Upload
collabnet
View
203
Download
1
Embed Size (px)
Citation preview
1 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
CollabNet
Compliance and GovernanceBuilding compliance and governance into your Application Lifecycle
2 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
Kevin Hancock, Senior Director Worldwide Field Operations
In his ten plus year at CollabNet, Kevin has led successful implementations of CollabNet products and services at some of the world’s largest enterprises.
Kevin works with organizations to transform their globally distributed application development teams into modern, agile organizations, helping to save millions of dollars while accelerating software delivery. Kevin holds a Bachelor of Science degree from Carnegie Mellon University, and a Masters degree from the University of Pittsburgh.
Today’s Presenter
• 20 years working in IT with the last 15 focusing on Development Organizations
• Experience with 1000’s of developers and 100’s of development teams
• Practical knowledge of building development communities across organizations
• Practical experience in scaling agile across enterprises
3 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
Who is CollabNet?
1st Cloud-Based ALMAgile Transformations
Open Agile ALM
1999 2005 2014
Apache / Subversion
2010
Leader• ALM, SCM, cloud, agile, open source
• Transformed 100s of largest,most respected IT orgs
• Enterprise agile experts
– 17,000+ ScrumMasters trained
Pioneer• Creator of Subversion (SVN)
• 1st cloud-based ALM solution
Proven Scale• 10,000+ customers
• 6M+ users
• 280 employees
4 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
• Introduction
• Considerations
• Organizational challenges
• Building in Compliance and Governance
• Financial Services Case Study
• Solution Example
• Question and Answer
Agenda
5 Copyright ©2015 CollabNet, Inc. All Rights Reserved.5 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
ConsiderationsLaws, Regulations, and Audits
6 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
• Sarbanes-Oxley (SOX)
• Health Insurance Portability and Accountability Act (HIPPA)
• Payment Card Industry Data Security Standard (PCI)
• Gramm-Leachy Bliley Act (GLBA)
• SB 1386
• BASEL II
• Federal Information Security Management Act (FISMA)
Regulatory Compliance
7 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
How they apply to the Application Lifecycle
Act Considerations . . .
Sarbanes -Oxley
Privacy and integrity of financial data in publicly traded corporations.
HIPPA Confidentiality, integrity, and availability of healthcare information
PCI Confidentiality of credit card information stored and used by merchants
GLBAConfidentiality and integrity of personal financial information stored by financial institutions
SB 1386Confidentiality of customers’ personal information stored by any organization that does business in the state of California
BASEL IIConfidentiality and integrity of personal financial information stored by financial institutions. Availability of service and integrity of financial transactions.
FISMAConfidentiality, integrity and availability of information of sensitive information
8 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
•Confidentiality
• Integrity
•Availability
•Change management
•Auditing and Logging
•Access controls
•Segregation of duties
•Proactive reporting
Areas for development focus across the regulations
Strategies
Direction
Control
Governance
Identify
Analyze
ResponseRisk
Adherence
ReportCompliance
9 Copyright ©2015 CollabNet, Inc. All Rights Reserved.9 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
Challenges
10 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
The ever changing organization
• Organization growth through M & A
• Inclusion of contractors and third party developers
• Proliferation of applications and deployment option
11 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
Spectrum of processes
STABILITY
Predictability
AGILITY
Velocity
• Agile and Waterfall are two poles, and • Teams select to work in the myriad of processes in between.
12 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
ALM Monoliths
Late 1990s to ~2005
Management Team
Development Team
Tension between
Business Lines and Central IT
Management Team
Development Team
Point Tool Rebellion
~2005 to Now
Development Team
Management Team
Proliferation of tools
13 Copyright ©2015 CollabNet, Inc. All Rights Reserved.13 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
Building in Compliance
14 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
Blueprint for Enterprise Agility
- Centralize access & visibility- Plug-in & collaborate – code, issues, people
- Map business/enterprise architecture(project hierarchies, workspaces, artifacts, roles)
- Be social (e.g. code reuse)
- Support Agile and mixed process- Codify data definitions, tool integrations, workflows- Gain end-to-end visibility, traceability, repeatability
EmbraceCloud
ImplementCommunityArchitecture
Codify DevProcesses
OrchestrateDevOps
Leverage ExternalCloudsBuilding compliance and
governance into your processes and tools
Collaboration & Insight
Val
ue
- Automate Continuous Delivery & DevOps- Collaborate enterprise-wide
- Extend DevOps to ext. clouds- Integrate & govern 3rd party
services
15 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
Open ALM Platform
Open ALMPlatform
FlexibleProcess
Templates
CollaborationArchitecture
Connect disparatedevelopment and collaboration tools
to drive SW lifecycletraceability
Create libraries of common, repeatable
workflows
Map EA into business and technologyhierarchies to enable organizational-wide
discovery, collaboration, re-use and reporting
16 Copyright ©2015 CollabNet, Inc. All Rights Reserved.16 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
Case Study
17 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
A leading global investment bank with a strong and growing private clients franchise.
• 90,000+ employees
• CollabNet Users = 13,500 (employee’s, contractors and 3rd
parties)
Issues
Overview
18 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
CollabNet Hosted TeamForge
The solution
19 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
Where is the Community
20 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
The place where the Bank builds software!
Governance
• Repeatable processes
• Public, Private and Gated Workspaces
• Change management actions enforced as part of processes
Compliance
• Role based access controls
• All actions logged and auditable
• Change management actions enforced as part of process
What is the Community
21 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
•Decreased cost per developer
–Central instance via SaaS: better economies of scale and higher availability
–Standard tools: lower support costs, fewer integration points, better resource mobility
–Central integration and certification: reduced effort per team, higher quality
• Increased productivity per developer
–80% of developers saw an increase in productivity
–40% of 1-2 hours per week, 40% of more than 2 hours per week
Value
22 Copyright ©2015 CollabNet, Inc. All Rights Reserved.22 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
CollabNet TeamForgeBuilding governance and compliance into your ALM platform
23 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
Event
Data Store
TeamForge Platform Architecture
Trackers
Project / Portfolio
Administration
Collaboration
Run time
Event Mgmt.Operational
Data StoreTool Chain
setup
Teams
Users
Roles/Perms
Event Sources
Associations
Domain
Objects
Activities
Universal
Search
Native
Artifact UI
Lifecycle
Reports
Federated
Tool UI
Activity
Streams
Pipeline
Monitors
External
Listeners
Notification
Activities, Objects, Associations
Events
Events
User Workspace
Configure
Configure
Store
Federated Tools
Native Artifacts
Custom
Objects
24 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
TeamForge: Collaborative Software Development & Delivery
Reporting & Governance search
traceabilitydocuments
wikis
discussions
Release
Test
Build
Track
Code
Plan
My page
Reports
Projects
Monitoring
My settings
Open ALM
CollaborationArchitecture
Communities
My workspace
Deploy
GitEye
Orchestrate
ProcessTemplates
Dashboards & Report Catalog
Desktops
• Integrated ALM development and collaboration tools
• Flexible and repeatable process templates
• Cross-project collaboration architecture
• Reporting & Governance
25 Copyright ©2015 CollabNet, Inc. All Rights Reserved.25 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
TeamForge Demonstration
26 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
› Across geographies, projects, teams, software assets
› Serve all modes of development and all goals of the application with compliant enterprise-controls
› High-grade security with RBAC, permissions management, authentication, encryption, auditing
› For creation and sharing of common, repeatable processes across your organization
› Throughout the development lifecycle and across projects, tools, and teams
With TeamForge platform, You Gain
› Organization-wide discovery, collaboration, re-use, and reporting
27 Copyright ©2015 CollabNet, Inc. All Rights Reserved.27 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
Questions?
28 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
• Attend our live Compliance and Governance workshop
– http://www.collab.net/company/news-and-events/events
• Contact CollabNet to conduct a POC around your governance initiative
– http://www.collab.net/contact-us
• Schedule a demonstration of TeamForge
– http://www.collab.net/contact-us
• Download the whitepaper
– http://visit.collab.net/15Q2ComplianceandGovernanceSolutionBriefTriplePlayCampaign_LandingPage.html
• Read our blogs
– http://blogs.collab.net/ta
Next steps
29 Copyright ©2015 CollabNet, Inc. All Rights Reserved.29 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
Thank You
Kevin Hancock
30 Copyright ©2015 CollabNet, Inc. All Rights Reserved.30 Copyright ©2015 CollabNet, Inc. All Rights Reserved.
© 2015 CollabNet, Inc., All rights reserved. CollabNet is a trademark or registered trademark of CollabNet Inc., in the US and other countries. All other trademarks, brand names, or product names belong to their respective holders.
CollabNet, Inc.So San Francisco, CA
www.collab.net
+1-650-228-2500+1-888-778-9793blogs.collab.nettwitter.com/collabnetwww.facebook.com/collabnetwww.linkedin.com/company/collabnet-inc