Among these controls that support continuous compliance in DevOps, which are important to adhere to? Select all that apply.

Software Development DevOps

Multiple environments32%

Segregation of duty42%

Authentication60%

QA testing50%

Key management28%

Security protocols29%

Encryption16%

Other (share details in comments)2%

426 PARTICIPANTS

2.9k views1 Comment

Sort by:

Field CTO in IT Services2 years ago

Additionally, for many regulated industries, enabling traceability from code back to the requirements is needed, alongside the devsecops pipelines ensuring that individual control assessment and attestation is retained and available for compliance/audit/regulators etc as required.

Content you might like

Can you implement DevOps without a platform team?

Yes, no problem24%

Yes, but it's challenging55%

No, it's not really possible14%

Absolutely not5%

Not sure1%

View Results

Which term best describes your approach to delivering IT services within your organization?

DevOps14%

ITSM (IT services management)56%

SRE (site reliability engineering)13%

A combination of the above15%

Other (comment below)

View Results

What are some ways that a leader can show their software staff that experimentation and failure are not only acceptable, but encouraged?

Software Engineers often get pegged as the team that says “no” or “that’s impossible”. How do you maintain a strong and trusting relationship with the product team while continuing to reset their expectations?

Any tips for establishing a security champions program for the software team? If you’ve done this, did you run into any internal pushback or skepticism?