Keeping Up with Compliance in a DevOps World

This post first appeared at the DevTestOps community on October 4, 2019.

About 5 years ago I was working in a small product that was doing (almost) everything the DevOps way. We had the works: code and tests versioned in git, trunk based development, building the code once (more or less), feature toggles, daily deployments, the ability to fix issues fast, monitoring and alerting of our production system.

But there was one tiny problem.

We still needed to adhere to the company’s Quality Management System (QMS) which included compliance to ISO 9001 certification as well as other regulatory requirements. While development was adapting to the new world in a fast pace, the same could not be said for the company’s processes at that time.

So here are some things we did to address the situation.

Continue reading at the DevTestOps Community

Some Ideas for Reducing “Release Decision” Time

“Can we release this feature?” is usually a question answered by humans, not machines. From what I have seen around, even teams that practice continuous deployment seem to take a step back to consider whether they are ready to expose new functionality to their users. My impression is that “release decision” time might vary from a couple of hours to days or longer. Surely, a stable, meaningful deployment pipeline and a team’s certain autonomy level are prerequisites to take a decision. But I was wondering, what other activities might influence such a decision and how we could reduce their time span?

Here is a list of the things I came up with.

Read More »