Scrum and Compliance (2013)

1,079

Published on

This is my current work and thinking on how to do Scrum within heavily regulated industries like healthcare, government, and finance. For more information join my community at http://scrumandcompliance.com/

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,079
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • I would argue that introducing compliance only complicates this issue. “Scaling is the last thing you should do” – Bas Vodde, Craig Larman, Martin Fowler, Jeff Sutherland, Ken Schwaber
  • I would argue that introducing compliance only complicates this issue. “Scaling is the last thing you should do” – Bas Vodde, Craig Larman, Martin Fowler, Jeff Sutherland, Ken Schwaber
  • Is the Open Source model of working good? Does it produce results? Wikipedia? Subversion
  • Gmail was invented during 20% time
  • http://www.advancedtrading.com/algorithms/did-a-rogue-algo-cause-bats-ipo-crash/232800284
  • INSERT IMAGE And story of $400 mil losses
  • Former solution was from a proven vendor in the industry and we knew it had audit proof controls, but by the time CollabNet came in, we realized that (former solution) was much less cost effective. CollabNet was three times more cost-effective. We did an actual ROI study with Forrester, and over a three-year period, CollabNet was one third the cost, including the rollout of all these applications and maintenance costs. CollabNet was a much less complicated solution, was much more graceful to meet our needs, easier to administer, and easier for developers to train up and to use. The solution also included collaboration capabilities. The solution was more flexible. Instead of a one-size-fits-all solution, we could, for more risk-averse platforms, have a thicker process with more controls; and for platforms that needed to be more agile, we could have a more agile process.
  • Scrum and Compliance (2013)

    1. 1. Making Agile Work in Regulated Industries Laszlo Szalvay VP Worldwide Scrum Business Version 6.0 (05 February 2013)ENTERPRISE CLOUD DEVELOPMENT1 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    2. 2. CollabNet Company Background • Founded in 1999; Headquarters in Silicon Valley. • Global offices in Singapore, Shanghai, Seoul, Tokyo, Chennai, Munich, London, Amsterdam, Seattle, Portland. • Started Subversion project in 2000 • 50%+ Market share for Source Code Management. CollabNet named strategic leader by Gartner and Forrester • Founders include Brian Behlendorf (Founder of Subversion, Apache Project, Mozilla Board member, CTO of the World Economic Forum) and Tim O’Reilly (founder of O’Reilly Media) • Multiple Acquisitions along the way (VA Software, Danube, Codesion) • Primary product today is called TeamForge and is built on top of Subversion • 10,000 companies use our products and services2 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    3. 3. Compliance is Top of Mind“ To become a mainstream methodology, Agile had to overcome many potential obstacles. The first was geography…One of today’s most daunting obstacles is compliance, often bringing heavyweight documentation, required procedures that are very waterfall-ish, complex ” approval workflows, and complicated approval processes. July 2011 Forrester Research, Inc. “Compliance Is A Hurdle, Not A Barrier, To Agile” Tom Grant, PhD3 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    4. 4. Quotes from Govt“ Agile is not just a method or a process, it’s a way of being. You don’t do Agile. You are Agile. The FBI has arranged to load their ScrumMaster to other teams to get them trained. Increased Transparency has kept stakeholders in sync. Further, stakeholders would modify their expectations, based on the increased visibility of the process. Jack Israel, CTO FBI ” With no significant bugs reported…operation nearly flawless – a stunning and an unpredicted success. What are the implications for failing IT programs across government? Roger Baker, CIO VA4 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    5. 5. Agenda1. Market Overview2. How do your teams want to work?3. Problem Statement4. Hands on Exercise5. Case Study6. BYO Org Patterns7. Closing http://bit.ly/SWAwlH5 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    6. 6. market trends 40% 35% 30% 25% 20% 15% Regulated 10% Unregulated 5% 0% Source: Forrester/Dr. Dobb’s Global Developer Technographics® Survey, Q3 20106 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    7. 7. How does your team want to work?Your developers want to collaborate and be part of a communityInner-source (Corporate Open Source) – Transparency (breeds trust which drives reuse) – Workspaces and Wikis (Federated)“ Wiki is the oldest and simplest software that lets a community of strangers work together to build something of ” surprising and lasting value. Ward Cunningham Inventor of the Wiki Sent to Laz via LinkedIn in March 20137 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    8. 8. Building a Community Architecture“ 30% of developers who work in regulated industries contribute to open source projects “ The real difference between developers in the most regulated and less-regulated industries ” lies in their reasons for contributing to open during their free time. source…developers in more-regulated teams see open source as an outlet for what they may not get from a more-regimented workplace: opportunities for collaboration ” and a personal sense of accomplishment. Both Quotes from this slide come from: July 2011 Forrester Research, Inc. “App Dev Teams Dispel The Compliance Boogeyman” Tom Grant, PhD8 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    9. 9. Thought Leader Perspective“ Autonomy over ” time, task, team, technique led to 20% time at some of the most innovative companies in the world. 2009 TED Conference Dan Pink “These lessons are worth repeating, and if more companies feel emboldened to follow Mr. In Drive, Dan Pink examines the three Pinks advice, then so much elements of true motivation— the better.” Wall Street Journal “Pink is rapidly acquiring international guru status… He is an engaging writer, who challenges and provokes.” Financial Times9 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    10. 10. How we want to work vs. How we have to work vs. http://bit.ly/X9xvwD http://bit.ly/VMaMHu10 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    11. 11. Problem Space Can values from Scrum and Open Source work within a Heavily Regulated Industry?11 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    12. 12. Compliance is complex • Ever changing • More scrutiny due to Sept 2008 crash and general ‘anger’ at Wall Street (e.g. Occupy Movement) • Many faces, although for financial vertical Singapore is emerging as a leader (strategic) • Not familiar with internal corporate vernacular, culture, or even software development12 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    13. 13. Singapore – emerging standard • Singapore sees compliance as a strategic differentiator and Singaporeans have taken a very taken a very hard position within the banking industry. As such, they are now seen as the international standard. • Complex set of cross-border rules that can be contradictory, incomplete, or vague • Have seen this in other industries (e.g. Postal) – Customs is where the most senior people from DHL, FedEx, UPS sit13 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    14. 14. Visual Problem Statement Dev Teams • 6 cross functional teams of 8 people (split between NJ, Silicon Valley and Kiev) • 2 Backlogs • 6 Product Owners, 1 Uber - PO (based in London) • 2 Compliance Officer (based in Singapore and NYC) • 2 external compliance mandates (overlapping jurisdictions, e,g, MAS Compliance and FSOC) Uber PO Officers14 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    15. 15. Drill Down“ Undoubtedly, the Dodd-Frank bill has driven the biggest risk management changes for banks; Dodd-Frank’s 2,300-plus pages contain hundreds of new rules and spell out dozens of studies and reports that regulators are required to conduct. But many of the law’s new ” regulations have yet to be implemented or, in some cases, still remain undefined. And many of the new rules dont have a set implementation date. Dec 2011 Compliance Doesnt Have to Be Painful for Banks Bank Systems & Technology Bryan Yurcan15 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    16. 16. Our BHAG (big hairy audacious goal) • Agility and Compliance not only co-exist but thrive when used together • What is interesting and worth pointing out as a paradox is that compliance is seen as a negative. Yet companies that invest in process regardless of government requirements are always the better and more profitable organizations.16 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    17. 17. Exercise #117 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    18. 18. Exercise: Navigate Amorphous Compliance Issue Please read scenarios and discuss (12 mins)18 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    19. 19. Exercise: Navigate Amorphous Compliance Issue Feedback (6 mins)19 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    20. 20. Case Study20 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    21. 21. Case Studies from 2013 • On Feb 24, options market maker Ronin Capital injected more than 30,000 mispriced quotes into the NYSE Amex exchange. (http://bit.ly/Vsgdih) • On March 23, the BATS Exchange, handling its own IPO traffic on top of other traffic, crashed. (http://bit.ly/Vsgdih) • On May 18, the Facebook IPO had many orders stalled and not executed on the NASDAQ exchange. The Union Bank of Switzerland, alone, lost more than $350 Million, and curiously Knight Capital lost $35.4 Million in this incident. • On August 1, the Knight Capital Group lost $440 Million by flooding the NYSE with bad orders. (more to follow below) List taken from: http://bit.ly/VMqwu221 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    22. 22. Organizational Patterns What are we seeing to help us down this pathway?22 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    23. 23. Organizational Issues Use the Retrospective Meeting to introduce evolutionary changes to process. In this case, use the retro to introduce new compliance requirements into workflow and the backlog. Option One: (a) Let the teams roll out their own, using potentially disastrous self discovery / learning exercises Knight Capital’s stock dropped more Risks than 24% Monday to close at $3.07 Huge financial losses following the announcement of the deal [rescue package]. The new investment will severely cut into the value of existing shareholders’ stakes. http://cnnmon.ie/XKAhqZ23 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    24. 24. Organizational Patterns Use the Retrospective Meeting to introduce evolutionary changes to process. In this case, use the retro to introduce new compliance requirements into workflow and the backlog. http://bit.ly/UvpGmk Option Two: (a) “Mandate changes” from the Uber PO and Compliance Officer Risks: What team self-organization?24 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    25. 25. Organizational Patterns Use the Retrospective Meeting to introduce evolutionary changes to process. In this case, use the retro to introduce new compliance requirements into workflow and the backlog. Option Three (a) Automate Changes using workflow automation tools and Team picks up changes passively. Risks: Give up on the notion of Team Learning25 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    26. 26. Exercise: Build Your Own Organizational Pattern Build Your Own Organizational Pattern Use the handout to uncover your own pattern (15 mins)26 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    27. 27. Exercise: Build Your Own Organizational Pattern Build Your Own Organizational Pattern Share with the group (10 mins)27 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    28. 28. Become the community Submit your Organizational Patterns to: http://ScrumAndCompliance.com/ http://bit.ly/XKG0Pi (FBI Case Study)28 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    29. 29. Three Times More Cost-Effective Instead of a one-size-fits-all solution, we could, for more risk-averse platforms, have a thicker process with more controls; and for platforms that needed to be more agile, we could have a more agile process. Brian Roberson Principal Source: Business Trends Quarterly Barclay’s Global Investors Solution Cost Benefits • Less complicated • More graceful • Easier to administer • Easier to train and use Previous Solution CollabNet29 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    30. 30. © 2013 CollabNet, Inc., All rights reserved. CollabNet is a trademark or registered trademark of CollabNet Inc., in the US Laszlo Szalvay and other countries. All other trademarks, brand names, or VP Worldwide Scrum Business product names belong to their respective holders. Laz@collab.net https://twitter.com/#!/ewok_bbq +1-971-506-7862 http://www.linkedin.com/in/laszloszalvay30 Copyright ©2013 CollabNet, Inc. All Rights Reserved.
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×