Investments Unlimited | A Novel About DevOps, Security, Audit Compliance, and Thriving in the Digital Age

HOME           BOOKS           RESOURCES           CLASSES         PODCAST           VIDEOS           CONFERENCE           BLOG

Investments Unlimited
A Novel About DevOps, Security, Audit Compliance, and Thriving in the Digital Age
By Helen Beal, Bill Bensing, Jason Cox, Michael Edenzon, Dr. Tapabrata "Topo" Pal, Caleb Queern, John Rzeszotarski, Andres Vega, and John Willis
Coming September 13, 2022
In the vein of bestselling titles The Phoenix Project and The Unicorn Project, Investments Unlimited will help organizations radically rethink how they handle audit, compliance, and security for their software systems. By introducing concepts, tools, and ideas to reimagine governance, this book will catalyze a more humane way to enable high-velocity software delivery that inspires trust and is inherently more secure.
Preorder       Description       Authors      
Preorder the book:
About the Book
Investments Unlimited, Inc. has accomplished what many other firms in their industry have failed to do: they have successfully navigated the transition from legacy ways of working to the digital frontier. With the help of DevOps practices, Investments Unlimited delivers value to its customers with speed and agility. But now, all that work is about to fall apart. Sure, DevOps helped the company adapt, but it also failed them.

While features moved through the organization swiftly, their governance process became inundated with friction, frustration, and failure. And now, their inability to deliver what they promise has led regulators to slap them with an MRIA (matter requiring immediate attention), the final warning before cease-and-desist letters and fire sales.

With the future of Investments Unlimited on the line, a cross-functional team of executives and engineers has just months to develop a modern governance process that satisfies regulators but doesn’t slow down the company’s ability to compete in the market. It is up to this ragtag team to navigate trials, tribulations, site failures, and supply chain attacks, all on their path to save the company from disaster.

In the vein of the bestselling The Phoenix Project and The Unicorn Project, Investments Unlimited radically rethinks how organizations can handle the audit, compliance, and security of their software systems—even in highly regulated industries. By introducing concepts, tools, and ideas to reimagine governance, Investments Unlimited catalyzes a more humane way to enable high-velocity software delivery that is inherently more secure.
Divider Text
About the Authors
Helen Beal is an award-winning DevOps speaker, writer, and strategic advisor. Bill Bensing is a software architect helping to standardize DevSecOps. Jason Cox is a champion of DevOps practices and leads SRE teams. Michael Edenzon is a senior IT leader and engineer modernizing the technical landscape for highly-regulated organizations. Tapabrata (Topo) Pal is a DevSecOps thought leader who leads DevOps transformations at large financial institutions. Caleb Queern helps CIOs and CISOs reduce risk as they quickly build software so they can grow and compete. John Rzeszotarski provides thought leadership to large enterprises on reliability, scalability, regulatory issues, and more. Andres Vega works in security, compliance, and privacy engineering. John Willis is a bestselling author and considered one of the founders of the DevOps movement.
An Excerpt
Susan Jones had been the CEO of Investment Unlimited, Inc. (IUI), for five years. She was quick on her feet and always appeared to ask the right questions and make the right decisions. The board trusted her. But right now—although you couldn’t tell from her demeanor—she was panicking.

“How did you find out?” Susan said into the phone, nearly gasping. Behind her the noise of Rich and Lucas making Rich’s famous pizza seemed to disappear. All she could hear was the beat of her own heart and Jason on the phone.

“I met with Bernard this evening,” Jason replied, “at our regular two-finger Scotch session. He let me know that the MRIA will be issued to IUI.”  Jason paused. He knew this news was going to rattle Susan. He could already hear it in her voice. He continued, trying to provide some assurance. “You know, it may feel like regulators are out to get us, but they’re really there to help us, to help protect our customers.”

“You could have fooled me,” Susan replied half under her breath. She didn’t think Jason heard as he kept talking.

“It’s not uncommon for an MRIA to be informally notified through back channels so there’s no surprise when it’s issued. Bernard has a good relationship with the director of the regulatory agency approving the MRIA. That director reached out to Bernard as a show of good faith,” Jason said.

Susan took a deep breath. She was familiar with an MRIA, a Matter Requiring Immediate Attention, but only in concept. Actually being issued one was alarming. Federal regulators only issue an MRIA when something is seriously wrong at a bank. They aren’t handed out like candy. Susan had heard horror stories from other institutions, but she’d never had one issued at a bank she worked at—let alone the bank she ran.

“Do you know what the MRIA is about?” Susan asked.

“Yes, it’s frankly embarrassing. There are over fifteen MRAs that were issued to IUI over the past eighteen months. Our IUI team has asked for several extensions with those and there doesn’t seem to be a clear plan in closing them. That’s why this MRIA is being issued. Our team hasn’t provided any evidence of progress, and the agency now feels that we really have a huge problem.”

“I see,” Susan said. But really, she didn’t understand at all. How had her team let this happen? How had she let this happen?

“As you know, it’s a big issue,” Jason said. “Just remember, you’re in that CEO spot because Bernard thinks the world of you and knows you are extremely capable. I reminded him that he couldn’t have retired without you. He agreed.”

“Thanks for those kind words, Jason. We’ll have to get the whole team together first thing in the morning to tackle how we found ourselves in such a mess. There’s nothing more we can do tonight.”

“Sounds good,” responded Jason. “I’m sorry to interrupt your evening, but I knew you would want to know. I’ll talk to you tomorrow. Have a good night.”

“Yes, thanks, Jason. I’m glad you called. Good night.” Susan ended the call and sat down at the dining room table. It was a long table that fit over fifteen people, and it was always made up as if there was a dinner party starting at any moment.

She sat there, waiting for the numbness to wear off, waiting for her thoughts to slow down to a crawl.

“Love, are you ok?” Rich said softly as he walked out of the kitchen.

“Yes, I’m fine. Give me a minute and I’ll come in to help with the pizza,” Susan said back. She could smell the old Sicilian tomato sauce recipe that Rich was cooking up. It was a favorite of his, handed down to him from his mother. And it had been handed down to his mother from her great-grandmother. She took a deep breath. The delicious aroma was like therapy. Maybe she was starting to feel better or she was just hungry. Either way, she walked into the kitchen.

As Susan looked around, all she could see was a mess. White flour covered the countertops and floors. It looked like a fresh coat of Aspen snow in their house.

“Well, this is certainly a ‘matter requiring immediate attention’ if I’ve ever seen one,” Susan said, walking over to her six-year-old son, Lucas, happily drawing smiley faces in the flour on the countertop.

“No need to meet Jason this evening?” Rich asked, bringing Susan an apron.

“Nope, the phone call did enough damage for one night,” Susan responded, tying the apron on.

“Ohhhhh, did Mommy get in trouuuble?” Lucas asked as he wiped his flour-covered hands all over Susan’s once clean apron.

“Oh, Lucas,” Rich reprimanded gently. “Mommy didn’t get in trouble. There’s just a problem at her work. But she’ll fix it. That’s why she’s the boss,” Rich said with a smile toward his wife. He placed a big round of pizza dough on the counter in front of them. Flour flew up into the air and Lucas laughed.

“What kind of problem?” Lucas asked as Susan spread sauce over the dough. “Did you talk while your boss was talking? Or break a rule? ’Cause Xian broke a rule at recess today, and he had to sit for the rest of recess and not play at all.”

“No, I didn’t break a rule,” Susan said. “There’s just some house cleaning at work that hasn't been getting done like it should. And now we have a whole lot of cleaning to do in a short amount of time.”

“Is it like when Grandma comes for a visit and you get all crazy?” Logan asked, dramatically flinging his arms around.

Rich stifled a laugh and turned to grab the toppings.

“No, no. It’s more like when I ask you to clean your room. That’s like an MRA. What we call a Matter Requiring Attention,” Susan said, adopting her most serious movie-trailer voice.

“I hate when you tell me to clean my room.”

“Yes, well, what’s happened is we’ve been asked to clean our room lots of times, but apparently no one has done it, or at least not very well, so now we have to deal with a MR-I-A, a Matter Requiring Immediate Attention.”

Lucas’s eyes widened.

“Think of it like you’re on your last warning and you’re about to get a time out,” Rich added. “Or get sent to the principal’s office.”

“Wow. Mommy really did get in trouble,” Lucas said, and then he reached for a huge handful of mozzarella and dropped it in the center of the pizza.

Susan suddenly realized that she needed to inform her leadership team and set aside tomorrow for assessing the situation.

“Rich, give me about five minutes before we decorate the pizzas. I need to do one last thing.”

Susan hurried back into the dining room and fired off a quick message to Jada, Jennifer, Tim, and Bill using the inter-office chat system.

“Sorry to break into your evening, everyone, but this news can’t wait. Bernard and I were informed of an MRIA coming our way. Please do what you can to clear your schedules between 10 and 2 tomorrow. We have a lot of work to do.”

She pressed send and started walking back into the kitchen.


Susan settled into her side of the bed as Rich pulled up the latest episode of the comfort TV show they were watching these days.

“So, you’ve got quite a firestorm to settle at the office, huh?” Rich asked.

“Yes. An MRIA is no joke,” Susan explained.

“If I recall correctly, isn’t the next step some type of formal action by the regulators?” asked Rich.

“Yes, it is. Something like that would have a devastating impact on Investments Unlimited and everyone who works there. No doubt, it could end Bernard’s time as chairman, end my career, and stain me for the rest of my working life. If it gets to that point, there are many companies looking to purchase our assets in a fire sale,” Susan responded.

“You’ll figure it out. They didn’t make you CEO for nothing,” Rich smiled. He clicked the button on the remote and started the show.

Susan’s mind wandered. She reflected back on how IUI had started fifteen years ago as a small company in a crowded industry clamoring for business. Like those nearby research centers, they sought to discover new ways to deliver investment and banking value to the world. She remembered the lean years where they struggled to get by.

In just twelve years, this small but big-hearted company had managed to not only survive but also thrive with its winning strategy of focusing on socially responsible investing. This differentiator resonated in the market and soon began to pay off. Three years later, the 100-person firm had expanded to 1,000 employees and just topped $400 million in revenue. Things were looking pretty good.

They had also recently begun a digital transformation utilizing the business accelerating principles of Agile and DevOps. Jason was hired to help with this. He was given the charter to take their digital products to the next level. He had a bold vision. He wanted to completely redesign the user experience, making complex financial transactions and products approachable, easy, safe, and reliable. He was doing all of this while helping the team adopt more modern and agile ways of working. The first releases of these intuitive tools proved to be way better than expected. Feedback from customers was astounding and conversion rates for new accounts was growing faster than ever. It felt like the next voyage of IUI was just about to set sail!

But now things were looking a little more like a sinking ship.

Susan wasn’t sure how she had found herself in such an uncomfortable position. She had assembled a great team to lead IUI into the future. Her CIO, Jennifer Limus, was brilliant. As a developer turned leader, Jennifer always seemed to have her finger on the pulse of technological innovation. Her adoption of DevOps practices and modern tools had allowed IUI’s products to be developed ahead of the competition.

How did we miss this? Susan thought to herself. Surely Tim Jones, the CISO I hand-picked for the job, would have known this was coming. Why weren’t we prepared?

Susan wondered if she would be able to sleep. Her mind was spinning, searching for answers. Eventually she was able to drift off to sleep, dreaming of boardroom meetings, messy kitchens, and sinking ships.

Sign up for the most up to date news.