Building a Cloud-Native Compliance Culture
Striving to create a 10x organization at Boston Scientific, we faced one tough obstacle: software development processes have modernized faster than regulatory regimes. During Pivotal and Boston Scientific’s first week working together, we realized that the relevant standards hadn't been updated in 15 years. How could we ensure agility, quality, and regulatory compliance in this environment?
In this talk, we'll share how we are building a compliance engine using Concourse and various open source tools to ensure we had the expected change controls and validation in place. This compliance engine is keeping our teams focused on their application code and minimizing the effort they put into compliance.
Building the compliance engine has required collaboration with many teams and rethinking some of our ideas about quality, control, and regulatory compliance. Automating pipelines is easy, getting teams to use them and the organization to trust them is a more interesting and challenging problem. We'll share the details of this process to help you as you start on your journey to a more agile, safe, and compliant organization.