Skip to content

An Unlikely Union: DevOps and Audit

By James DeLucia, Paul Duvall, Mustafa Kapadia, Gene Kim, Dave Mangot, James Wickett, Julie Yoo

Information Security and Compliance Practices

EBook Available Now On:

Many organizations often get stymied when dealing with information security, compliance, and audit requirements. There seems to be a misconception that DevOps practices won’t work in organizations which are under SOX or PCI regulations.
In this 2015 Forum paper, seven experts provide high-level guidance on three major concerns about DevOps Practices: DevOps and Change Control, DevOps and Security, DevOps and Separation of Duties.
  • Publication Date Jun 01, 2015
  • Pages 27
  • Format Free PDF Download

Features

  • Expert Guidance

    Seven experts in information security and software delivery provide high-level guidance on the three major concerns of DevOps practices.

  • Mythbuster

    This paper busts the misconception that DevOps doesn’t work in highly regulated industries.

  • Audit/Compliance

    Breaks down how DevOps and Audit/Compliance are not at odds with each other, but can actually work together.

  • Shift Left on Security

    This paper shows how implementing a secured delivery pipeline will allow organizations to ensure better security control, less risk, and better compliance.

About the Resource

Many organizations often get stymied when dealing with information security, compliance, and audit requirements. There seems to be a misconception that DevOps practices won’t work in organizations which are under SOX or PCI regulations.
In this 2015 Forum paper, seven experts provide high-level guidance on three major concerns about DevOps Practices: DevOps and Change Control, DevOps and Security, DevOps and Separation of Duties.

James DeLucia
Paul Duvall
Mustafa Kapadia
Gene Kim
Dave Mangot
James Wickett
Julie Yoo
James DeLucia

James DeLucia

To Author Archive
Paul Duvall

Paul Duvall

To Author Archive
Mustafa Kapadia

Mustafa Kapadia

Global Head Transformation @ Google | Products & Innovation | echo-point.com

To Author Archive
Gene Kim

Gene Kim

Gene Kim is a Wall Street Journal bestselling author, researcher, and multiple award-winning CTO. He has been studying high-performing technology organizations since 1999 and was the founder and CTO of Tripwire for 13 years. He is the author of six books, The Unicorn Project (2019), and co-author of the Shingo Publication Award winning Accelerate (2018), The DevOps Handbook (2016), and The Phoenix Project (2013). Since 2014, he has been the founder and organizer of DevOps Enterprise Summit, studying the technology transformations of large, complex organizations.

To Author Archive
Dave Mangot

Dave Mangot

Dave Mangot (DevOps Patterns for Private Equity) helps private equity portcos get good at delivering software. He is a leading consultant, author, and speaker as the principal at Mangoteque. A DevOps veteran, Dave has successfully led digital, SRE, and DevOps transformations at companies such as Salesforce, SolarWinds, and Cable & Wireless. He has a proven track record of working with companies to quickly mature their existing culture to improve the speed, frequency, and resilience of their software service delivery.

To Author Archive
James Wickett

James Wickett

Head of Research at Verica & Author on DevOps and DevSecOps at LinkedIn Learning

To Author Archive
Julie Yoo

Julie Yoo

To Author Archive

Similar Resources