Independent educational resource. Not affiliated with CAST, SonarSource, or any code-analysis vendor. Data sourced from CISQ, Stripe, McKinsey, and DORA reports.

Section III, Cost

The true cost of technical debt.

Technical debt is not a metaphor. It has a measurable financial cost. This page breaks down where the cost comes from, how it compounds, and what your specific team faces at typical debt levels.

Technical debt costs an organisation the engineering time it spends working around debt instead of shipping, plus the incidents, slower onboarding, security exposure, and attrition that debt drives. The largest line is velocity loss: fully loaded salary multiplied by the fraction of time lost to debt. A 12-engineer team at $145K loaded salary running 30% debt time loses roughly $522K a year to velocity tax alone.

At the macro level, CISQ put the annual US cost of poor software quality at $2.41 trillion in its 2022 report, around $1.52 trillion of it accumulated technical debt. Cite the aggregate for context, then translate to your own team with the model below.

Headlines

Cited research, the credible bracket.

$2.41T

Annual US cost, poor software quality

CISQ 2022
33%

Developer time lost to debt, average

Stripe Developer Coefficient
23 to 42%

Range across rigorous studies

McKinsey, DORA, Stripe
15 to 25%

Annual growth of untreated debt

Compounding model band
Section II

Where the cost comes from.

Technical debt cost is the sum of five line items, each measurable, each with published research backing the figures.

I

Velocity loss

Largest single line, 60 to 75% of total cost

The portion of engineering payroll consumed by working around debt rather than shipping. At 30% debt time, a 12 engineer team at $145K loaded salary loses $522K per year to velocity tax alone.

Source: Stripe Developer Coefficient (33% mean), McKinsey (20 to 40% range)
II

Incident response

10 to 15% of total cost

Sev 1 or Sev 2 incidents typically consume $10K to $20K of internal cost each (engineering time, any customer credits, brand impact). Debt-heavy codebases experience meaningfully higher incident frequency than well-maintained equivalents.

Source: Estimated from typical incident response ranges; calibrate to your own incident history
III

Onboarding friction

5 to 10% of total cost

New hires take 2 to 4 additional weeks to reach productivity in debt heavy codebases. At a $145K loaded salary, that is $5.6K to $11.2K per hire. For a team hiring 8 engineers per year, the friction tax is $45K to $90K annually.

Source: Estimated from typical ramp-up ranges; calibrate to your onboarding data
IV

Security remediation

5 to 10% of total cost, higher in regulated sectors

Dependency debt directly drives vulnerability count. Codebases with outdated dependencies carry materially higher critical-vulnerability rates. Each critical vulnerability remediation averages 12 to 24 engineer hours plus pen test cycles.

Source: Estimated, directional finding; calibrate to your dependency audit
V

Attrition cost

Variable, often understated

Engineers leaving frustrated codebases is the silent line item. Replacement cost per senior engineer averages $80K to $150K (recruiting, onboarding, ramp). Debt-heavy codebases drive higher burnout, and burnout drives voluntary turnover.

Source: Directional; DORA links delivery performance and burnout to retention
Section III

Cost per engineer, per year.

Annual debt cost for a single engineer at four salary bands and three debt time levels. Multiply by team size to scale.

Loaded salary20% debt30% debt40% debtReading
$100K$20K$30K$40KJunior, low CoL market
$130K$26K$39K$52KMid level, US median
$160K$32K$48K$64KSenior, major US metro
$200K$40K$60K$80KStaff, FAANG band

Formula: cost_per_engineer = loaded_salary x debt_fraction. Multiply by team size for total annual cost.

Section IV

Three year compounding scenarios.

Cost trajectory for a 15 engineer team at $150K loaded salary across three intervention scenarios. Demonstrates the inflection between status quo and active paydown.

ScenarioYear 1Year 2Year 3Cumulative
Status quo, 18% growth
No intervention
$675K$797K$940K$2.41M
Moderate, 20% rule
Sprint allocation
$675K$675K$642K$1.99M
Aggressive paydown
Dedicated debt sprints
$675K$540K$405K$1.62M
Three year savings, aggressive vs status quo$790K saved

Year 1 baseline = 15 x $150K x 0.30 = $675K. Status quo applies 18% annual growth (midpoint of the 15 to 25% band). Moderate flat lines via 20% sprint allocation. Aggressive cuts cost by $135K a year (20% of the year 1 baseline) through dedicated debt sprints.

Section V

Industry benchmarks.

Indicative debt-time fractions by sector. These are illustrative estimates synthesised from the research bands above, not sector-specific survey medians. Use them to locate your team relative to peers, then measure your own.

IndustryMedian debt timeDriverBasis
Pure SaaS22%Iterative product development, modern stackIllustrative
Fintech31%Regulatory remediation, security audit overheadIllustrative
E-commerce26%Peak season hardening, integration sprawlIllustrative
Healthtech34%HIPAA compliance, integration with legacy systemsIllustrative
Enterprise IT38%Multi decade legacy, integration debtIllustrative
Government42%Procurement constraints, vendor lock inIllustrative
Section VI

Sources and methodology.

Every figure on this page is traceable to a published source. Citations matter when presenting to a board.

CISQ Cost of Poor Software Quality in the US, 2022 Report

Aggregated US economy wide cost figures; $2.41T poor-quality cost, $1.52T accumulated technical debt.

Stripe Developer Coefficient

Survey of 1,000 engineers, debt time and productivity loss.

McKinsey, Tech Debt: Reclaiming Tech Equity (2020)

CIO survey; tech debt at 20 to 40% of technology-estate value, framed here as a debt-time band.

CAST Research Labs, CRASH / Appmarq

Around 1,300 enterprise applications; structural quality and debt principal benchmarks.

Incident response ranges

Typical Sev 1/Sev 2 internal cost band of $10K to $20K assumed; calibrate against your own incident response data.

DORA Accelerate State of DevOps

Delivery performance, deploy frequency, and burnout correlations.

Dependency staleness, directional

Outdated dependencies correlate with higher critical-vulnerability counts; calibrate to your own audit.

Government legacy IT, directional

Federal legacy-system modernisation challenges; sector figure is illustrative.

Section VII

Common questions.

01How much does technical debt cost?+

At the macro level, CISQ put the annual cost of poor software quality in the US at $2.41 trillion in its 2022 report, of which roughly $1.52 trillion is accumulated technical debt. At the team level, the dominant cost is velocity loss: fully loaded salary multiplied by the fraction of engineering time lost to debt. A 12-engineer team at $145K loaded salary running 30% debt time loses roughly $522K per year to velocity tax alone, before incident, onboarding, security, and attrition costs. Stripe's Developer Coefficient found developers lose about a third of their time to debt, and McKinsey's CIO survey puts debt at 20 to 40% of technology-estate value.

02Where do these dollar figures come from?+

Velocity loss is calculated as team size multiplied by fully loaded salary multiplied by debt-time fraction. Stripe and McKinsey provide the credible band for debt-time fraction (20 to 40%). Incident response cost assumes a Sev 1 or Sev 2 incident lands at roughly $10K to $20K of internal engineering time plus any customer credits and reputational impact; debt-heavy codebases tend to experience meaningfully higher incident frequency. Onboarding friction adds 2 to 4 additional weeks per hire on debt-heavy codebases. Methodology and ranges are documented at the bottom of this page.

03Why does debt compound at 15 to 25% annually?+

Untreated debt compounds rather than staying flat. We model a 15 to 25% annual growth band, with an 18% midpoint, driven by four forces: more engineers depending on legacy patterns, workarounds built on prior workarounds, longer onboarding cycles, and rising incident frequency as complexity grows. The lower bound (15%) applies to slow-moving codebases, the upper bound (25%) to fast-growing organisations. Treat it as a planning band, not an audited rate, and calibrate against your own velocity trend.

04Should I cite the trillion dollar figure to my board?+

Cite it as context, not as your team's number. The CISQ figure is aggregated across the entire US economy. It is useful for establishing that technical debt is a measurable cost category at scale. Then translate to your team using the Financial Impact model. The aggregate figure earns trust, your specific team number drives the decision.

05How does debt cost vary by industry?+

Fintech and healthtech carry the highest debt costs because of regulatory remediation, audit overhead, and outsized incident impact. Pure SaaS companies sit in the middle. E-commerce is lower per engineer but higher in absolute terms because of team scale. Government and enterprise legacy systems often exceed 40% debt time, well beyond the McKinsey upper bound.