigrationAWS / Azure / GCP
AI & Data SolutionsGenerative AI & Data
System DevelopmentWeb & App Development
IT ConsultingDX Strategy & ROI
Cases
Products
Company
Careers
Blog
Contact Us
What Is System Development? Why Process and Methodology Alone Won’t Deliver—A Practical DX Guide Built on Quality, Operations, and Social Value
System DevelopmentJanuary 4, 202620 min read5 views

What Is System Development? Why Process and Methodology Alone Won’t Deliver—A Practical DX Guide Built on Quality, Operations, and Social Value

Be A Racer Team

Author

“When it comes to system development, where do we even start?”—Have you ever found yourself asking this during a DX initiative, a core system modernization, or an operational efficiency program?

The front line is busy. Budgets are limited. And the moment you think requirements are aligned, the business environment shifts again—. Even so, a system isn’t successful just because it’s built; it succeeds only when it runs and continues to deliver value.

Building on the foundation of the reference articles’整理 of “phases,” “methodologies,” and “how to request work,” this article reconstructs the topic from an original perspective as a blueprint for seeing it through—one that includes quality assurance (independent verification), operations design, and social value (CSR). The value of reading is clear: avoid project blowups, drive real adoption, withstand audits and security requirements, and move business KPIs. We’ll make the practical work concrete through cases and implementation examples.

“Software’s goal isn’t ‘release’—it’s ‘trust.’”
— A phrase often heard in the QA field (author’s paraphrase)

✅What you’ll gain from this article

  1. Organize the full picture of system development (phases, roles, deliverables) from the buyer/client perspective
  2. Understand how to choose Waterfall/Agile, including common failure patterns
  3. Eliminate gaps across RFPs, estimates, contracts, quality, operations, and security

1. Expand the definition of “system development” to “a mechanism that produces value”

person using laptop on white wooden table

System development isn’t just “building software”

As the reference articles note, system development is a series of activities from requirements definition to design, implementation, testing, and operations. However, in a management/DX context, the responsibility extends to the point where “work changes and numbers change”. Even for something like a time-and-attendance renewal, it’s not enough to build a clock-in screen—you need to translate outcomes into KPIs such as reduced closing workload, lower missed-punch rates, and shorter audit response time.

The difference between “system development” and “system implementation” can spark project blowups

As in reference article 4, development is essentially “building,” while implementation is “assembling/combining.” In practice, these are often conflated—and that confusion becomes a breeding ground for misalignment. Example: calling a SaaS rollout “development,” then later discovering “custom development is required,” causing additional costs to balloon. ⚠️Important: don’t agree on words—agree on deliverables and scope of work.

Company case: A Salesforce “implementation” that turned into “development”

Many companies choose Salesforce as their CRM, but when operations are complex, Apex development and integration with external core systems become necessary. In fact, even in domestic SI projects, it’s not rare for the assumption “standard features are enough” to collapse—then the project blows up during integration testing because integration specifications remain undecided. Successful companies first define the “To-Be” process and integration boundaries (API/batch/manual), then estimate implementation and development separately.

✅Action item: For your initiative, define “development / implementation / rollout support” in terms of scope (WBS) and deliverables (design docs, configuration lists, test specs). In the next chapter, we’ll break the full picture down into phases.

2. Don’t just know the phases—design assuming rework will happen (the reality of the V-Model)

an abstract image of a city made up of lines

Typical phases: Requirements → Design → Implementation → Testing → Release → Operations

As reference articles 3 and 5整理, the typical flow is requirements definition, high-level design, detailed design, implementation, testing, release, and maintenance/operations. What matters isn’t memorizing phase names; it’s what you must “decide” and what you must “verify” in each phase. Requirements definition should lock not only a feature list, but also items like SLAs, operating model, data migration approach, and audit log requirements.

The V-Model is a map for “tests illuminating design”

The V-Model shows the correspondence between the left side (design) and the right side (testing). For example: high-level design maps to system testing, detailed design maps to integration testing, and implementation maps to unit testing. ✅Checkpoint: if you can’t write test specifications, the design isn’t complete. The reason independent verification (third-party testing) like SHIFT is valued is the reality that “builders miss things.”

Company case: Microsoft research highlights the cost of fixing issues late

It’s a classic point, but still highly practical: defect fix costs increase dramatically the later they’re found (fixing in operations is orders of magnitude more expensive than fixing in requirements). That’s why upstream alignment and reviews—and designing tests early—pay off. Especially for core systems, post-go-live incidents directly impact revenue and shipments, and opportunity loss can exceed the entire development budget.

✅Action item: During requirements reviews, create “test perspectives (acceptance criteria)” at the same time. Next, we’ll compare methodology choices (Waterfall/Agile, etc.) under real-world constraints.

3. How to choose a development methodology: Decide Waterfall vs Agile by “constraints”

Pros and cons flip depending on organizational maturity

As reference article 3 shows, Waterfall emphasizes planning, while Agile accumulates value through iteration. But the question isn’t which is superior—your best answer changes based on constraints such as audits, contract structure, business-side availability, and the absence of a product owner. ⚠️Important: Agile isn’t “faster”—it “learns faster”. In organizations where decisions are slow, Agile can actually become slower.

Comparison table: What happens when you choose the wrong approach

Perspective Waterfall Agile (Scrum, etc.) Anti-pattern
Requirement volatility Strong when change is limited Absorbs change by design Start WF with unclear requirements → collapse in the second half
Contract & budget Works well with fixed scope/fixed price Works well with time-and-materials / staff augmentation Agile under fixed price → change control becomes a nightmare
Quality assurance Easier to plan a substantial testing phase Stronger with automated tests/CI Manual-test-dependent Agile → both speed and quality degrade
Decision-making Can function even with heavy approval processes Requires rapid PO decisions No PO, but Scrum events still run → process becomes hollow

Company case: Spotify balances speed and autonomy with “squads”

The Spotify model is often misunderstood; what matters is that organizational design and development culture (automation, delegation) come as a package. Simply adopting Scrum won’t shorten lead time if approvals take forever. In successful Japanese companies, a common approach is start small (MVP) → learn → scale horizontally, building buy-in from the front line.

✅Action item: Before choosing a methodology, inventory “expected requirement volatility,” “where decision-makers sit,” and “whether automated tests/CI exist.” Next, we’ll move to the RFP and estimation essentials that make procurement successful.

4. Procurement determines 80% of outcomes: Reduce incidents with RFPs, estimates, and contracts

An RFP isn’t a “spec”—it’s a decision-making tool

As reference article 4 notes, the RFP (Request for Proposal) drives estimate accuracy and proposal quality. The key is not over-writing detailed functional requirements, but clearly stating business problems, constraints, priorities, and acceptance criteria. For example: “shorten month-end close from 3 days to 1,” “retain audit logs for 7 years,” “500 concurrent users at peak.” Measurable conditions make proposals comparable.

Judge estimate “reasonableness” by assumptions—not by the total amount

As reference article 3 indicates, most development cost is labor. What matters is whether the estimate clearly states what is included and excluded. Common omissions: data migration, operations design, training, performance testing, and vulnerability assessments. ⚠️Important: the cheaper the estimate, the more assumptions it tends to hide—and the more likely change orders become later. When comparing vendors, review differences in assumptions rather than just the price.

Company case: Apply Amazon’s “Working Backwards” to your RFP

Amazon’s well-known “Working Backwards” approach starts by writing the press release (customer value). Apply this to your RFP by putting, at the top, “who will be able to do what, how much faster, once it’s done.” This shifts SI proposals from “feature lists” to “value design.” As a result, unnecessary features drop, scope tightens, and total cost can decrease by 10–20% in real projects (a pattern seen in the author’s support engagements).

✅Action item: Always include the trio in your RFP: “target KPIs,” “acceptance criteria,” and “non-functional requirements (performance, availability, security).” Next, we’ll dive into the core of non-functional requirements: quality assurance.

5. Don’t make QA the “final gate”: How independent verification (SHIFT) actually works

QA isn’t a cost—it’s an investment in loss avoidance and trust

As reference article 1 emphasizes, independent verification is a lever that improves quality and drives business success. When incidents occur, the damage cascades beyond recovery effort: customer churn, increased inquiries, and brand erosion. In B2B especially, a single major incident can lower renewal rates and damage LTV. ✅Checkpoint: connect quality KPIs (defect density, test coverage, MTTR) to management metrics.

Implementation example: Institutionalize quality with CI—automated tests and static analysis

Whether Agile or Waterfall, relying solely on manual effort for quality eventually hits a ceiling. Below is a minimal GitHub Actions example that runs Python tests and linting. Small automation steadily reduces late-stage rework.

name: ci
on:
  pull_request:
  push:
    branches: [ main ]
jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: '3.12'
      - run: pip install -r requirements.txt
      - run: pip install pytest ruff
      - run: ruff check .
      - run: pytest -q

Anti-pattern: “cramming testing at the end” always breaks

“Development slipped, so we’ll catch up in testing” is a common on-the-ground decision. But testing doesn’t “create” quality—it “measures” it. If many defects are found, the fix → retest loop snowballs delays. Successful companies reduce defect inflow through design reviews, earlier test design, and introducing a third-party perspective.

✅Action item: Starting with your next project, introduce these as a set: “write test specs alongside high-level design” and “run at least minimal automated tests in CI.” Next, we’ll move to operations design—how to keep delivering value after release.

6. Operations and maintenance are part of the product: Build a system that doesn’t stop with SRE/DevOps

Weak operations design quietly drives users away

Operations and maintenance aren’t just “incident response.” They include inquiry routes, access control, master data updates, audit logs, and data correction procedures—things tied directly to daily work. If this is weak, users return to Excel and ROI evaporates. ⚠️Important: the later you think about operations, the more expensive it becomes. Agree on the operating flow (who does what, when) during requirements definition.

Implementation example: Ensure observability with logging

To reduce incident response time (MTTR), you need logs and metrics. For example, in Node.js, simply adding a request ID and structuring logs can dramatically speed up root-cause analysis.

// Express middleware example (Node.js)
import { randomUUID } from "crypto";

export function requestId(req, res, next) {
  const rid = req.headers["x-request-id"] ?? randomUUID();
  req.requestId = rid;
  res.setHeader("x-request-id", rid);
  next();
}

// log example
console.log(JSON.stringify({ level: "info", msg: "order_created", requestId: req.requestId, orderId }));

Company case: Google’s SRE breaks “operations as tribal knowledge”

Google’s SRE (Site Reliability Engineering) is a mindset of ensuring reliability through engineering. In Japanese companies as well, introducing on-call rotations, blameless postmortems, and SLOs (service level objectives) not only reduces incidents but also improves psychological safety in development teams and accelerates continuous improvement.

✅Action item: Add these to requirements definition: “SLOs (e.g., 99.9% uptime, 60-minute recovery target),” “operations RACI,” and “monitoring/alert design.” Next, we’ll cover “security and governance,” which can be fatal if overlooked.

7. Security and governance: Make them non-negotiable criteria when selecting a development partner

If you handle sensitive data, security is a requirement

Reference article 3 also emphasizes “solid security management.” If you handle personal data, customer data, or financial information, security isn’t an “aspiration”—it’s a requirement that must be reflected in contracts and design. Beyond whether a vendor has ISMS (ISO/IEC 27001) or SOC 2, confirm operational items as well: access control, key management, vulnerability response SLAs, and log retention.

Implementation example: Least privilege and secrets management

Now that cloud usage is standard, many incidents stem from “misconfiguration” or “secrets leakage.” On AWS, basics include least-privilege IAM, using Secrets Manager, and prohibiting public S3 settings. In CI/CD as well, it’s mandatory to avoid storing API keys in repositories.

# Anti-pattern (NG): committing secrets
API_KEY=xxxxxxxx

# Better: use environment variables + secret store
export API_KEY="$API_KEY"

Company case: Why major financial institutions are moving to Zero Trust

In finance and insurance, organizations assume insider threats and supply-chain risk and are advancing Zero Trust (trust nothing; verify everything). This isn’t only for large enterprises. If a customer sends a security questionnaire and you can’t answer it, you may lose the deal. ✅Checkpoint: security isn’t a cost—it’s a condition for revenue opportunities.

✅Action item: In your RFP for vendor selection, always include “scope of vulnerability assessment,” “incident communication structure,” and “log retention period.” Next, we’ll introduce a perspective that treats regional/social value (CSR) as a “development outcome.”

8. Design for “social value” too: CSR and hiring strength determine the sustainability of system development

Development that gives back to communities, customers, and employees becomes stronger in the end

The message from System Development Co., Ltd. (Miyazaki) in reference article 2 is instructive: contribute to the local community through IT and earn stakeholder trust. This isn’t just a slogan. As talent shortages intensify, the ability to keep developing = hiring, training, and retention. Projects with social value become a source of pride for engineers—and that pride supports quality and continuous improvement.

Company case: In government DX and healthcare DX, “operations” and “trust” decide success

Government and healthcare are domains where you can’t stop services and can’t afford mistakes. Including services for dental clinics and similar settings, IT literacy varies widely, and support design becomes quality itself. Successful companies reduce post-go-live inquiries (e.g., 30% fewer inquiries by improving tutorials) and lower operating costs by producing training content in-house.

Anti-pattern: Chasing only short-term deadlines and exhausting people

When teams burn out under unreasonable deadlines, knowledge doesn’t stick and the next improvement cycle stalls. As a result, incidents increase, customer satisfaction drops, and the front line becomes even more exhausted—a vicious cycle. ✅Checkpoint: include sustainability (Sustainable Delivery) in your KPIs. Measuring overtime hours, “bus factor”/dependency risk, and documentation coverage makes your delivery “stamina” visible.

✅Action item: Add “front-line adoption,” “training,” and “operations labor reduction” to your project objectives. Next, we’ll convert the key points into a checklist and propose next steps.

Conclusion: Successful system development is built not on “phases,” but on a “chain of trust”

Key points recap (this is all you need)

✅System development isn’t “building”—it’s building a mechanism that keeps producing value
✅Methodology choice isn’t about trends; decide by constraints (decision-making, contracts, automation)
✅QA shouldn’t be added at the end—embed it alongside design
✅ROI is completed only when you include operations, security, and CSR

Practical checklist (5–7 items)

  • ✅Target KPIs (time reduction/revenue/error reduction) and acceptance criteria are agreed
  • ✅The scope of “development” vs “implementation” is clear in the WBS and deliverables
  • ✅V-Model alignment (design ⇔ test) is in place, and test specs are pulled forward
  • ✅Estimate assumptions (migration/training/performance/assessment/operations) are explicit and comparable
  • ✅At least minimal automated tests and static analysis run via CI
  • ✅Operations RACI, monitoring, SLOs, and incident communication are defined
  • ✅Security requirements (access control/logs/assessment/incident response) are included in the contract

Next Step (one step you can take tomorrow)

  1. Rewrite your project purpose into “business KPIs” and “acceptance criteria”
  2. Add “non-functional requirements (performance, availability, security)” to your RFP
  3. When comparing estimates, create a “difference table of assumptions” instead of comparing only totals
  4. Start running even a single automated test in CI
  5. Diagram your operating flows (inquiries, access control, master updates, incident response)

System development is a major investment that carries your company’s future. That’s exactly why, in addition to knowing phases and methodologies, you should design and execute a “chain of trust” that includes quality, operations, security, and social value—and see it through.

Tags

#システム開発#offshore開発#アジャイル開発
0 reactions
💬

Comments

🗣️ Join the conversation

Sign in to leave a comment and join the discussion

Loading...