Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »

CIO Executive Council

A Peer-Advisory Service and Professional Association for CIOs

Mid-Market CIO Panel: Tips and Techniques for Improving Vendor Relationships

July 15, 4:00 PM - 5:00 PM U.S./Eastern (GMT-4)

We'll highlight relationship priorities and best practices identified in a Council study, and we'll interact with a CIO panel on the approaches they've used to improve strategic vendor partnerships.

Secrets of Successful Vendor Contract Negotiations for the Mid-Market

Sept. 10, 2009, 11:00 AM - 12:00 PM U.S./Eastern (GMT-4)

On this free public Council teleconference, Matthew A. Karlyn, attorney at Foley & Lardner in Boston, will share tips on negotiating tactics and new, creative contract terms to help mid-market CIOs make better deals.

Executive Competencies Assessment Tool

Assess Your Business Leadership Skills with the Council's new benchmarking tool. Rate yourself in change leadership, strategy, customer focus and more.

More / Register »

Learn more about the CIO Executive Council »

RESOURCE CENTER

buy a link »

SUBSCRIBE TO CIO

Are you involved in setting the direction for your company's IT budget or strategy?

Apply today for a FREE subscription to CIO Magazine!

Subscription Services »

Reprints »

Feature

How NOT to Run a Code Review

Code reviews can help software developers improve their software, but the process can go wrong. Oh, SO wrong. Here's where you'll find the biggest problems... and office politics is just the beginning.

Leave a comment

By Esther Schindler

December 22, 2008 — CIO —

Throughout the rest of this article series (which begins with Running an Effective Code Review), I've presented code reviews as a normal part of the technology development process. I have intentionally sidestepped the many ways in which they can become meetings from hell: politically, technically and in terms of process.

THE ULTIMATE GUIDE TO CODE REVIEWS

Running an Effective Code Review

5 Reasons for Software Developers to Do Code Reviews (Even If You Think They're a Waste of Time

What to Look for in a Code Review

Making Code Review Software Tools Help, Not Hinder

How to Lead a Code Review

How Not to Run a Code Review

Doing Spot-On Code Reviews with Remote Teams

By far, the most damaging of these is politics. New developers should be cautioned that, especially in large companies, 95 percent of code reviews are venues for political posturing, says longtime developer Chuck Brooks.

Developer Adwait Ullal (and several others) cite situations in which code reviews were used as a witch hunt, either in terms of personal mudslinging or performance reviews leading to termination. Christopher Phillips, director of software engineering at IAC Consumer Applications & Portals says, "I've seen code reviews done to pave the way for letting people go. I've seen reviews used to 'put people in their place' in the perceived pecking order."

Sometimes the problem is in the developer's head, not the reviewers' attitude—but that's all the more reason to ensure a code review leader adopt the role of mediator. Former technology chief Jay S. Hemmady's worst code reviews were where insecure coders felt threatened during the code review. "Everything went horribly bad soon after the meeting started: emotions, sense of personal attacks, defensiveness, etc." Old wounds from previous personality clashes can surface resurrect "us versus them" feelings. All in the name of improving the code, mind you.

Oliver Cole, president at OC Systems and also the lead for the open-source Eclipse Test and Performance Tools Platform project points out that the worst code review experiences always involve ego. "Some people cannot take criticism. Some people cannot give criticism. Furthermore, some people take a code review as a time to make it clear to all how superior they are to others." He adds, "These reasons alone are enough for previously peaceful countries to go to war. Now add in the fact that there are precious few objective measurements for what is 'good' in code and you can get major disagreements that cannot be objectively debated or decided."

Smartbear Software's president Jason Cohen sums it up: "The worst morally and morale-y is when reviewers use criticism as a weapon. Some people laugh (nervously) when I describe it like that, but it's quite serious. However this is usually extreme enough that everyone knows it's happening, so a manager who is paying attention can root out this problem pretty easily."

But politics is not the only danger in running an effective code review. There are other places where well-intentioned teams can fall into the quicksand.