John Willis – Automated Governance

John Willis – Automated Governance

43m

Finding a proper balance between classic IT Governance, Risk, and Compliance (GRC) and modern technologies initiatives has been a reasonably difficult process for most large enterprises. The classic enterprise risk policy profiles are often redundant, misaligned, or in some cases outdated.

In this presentation, we are going to discuss two recently published papers that address modern patterns to deal with the imbalance. The first paper was introduced in September of 2019 called “DevOps Automated Governance Reference Architecture”. This paper discusses a reference architecture for digitally signing policy evidence that is automated in the delivery pipeline in the form of attestations in an attestation data store. The second paper was released in May of 2020 called “Automated Cloud Governance”. This paper is a follow on work from the original paper, including specific evidence opportunities from the major cloud providers to the cloud consumers.

The presenter of this session was chairperson of both of the working group papers and he will discuss an overview and also discuss opportunities these papers can provide. This session should be interesting with anyone working on DevOps, DevSecOps, and or Risk initiatives.

0
Share some ❤
Guest(s): John Willis
Date: June 4, 2020
Play
My List

TechStrong Con 2020

Baruch Sadogursky + Leonid Igolnik - DevOps @Scale (Greek Tragedy in 3 Acts)

Baruch Sadogursky + Leonid Igolnik - DevOps @Scale (Greek Tragedy in 3 Acts)

Chenxi Wang - Building Trust with Artificial Intelligence and Digital Transformation

Chenxi Wang - Building Trust with Artificial Intelligence and Digital Transformation

Helen Beal - Community and Capitalism

Helen Beal - Community and Capitalism

James Wickett - A Way to Think about DevSecOps: MEASURE

James Wickett - A Way to Think about DevSecOps: MEASURE

Jeff Williams - How to Build Awesome Security Instrumentation to Automate AppSec Testing and Protection - Contrast Security

Jeff Williams - How to Build Awesome Security Instrumentation to Automate AppSec Testing and Protection - Contrast Security

Mark Herring - So How Are Developers Feeling During the COVID Health Crisis?

Mark Herring - So How Are Developers Feeling During the COVID Health Crisis?

Rosalind Radcliffe - Making your Dinosaur Dance to the Tune of your Digital Transformation

Rosalind Radcliffe - Making your Dinosaur Dance to the Tune of your Digital Transformation

Derek Weeks - Machines Making Software: Paving and Maintaining the Road with Zero Trust Open Source

Derek Weeks - Machines Making Software: Paving and Maintaining the Road with Zero Trust Open Source

Kristina Pennella - Re-imagining Ways of Working Across the Organization for Improved Business Outcomes

Kristina Pennella - Re-imagining Ways of Working Across the Organization for Improved Business Outcomes

Pavlo Baron - Applying Observability in the Enterprise at Scale

Pavlo Baron - Applying Observability in the Enterprise at Scale

Sanjeev Sharma - Your (lack of) Data Strategy is Killing your Digital Transformation

Sanjeev Sharma - Your (lack of) Data Strategy is Killing your Digital Transformation

Barak Schoster - Cloud Infrastructure Security in Run-Time vs. Build-Time

Barak Schoster - Cloud Infrastructure Security in Run-Time vs. Build-Time

Paul Stack - Infrastructure as Software

Paul Stack - Infrastructure as Software

Brian Amaro - Clearing the Path for Automated Operations: Finding the Value in AIOps

Brian Amaro - Clearing the Path for Automated Operations: Finding the Value in AIOps

Darren Murph - Making Remote Work: What to do (and where to start)

Darren Murph - Making Remote Work: What to do (and where to start)

Cat Swetel - Digital Transformation: From Transactions to Relationships

Cat Swetel - Digital Transformation: From Transactions to Relationships

Julie Gunderson - You Can’t Buy DevOps

Julie Gunderson - You Can’t Buy DevOps

Ben Hindman - A

Ben Hindman - A "Comprehensive" Guide For Getting To Day 2

Tiffany Jachja - Your Guide to Continuous Delivery

Tiffany Jachja - Your Guide to Continuous Delivery

William Hurley - Quantum Computing for Dummies

William Hurley - Quantum Computing for Dummies

Liz Rice - Container Images: Small is Beautiful

Liz Rice - Container Images: Small is Beautiful

Patrick ONeil - Cloud Automated Governance

Patrick ONeil - Cloud Automated Governance

Matt Rose - Putting the Sec in DevOps

Matt Rose - Putting the Sec in DevOps

Caleb Queern + John Willis - Automated Governance Fireside Chat

Caleb Queern + John Willis - Automated Governance Fireside Chat

Leave Review

Your email address will not be published. Required fields are marked *

ARE YOU IN?

Get enhanced value from the site through the exclusive “members-only” content. 200,000+ subscribers already enjoy our premium stuff.