SlideShare a Scribd company logo

Test Driven Compliance

Mike Long, profile picture
Mike Long

This document discusses automating compliance controls using test-driven compliance. It recommends translating regulations into defined processes to improve quality, outlining how checklists can provide protection and discipline. Implementing test-driven compliance using a standard unit testing framework provides benefits like standard reporting, failure explanations, and easy integration with continuous integration processes. Compliance can be treated as a socio-technical system like DevOps.

Software
1 of 22
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
@meekrosoft Automating your compliance controls with Test Driven Compliance Mike Long @meekrosoft
@meekrosoft Regulated Industries §1.1 Regulations
@meekrosoft Regulated Industries ACME Corp. Translate into processes Continuous Documentation Meetings and Signoffs §1.1 Regulations
@meekrosoft Regulated Industries ACME Corp. Translate into processes Continuous Documentation Meetings and Signoffs §1.1 Regulations
@meekrosoft Compliance with Standards ● Ensure that products and services are safe, reliable and of good quality. ● Reduce costs by minimizing waste and errors and increasing productivity. ● Help companies to access new markets
@meekrosoft Defined Processes Improve Quality “Checklists seem to provide protection against such failures. They remind us of the minimum necessary steps and make them explicit. They not only offer the possibility of verification but also instill a kind of discipline of higher performance.”
@meekrosoft SW Compliance across the value stream Confidential - Do Not Share Scope Product Management Software Development IT Operations
@meekrosoft
@meekrosoft
@meekrosoft
@meekrosoft So how do we get rid of “silos, batches, queues and gates” while staying compliant?
@meekrosoft DevOps is a SocioTechnical System
@meekrosoft Compliance ALSO is a SocioTechnical System
@meekrosoft Compliance ALSO is a SocioTechnical System ?
@meekrosoft Behaviour Driven Development Matt Wynne, Cucumber https://cucumber.io/blog/bdd/intro-to-bdd-and-tdd/ compliance
@meekrosoft BDD Control Frameworks GIVEN a current branch is a pull request and no review WHEN merge build is run THEN fail the build
@meekrosoft ● Code reviews ● Coding Standards ● Verifiable builds ● Test coverage ● Static Analysis ● Vulnerability Scanning ● Verifiable deployments Identify Change Controls
@meekrosoft Implementing Test Driven Compliance Using a standard Unit Testing Framework provides: ● Standard reporting and transparency ● Explanations on failure ● Control test independence ● Easy integration with CI processes
@meekrosoft Compliance As Code https://www.youtube.com/watch?v=A8Qwu1bYIO8
@meekrosoft Google Binary Authentication for Borg BAB Product Management Software Development Release Control Production
@meekrosoft Automating your compliance controls with Test Driven Compliance Mike Long @meekrosoft
@meekrosoft compliancedb.com

More Related Content

PDF
Build the right foundation to accelerate leadership success
Security Catalyst
 
PPTX
What Are the Most Important Reasons Behind the Success of the Concept of Spri...
Powermaster
 
PDF
Designing a secure software development process with DevOps
Mike Long
 
PDF
The Role of GitOps in IT Strategy - June 2021 - Schlomo Schapiro
Schlomo Schapiro
 
PDF
Agile Development in a Regulated Environment
TechWell
 
PDF
checkmateq.com-services-brochure.pdf
Checkmate Management Consulting
 
PPT
Compliance In A Box Documentum Deployment Solution
airsch
 
PDF
Transform your DevOps practices with Security
Paul Czarkowski
 
Build the right foundation to accelerate leadership success
Security Catalyst
 
What Are the Most Important Reasons Behind the Success of the Concept of Spri...
Powermaster
 
Designing a secure software development process with DevOps
Mike Long
 
The Role of GitOps in IT Strategy - June 2021 - Schlomo Schapiro
Schlomo Schapiro
 
Agile Development in a Regulated Environment
TechWell
 
checkmateq.com-services-brochure.pdf
Checkmate Management Consulting
 
Compliance In A Box Documentum Deployment Solution
airsch
 
Transform your DevOps practices with Security
Paul Czarkowski
 

Similar to Test Driven Compliance (20)

PDF
DevOps and Regulatory Compliance—Like Oil and Water or Peanut Butter and Jelly?
TechWell
 
PDF
TLC2018 Thomas Haver: Transform with Enterprise Automation
Anna Royzman
 
PPTX
Modernising Change Management with Enterprise DevOps
Puppet
 
PPTX
Agile, DevOps & Test
Qualitest
 
PDF
Compliance as Code
Paul Czarkowski
 
PDF
Augmented Agile: Agile Behavior Meets Digital Engineering
Consortium for Information & Software Quality (CISQ)
 
PPTX
Checkmate Cloud Engineering Services in India
Checkmate Management Consulting
 
PDF
Microsoft DevOps Journey
Mayank Srivastava
 
PPTX
Amq Overview Continuous Quality Assurance
Sofandre Sya'banu, S.E., M.T.I.
 
PPTX
Webinar - Devops platform for the evolving enterprise
DBmaestro - Database DevOps
 
PDF
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...
Schlomo Schapiro
 
PDF
Zen and the art of requirements gathering, why getting to "In time, On budget...
Femke Goedhart
 
PDF
Acceptance Test Driven Development at StarWest 2014
jaredrrichardson
 
PPTX
DevOps and Audit
Jeff Gallimore
 
PDF
Enforce compliance policy with model-driven automation
Puppet
 
PPTX
The Challenges & Pitfalls of Database Continuous Delivery
Perforce
 
PDF
Atdd half day_new_1_up
jaredrrichardson
 
PDF
20161024 Agile DC 2016 Conf Behavior Driven Development Workshop
Craeg Strong
 
PDF
Data Integrity webinar - Essentials & Solutions
pi
 
PDF
Implementing DevOps at Scale Using Dynamic Environments
Sauce Labs
 
DevOps and Regulatory Compliance—Like Oil and Water or Peanut Butter and Jelly?
TechWell
 
TLC2018 Thomas Haver: Transform with Enterprise Automation
Anna Royzman
 
Modernising Change Management with Enterprise DevOps
Puppet
 
Agile, DevOps & Test
Qualitest
 
Compliance as Code
Paul Czarkowski
 
Augmented Agile: Agile Behavior Meets Digital Engineering
Consortium for Information & Software Quality (CISQ)
 
Checkmate Cloud Engineering Services in India
Checkmate Management Consulting
 
Microsoft DevOps Journey
Mayank Srivastava
 
Amq Overview Continuous Quality Assurance
Sofandre Sya'banu, S.E., M.T.I.
 
Webinar - Devops platform for the evolving enterprise
DBmaestro - Database DevOps
 
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...
Schlomo Schapiro
 
Zen and the art of requirements gathering, why getting to "In time, On budget...
Femke Goedhart
 
Acceptance Test Driven Development at StarWest 2014
jaredrrichardson
 
DevOps and Audit
Jeff Gallimore
 
Enforce compliance policy with model-driven automation
Puppet
 
The Challenges & Pitfalls of Database Continuous Delivery
Perforce
 
Atdd half day_new_1_up
jaredrrichardson
 
20161024 Agile DC 2016 Conf Behavior Driven Development Workshop
Craeg Strong
 
Data Integrity webinar - Essentials & Solutions
pi
 
Implementing DevOps at Scale Using Dynamic Environments
Sauce Labs
 
Ad

More from Mike Long (9)

PDF
Avoiding the agile alignment trap
Mike Long
 
PDF
Avoiding the Agile Alignment Trap with DevOps
Mike Long
 
PDF
Continuous delivery of embedded systems embedded meetup
Mike Long
 
PPTX
Long Life Software
Mike Long
 
PPTX
Cleaning Code - Tools and Techniques for Large Legacy Projects
Mike Long
 
PPTX
Object Calisthenics Refactoring Dojo
Mike Long
 
PPTX
Metricide
Mike Long
 
PDF
C++ for Marine Streamer Positioning and Navigation - ACCU 2011
Mike Long
 
PDF
Unit Testing Legacy C
Mike Long
 
Avoiding the agile alignment trap
Mike Long
 
Avoiding the Agile Alignment Trap with DevOps
Mike Long
 
Continuous delivery of embedded systems embedded meetup
Mike Long
 
Long Life Software
Mike Long
 
Cleaning Code - Tools and Techniques for Large Legacy Projects
Mike Long
 
Object Calisthenics Refactoring Dojo
Mike Long
 
Metricide
Mike Long
 
C++ for Marine Streamer Positioning and Navigation - ACCU 2011
Mike Long
 
Unit Testing Legacy C
Mike Long
 
Ad

Recently uploaded (20)

PDF
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
PPTX
Transform Your Business with a Software ERP System
Canada Software Company
 
PDF
Which alternative to Crystal Reports is best for small or large businesses.pdf
Varsha Nayak
 
PDF
How to Migrate SBCGlobal Email to Yahoo Easily
raymondjones7273
 
PDF
Raksha Bandhan Grocery Pricing Trends in India 2025.pdf
Actowiz Solustions
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
PDF
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
PDF
top salesforce developer skills in 2025.pdf
CloudMetic
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
PPTX
history of c programming in notes for students .pptx
Vijayakumari829030
 
PDF
AI in Product Development-omnex systems
omnex systems
 
PPTX
Agentic AI : A Practical Guide. Undersating, Implementing and Scaling Autono...
IT IDOL Technologies
 
PDF
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
PDF
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
PDF
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
PPTX
Oracle E-Business Suite: A Comprehensive Guide for Modern Enterprises
Conacent Consulting
 
PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
PPTX
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
PPTX
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
PDF
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
Transform Your Business with a Software ERP System
Canada Software Company
 
Which alternative to Crystal Reports is best for small or large businesses.pdf
Varsha Nayak
 
How to Migrate SBCGlobal Email to Yahoo Easily
raymondjones7273
 
Raksha Bandhan Grocery Pricing Trends in India 2025.pdf
Actowiz Solustions
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
top salesforce developer skills in 2025.pdf
CloudMetic
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
history of c programming in notes for students .pptx
Vijayakumari829030
 
AI in Product Development-omnex systems
omnex systems
 
Agentic AI : A Practical Guide. Undersating, Implementing and Scaling Autono...
IT IDOL Technologies
 
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
Oracle E-Business Suite: A Comprehensive Guide for Modern Enterprises
Conacent Consulting
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 

Test Driven Compliance