Más contenido relacionado
La actualidad más candente (20)
Similar a Making Scrum Stick Inside Heavy Regulated Industries (2012) (20)
Más de Laszlo Szalvay (11)
Making Scrum Stick Inside Heavy Regulated Industries (2012)
- 1. About today’s presenter
Laszlo Szalvay
Laszlo Szalvay is one of the foremost Scrum experts in the software industry. At CollabNet he
oversees the company’s global Scrum business, helping organizations adopt and scale Scrum-
based initiatives to drive productivity and quality improvements. He creates engagement
frameworks to forge lasting Agile-process transformations at customer sites, using a personal
approach to teaching and implementing Lean/Agile/Scrum processes as a means of achieving
greater IT agility. He is expert at leading successful distributed Agile environments (usually with
an Indian or Chinese offshore model), and addressing cultural nuances, replication issues, and
capital and headcount resource requirements.
Prior to CollabNet, Szalvay co-founded and led operations for Danube, a leader in Scrum tools
and training, before it was acquired by CollabNet. He is an active industry thought leader, having
written and contributed hundreds of articles, presentations and blogs on improving software
delivery through Scrum. Since mid-2010, Szalvay has traveled more than 330,000 miles
throughout Europe, Asia and North America, working with CollabNet customers and partners to
gain a unique perspective of the complexities and success strategies of a globally distributed
software organizations.
1 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 2. Making Agile Work in Regulated Industries
Laszlo Szalvay
VP Worldwide Scrum Business
August 2012
ENTERPRISE
2 CLOUD DEVELOPMENT Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 3. Compliance is Top of Mind
To become a mainstream methodology, Agile had to
overcome many potential obstacles. The first was
geography…One of today’s most daunting obstacles is
compliance, often bringing heavyweight documentation,
required procedures that are very waterfall-ish, complex
approval workflows, and complicated approval processes.
July 2011
Forrester Research, Inc.
“Compliance Is A Hurdle, Not A Barrier, To Agile”
Tom Grant, PhD
3 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 4. About CollabNet
dPaaS
Dev Tools Hosting
Agile PM
#1 Scrum Trainer
Open ALM Platform
Themes
Build
Lab Management
Founded
Founded Subversion
Hybrid Cloud
Development Collaborative Development
ALM
Communities Platform
ALM
1999 2000 2007 2008 2009 2011 2012
Recognition
4 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 5. Agenda
Review of Agile and
GRC
Review our
Technology & Process
Approach
Closing
2007, 2011
COSO Enterprise Risk Management: Establishing Effective Governance, Risk, and Compliance Processes
Robert R. Moeller
5 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 6. Problem Statement
Undoubtedly, the Dodd-Frank bill has driven the biggest
risk management changes for banks; Dodd-Frank’s
2,300-plus pages contain hundreds of new rules and
spell out dozens of studies and reports that regulators
are required to conduct. But many of the law’s new
regulations have yet to be implemented or, in some
cases, still remain undefined. And many of the new
rules don't have a set implementation date.
Dec 2011
Compliance Doesn't Have to Be Painful for Banks
Bank Systems & Technology
Bryan Yurcan
6 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 7. Our BHAG (big hairy audacious goal)
• Agility and Compliance not only co-exist but
thrive when used together
• What is interesting and worth pointing out as a
paradox is that compliance is seen as a negative.
Yet companies that invest in process regardless of
government requirements are always the better
and more profitable organizations.
7 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 8. Agility
8 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 9. market trends
“Scrum is the Modern way to work”
October 2010
Tieto In person meeting in Helsinki”
Mika Koivuluoma, VP Software Development and Tools
9 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 10. roles, meetings, and artifacts
Scrum is a means to an end.
10 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 11. GRC
11 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 12. This is not what external compliance is
12 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 13. Compliance is complex
• Ever changing
• More scrutiny due to Sept 2008 crash and general 'anger' at Wall Street
(e.g. Occupy Movement)
• Many faces, although Singapore emerging as leaders (strategic)
• Not familiar with internal corporate vernacular, culture, or even
software development
13 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 14. Singapore – emerging standard
• Singapore sees compliance as a strategic
differentiator and Singaporeans have taken
a very taken a very hard position within the
banking industry. As such, they are now seen
as the international standard.
• Complex set of cross-border rules that can be contradictory,
incomplete, or vague
• Have seen this in other industries (e.g. Postal)
– Customs is where the most senior people from DHL, FedEx, UPS sit
14 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 15. What are we seeing in the industry?
15 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 16. Scrum and XP are the #1 choice in heavily regulated industries
40%
35%
30%
25%
20% Regulated
Unregulated
15%
10%
5%
0%
Agile Iterative Waterfall Structured Chaos
Source: Forrester/Dr. Dobb’s Global Developer Technographics® Survey, Q3 2010
16 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 17. Our Approach
Introducing the Enterprise Cloud Development Maturity Model
17 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 19. Step 1: Embrace the Cloud
• Visibility
• Centralization
• Standardization
• Information security audit log
• IP security
• RBAC reports
19 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 20. Step 2: Implement Community Architecture
• Map business / enterprise architecture
(project hierarchies, workspaces, artifacts, roles)
• Create a social environment ? Why?
A lesson from Open Source. Did you know…
30% of developers who
work in regulated
industries contribute to
open source projects
during their free time.
July 2011
Forrester Research, Inc.
“App Dev Teams Dispel The Compliance Boogeyman”
Tom Grant, PhD
Why? Lets ask Dan Pink
20 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 21. Thought Leader Perspective
Autonomy over time, task, team,
technique led to 20% time at some of the
most innovative companies in the world.
2009
TED Conference
Dan Pink
“These lessons are worth
repeating, and if more
companies feel
emboldened to follow Mr.
In Drive, Dan Pink examines the three Pink's advice, then so much
elements of true motivation— the better.”
Wall Street Journal
“Pink is rapidly acquiring
international guru status…
He is an engaging writer,
who challenges and
provokes.”
Financial Times
21 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 22. Analyst Perspective
The real difference between developers in the most-
regulated and less-regulated industries lies in their
reasons for contributing to open source…developers in
more-regulated teams see open source as an outlet
for what they may not get from a more-regimented
workplace: opportunities for collaboration
and a personal sense of accomplishment.
July 2011
Forrester Research, Inc.
“App Dev Teams Dispel The Compliance Boogeyman”
Tom Grant, PhD
22 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 23. Back to Step 2 Implement Community Architecture –
what are the benefits?
Your developers want to collaborate and be part of a community
– step 2 enables that through…
– Inner-source (Corporate Open Source)
– Transparency (breeds trust which drives reuse)
– Workspaces and Wikis (Federated)
Wiki is the oldest and
simplest software that lets
a community of strangers
work together to build
something of surprising
and lasting value.
Ward Cunningham
Inventor of the Wiki
Sent to Laz via LinkedIn in March 2012
23 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 24. So how did SCM market play out?
So does Dan Pink’s motivation
concept hold water?
2007 Forrester Research
The Forrester Wave: Software Change and Configuration Management
autonomy, mastery, and purpose = innovation and market leadership
24 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 25. Step 3: Codify Development Processes
• Support Scrum and XP
• Codify workflows and vernacular
• Gain end to end visibility and traceability
• Use the retrospective meetings as a point to make
evolutionary changes to process that map to external
compliance standards
25 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 26. Agile workflow management (gated approvals based on RBAC)
Explain how CTF workflow matches to Basel II
26 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 27. Paper Trails (reporting and reconstruction)
Explain how CTF maps to reporting and reconstruction using associations and threaded conversations
27 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 28. Single source of truth – Developers View
CTF data integrality is maintained even though the roles differ
28 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 29. Single source of truth – The Businesses View
CTF data integrality is maintained even though the roles differ
29 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 30. Single source of truth – The Auditors view
CTF data integrality is maintained even though the roles differ
30 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 31. Lessons to Take Away
• Scrum is a means to an end and it improves learning
organizations
• Leverage mandatory compliance and Scrums popularity as a
means to:
– Embrace the Cloud
– Implement Community Architecture
– Codify Dev Processes
• You will be compliance ready, your employees will see a
better way to work, and you will improve the effectiveness of
your enterprise
31 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 32. Three Times More Cost-Effective
Instead of a one-size-fits-all solution, we
could, for more risk-averse platforms, have
a thicker process with more controls; and
for platforms that needed to be more
agile, we could have a more agile process.
Brian Roberson
Principal
Source: Business Trends Quarterly Barclay’s Global Investors
Solution Cost Benefits
• Less complicated
• More graceful
• Easier to administer
• Easier to train and use
Previous Solution CollabNet
32 Copyright ©2012 CollabNet, Inc. All Rights Reserved.
- 33. CollabNet, Inc.
8000 Marina Blvd., Suite 600
Brisbane, CA 94005
www.collab.net © 2012 CollabNet, Inc., All rights reserved. CollabNet is a
trademark or registered trademark of CollabNet Inc., in the US
+1-650-228-2500 and other countries. All other trademarks, brand names, or
+1-888-778-9793 product names belong to their respective holders.
blogs.collab.net
twitter.com/collabnet
www.facebook.com/collabnet
www.linkedin.com/company/collabnet-inc
33 Copyright ©2012 CollabNet, Inc. All Rights Reserved.