Home Articles Agile Development Conference

Agile Development Conference

PDF Print E-mail

Join us at the Agile Development Conference for IT Governance and Compliance in an Agile World

Date: Wednesday November 07, 2012 2:15pm

Presenter: Bob Aiello, CM Best Practices Consulting


Establishing IT governance and compliance practices is essential for organizations that have regulatory or audit requirements. The good news is that you can be agile and still comply with Sarbanes-Oxley, CFR 21, HIPAA, and other regulatory imperatives. Done well, IT controls actually help you improve both productivity and quality. Bob Aiello describes how to implement IT controls in frameworks such as ISACA, Cobit, and ITIL v3 that many regulatory frameworks require—while maintaining agile practices. Bob’s guidance includes specific examples of establishing IT controls: separation of duties, work-item to change-set traceability, physical and functional configuration audits, and more. Bob explains how these practices help government, defense-related, and other critical mission corporations scale agile practices where audit and regulatory compliance is a must. In fact, Bob attests to the fact that a disciplined approach to agile can improve the productivity and quality of most all agile development efforts.

Also, please join us the day before for Configuration Management Best Practices training



More articles by this author

Join us at the Better Software Conference for Configuration Management Best Practices training Date: Monday, June 2nd, 2013 8:30 AM Presented by  Bob Aiello, CM Best Practices Consulting Description Robust configuration management (CM) practices are essential for creating continuous builds to support agile’s integration and testing demands, and for rapidly packaging, releasing, and deploying applications into production use. Classic CM—consisting of identifying system components, controlling changes, reporting the system’s configuration, and auditing—won’t do the trick anymore. Bob Aiello presents an in-depth tour of a more robust and powerful approach to CM consisting of six key functions: source code management, build engineering, environment management, change management and control, release management, and deployment. Bob describes current and emerging CM trends—support for agile development, cloud computing, and mobile apps development—and reviews the industry standards and frameworks that are essential in CM today. Take back an integrated approach to establish proper IT governance and compliance using the latest CM practices while offering development teams the most effective CM practices available today.      
Application Baselining Baselining an application is an essential task required to identify all of the compile and runtime dependencies that are necessary to support application build, package and deployment. If you get this right then you will always be able to be certain which version is running in Production (or QA for that matter) at any point. You will also be able to retrieve a specific code milestone and make modifications (e.g. bugfix) in order to make changes to the code without any chance of the code regressing due to the wrong version of a particular header file or other compile dependency. Baselining at the source code level is fundamental and usually depends upon version control practices including placing an immutable tag (or label) to identify the exact versions of all source code and configuration files necessary to reliably build a specific release. Baselining at the runtime level is a little different and involves ensuring that the correct versions of the code are built, packaged and deployed. Many organizations have a regulatory requirement to independently build code, verifying in the process that the code has been correctly baselined. The build should also embed unique immutable version IDs into each and every configuration item. This is essential for conducting the configuration audit. The next step is to package the release which should include a manifest with a bill of materials (BOM) identifying all of the configuration items included in the release. This facilitates automated application deployment. These practices are the ABCs of excellent DevOps!
Copyright © 2017 CM Best Practices. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.

Product News

Live Online Training