DevOps and Agile in control

A study report

‘We moved to Agile ways of working about 10 months ago. Self-steered autonomous groups of engineers working in small teams, having full control over what tasks they put in the next sprint. Really, we are 100% Scrum nowadays. No more bureaucracy! No more paperwork and only limited documentation! Just full focus on delivering business features. As a matter of fact, we started automating large parts of our testing and integration steps, allowing us to release new features several times per day" – Typical IT manager, somewhere between 2009-2019.

And while the IT manager is explaining with full excitement how everything has changed, you as an IT auditor are stuck with the question of how this new way of working will fit into your existing control framework and beliefs regarding internal control? Self-steering? Limited documentation? Automated? Releasing continuously? ...And who is keeping everything in control?

For sure you’ve already heard the terms Agile, Scrum and DevOps at some presentation or conference, but that initiatives like this have started in your organization, that is new. Don’t these hypes fit better with innovative startups, or hipster tech-companies such as Google, Amazon and Netflix? Companies which are building a new future – greenfield -, rather than your company with all its legacy systems and pressure on compliance!

The fictional story above depicts a common reaction regarding Agile and DevOps by IT auditors. There is an underlying tone of disbelief or maybe even rejection, regarding this new way of working. A clear proof of this is the ‘Dear Auditor. DevOps community to Security with Love’ letter written by the DevOps community in 2018 at the DevOps Enterprise Forum conference [17]. This letter is an attempt to improve collaboration and understanding between DevOps engineers and auditors.

logo experttube

Video's op het gebied van Audit & Control, Actuariaat & Risk Management, Juridisch & Fiscale Zaken, Pensioenen, Schade & Hypotheken, Compliance en Investment Management.

Bekijk ons volledige overzicht op

logo CareerTube

Videoplatform met werkenbij video's van toonaangevende organisaties in de financiële wereld. Met een focus op de finance specialisatie zorgt de koppeling met de 17 (niche) vacaturesites van CareerGuide direct voor een relevant bereik.

Bekijk ons volledige overzicht op