Conference Presentations

IT Governance and Compliance in an Agile World
Slideshow

Establishing IT governance and compliance practices is essential for organizations that have regulatory or audit requirements. The good news is that you can be agile and still comply with Sarbanes-Oxley, CFR 21, HIPAA, and other regulatory imperatives. Done well, IT controls actually help you improve both productivity and quality. Bob Aiello describes how to implement IT controls in frameworks such as ISACA Cobit and ITIL v3 that many regulatory frameworks require-while maintaining agile practices. Bob's guidance includes specific examples of establishing IT controls: separation of duties, work-item to change-set traceability, physical and functional configuration audits, and more. Bob explains how these practices help government, defense, and corporations scale agile practices where audit and regulatory compliance is a must.

Bob Aiello, CM Best Practices Consulting
Ready and Fit: Adopting Agile in Highly Regulated Environments
Slideshow

If you live and work in a highly regulated environment (HRE)-medical devices, DoD and its contractors, nuclear energy, or other life-critical systems-this session is for you. For the past three years, the SEI has been researching agile and lean adoptions in the US Department of Defense. Suzanne Miller presents the organizational and cultural factors they identified as most important for development organizations to demonstrate when embarking on an agile adoption program. In the SEI's technology transition research, Suzanne and her team found that the more closely an organization meets the readiness and fit criteria, the more likely it is that the adoption will succeed. Suzanne discusses the risks and challenges that agile adoption presents to HREs, and presents ways to mitigate risks and overcome challenges.

Suzanne Miller, Software Engineering Institute
Implementing Agile in an FDA-regulated Environment

While many industries have adopted agile, the medical device industry, which develops products for life-critical applications-where quality and reliability are clearly a top-priority, remains largely stuck under the “waterfall.” Medical device firms must comply with FDA regulations that overwhelmingly suggest a controlled, phase-gated approach to software development. Unfortunately, many companies and development organizations interpret FDA regulations to require a steep waterfall. Many industry long-timers incorrectly see agile as an undisciplined style of software development. Neeraj Mainkar demonstrates how those in regulated industries can overcome these and other hurdles. At Neuronetics, he helped implement key elements of agile while fully complying with FDA regulations.

Neeraj Mainkar, Neuronetics
Solid Software: Is it Rocket Science?

While we can't guarantee that our software will never fail, we can take serious steps to reduce the risk. The toughest kind of system to build involves safety-critical software where the reliability requirements are extremely strict-and whose failure puts lives in jeopardy. Shari Lawrence Pfleeger looks at what "solid software" means, and explores ways we can achieve it. She examines solid software within the context of the proposed National Missile Defense System.

Shari Lawrence Pfleeger, Systems/Software, Inc.

CMCrossroads is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.