Benefits and statistics of embedding peer code review into your software development process.

As a Lean-Agile coach, I regularly talk with software development groups about the benefits of adding code review to their development process. Some easily embrace it and some require a little bit of persuasion, but usually, I find enough internal allies to initiate the change. Lately, I encountered a whole group that completely rejected this essential practice as a luxury they can not afford. Explaining that they will see immediate ROI within a sprint or two was not enough to convince them. So, I sat to compose the following list and sent it to the group. Luckily I had a sympathetic ear with the general manager of the business unit who embraced it and made it easier for the team to experiment with the practice. All’s well that ends well… here is the list, shared with you too.

Code review is a software quality assurance practice in which one or more developers, called “reviewers”, inspect program code by viewing, reading, and checking it. At least one reviewer is not the code author. Peer code review is done by peer programmers, usually one.

So why should you deploy code review? Here are some of the benefits:

1. BIQ – Builds quality into your process with the best ROI
2. Fewer defects in your code – by more than 80%, see the next section below for more details
3. The cost of software defects is lower the earlier they are detected, x10, x100, and even x1000 times – it starts with collaborative story writing and continues with peer code review
4. Builds peer pressure on code quality due to the Ego Effect – People will write better code when they know their code is going to be “reviewed”
5. Knowledge sharing between team members promotes internal learning
6. Provides opportunities for mentoring junior developers – junior developer can review the mentor’s code and the mentor can review the junior’s code, both practices will support the junior’s development
7. Supports the development of T-shaped professionals – T-shaped people are experts in one area but understand enough in other domains to support the continuous flow of the development process
8. Removes the notorious single-point of failure manifested by the one expert developer
9. By discussing and collaborating on code its readability is inherently improved
10. Code standardization – style of code becomes similar in the team and thus more readability, better support, and maintenance
11. Technical collaboration results in better estimates and better planning of efforts ahead
12. Provides another checkpoint that requirements are fulfilled

Apparently, as seen in the following list of statistics, code review is the most effective practice you can embed into your software development process to strengthen BIQ (built-in quality).

Steve McConnel in his book CodeComplete provides the following statistics:

“… software testing alone has limited effectiveness – the average defect detection rate is only 25 percent for unit testing, 35 percent for function testing, and 45 percent for integration testing. In contrast, the average effectiveness of design and code inspections is 55 and 60 percent. Case studies of review results have been impressive:

• In a software-maintenance organization, 55 percent of one-line maintenance changes were in error before code reviews were introduced. After reviews were introduced, only 2 percent of the changes were in error. When all changes were considered, 95 percent were correct the first time after reviews were introduced. Before reviews were introduced, under 20 percent were correct the first time.

• In a group of 11 programs developed by the same group of people, the first 5 were developed without reviews. The remaining 6 were developed with reviews. After all the programs were released to production, the first 5 had an average of 4.5 errors per 100 lines of code. The 6 that had been inspected had an average of only 0.82 errors per 100. Reviews cut the errors by over 80 percent.

• The Aetna Insurance Company found 82 percent of the errors in a program by using inspections and was able to decrease its development resources by 20 percent.

• IBM’s 500,000-line Orbit project used 11 levels of inspections. It was delivered early and had only about 1 percent of the errors that would normally be expected.

• A study of an organization at AT&T with more than 200 people reported a 14 percent increase in productivity and a 90 percent decrease in defects after the organization introduced reviews.

• Jet Propulsion Laboratories estimates that it saves about $25,000 per inspection by finding and fixing defects at an early stage.”

A couple of notes:

Are there any downsides to code review?

Apparently, it takes time, but most often it saves more time already within the same Sprint !!!

Code review may be done with a peer, tech expert, manager, or group of peers. It has siblings such as pair programming, and group programming. Each practice has its own benefits and all are worth practicing.

However, research suggests that the most cost-effective practice with the highest return on investment is “peer code review” where peers in the team review each other’s code.

So what are you waiting for? Go and try it.