regulated environments

Articles

Exploratory Testing in a Regulated Environment Exploratory Testing in a Regulated Environment

Exploratory testing can help you make the best use of your team's creativity, adapt to changes, and provide visibility into the decision making process. Don't miss out on these benefits because of an adversarial stance with your auditor.

Josh Gibbs's picture Josh Gibbs

Interviews

Dawn Haynes The Power of Collective Experience: An Interview with Dawn Haynes
Video

In this interview, Dawn Haynes, CEO, testing coach, and consultant for PerfTestPlus, describes her STAREAST experience, explains the importance of discussing challenges female testers face, and talks about her sessions, the Workshop on Regulated Software Testing, and the leadership summit.

Jennifer Bonine's picture Jennifer Bonine
Griffin Jones discusses Regulated Software Testing STAREAST 2015 Interview with Griffin Jones on Regulated Software Testing
Video

In this interview, STAREAST speaker Griffin Jones discusses his experience at the conference, as well as his presentation titled, "The Workshop on Regulated Software Testing." It's a peer workshop dedicated to improving the practice of testing regulated systems. 

Jennifer Bonine's picture Jennifer Bonine
Ray Potter talks about wearable tech security Security, Smart Devices, and Industry Trends: An Interview with Ray Potter
Podcast

Ray Potter, CEO and founder of SafeLogic, sat down with Jonathan Vanian to talk about how 2014 is the year of encryption, what the future is for security on wearable tech, the issue of security not being at the forefront of software development, and his time at SafeLogic.

Jonathan Vanian's picture Jonathan Vanian

Conference Presentations

Agile DevOps West How to Prevent Catastrophic Doom on Your Next Federal DevOps Project
Slideshow

Trying to achieve real continuous deployments into production is hard for everyone, but it’s especially hard for highly regulated or government projects. These types of challenges range from client-specific, such as a set of manual checks and validations that need to be performed, to more generic problems, like how to version microservices and promote potentially breaking changes. Join Ryan Kenney as he discusses ways that he and his team have overcome obstacles to reaching continuous deployment. First Ryan will give an overview of the project and some of the problems they’ve faced. Then he will discuss how he was able to mitigate the lack of CD to an actual production environment by creating "developer production" and focusing the CD around that.

Ryan Kenney
Privacy and Data Security: Minimizing Reputational and Legal Risks
Slideshow

Privacy and data security are hot topics among US state and federal regulators as well as plaintiffs’ lawyers. Companies experiencing data breaches have been fined millions of dollars, paid out millions in settlements, and spent just as much on breach remediation efforts. In the past...

Tatiana Melnik, Melnik Legal, PLCC
CMMI® to Agile: Options and Consequences
Slideshow

If you long for greater agility in your process-oriented or CMMI world, this session is for you. Paul McMahon shares how organizations can integrate agile approaches with CMMI and its key process area requirements. He discusses the advantages and disadvantages of different approaches taken by two organizations-one a CMMI Level 3 and the other a Level 5-to embrace agile principles and practices. To ensure your organization doesn't jeopardize its CMMI compliance with agile methods, Paul shares an approach that uses techniques such as asking key questions to focus objectives, pruning your processes, using the CMMI less formally, and keeping your "must dos" packaged separately from guidelines. He describes and discusses examples of each technique. Learn why the two organizations took different approaches, why one achieved its goals, and why the other fell short.

Paul McMahon, PEM Systems
IT Governance and Compliance in an Agile World
Slideshow

Establishing IT governance and compliance practices is essential for organizations that have regulatory or audit requirements. The good news is that you can be agile and still comply with Sarbanes-Oxley, CFR 21, HIPAA, and other regulatory imperatives. Done well, IT controls actually help you improve both productivity and quality. Bob Aiello describes how to implement IT controls in frameworks such as ISACA Cobit and ITIL v3 that many regulatory frameworks require-while maintaining agile practices. Bob's guidance includes specific examples of establishing IT controls: separation of duties, work-item to change-set traceability, physical and functional configuration audits, and more. Bob explains how these practices help government, defense, and corporations scale agile practices where audit and regulatory compliance is a must.

Bob Aiello, CM Best Practices Consulting

StickyMinds is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.