Subscribe to our 0800-DEVOPS Newsletter

    Get in touch

    Not sure where to start? Let our experts guide you. Send us your query through this contact form.






      Get in touch

      Contact us for all inquiries regarding services and general information






        Use the form below to apply for course





          Get in touch

          Contact us for all inquiries regarding services and general information






          0800-DEVOPS #46

          Auditing with agility with Clarissa Lucas

          clock6 minute read

          A newsletter that started as a personal learning and getting-in-touch project by Ivan Krnic grew into a sociotechnical newsletter covering topics of technical excellence, organizational improvements, and productivity.

          Auditors are friends

          Development teams in highly-regulated industries have a “hard time” dealing with auditors, those problematic people that, in developers’ minds, don’t understand the technology or the project context. They appear when you expect them the least and ask difficult questions.

          It doesn’t have to be that way! When auditors are part of the team (or at least close to the team!), they can participate in designing the controls that ensure that all organizational policies and guidelines are followed.

          Participating in the software delivery process, auditors can get familiar with the technology and adapt policies so the whole organization can leverage that technology to shorten time-to-market and reduce human effort while keeping high standards. Listen to my conversation with Clarissa Lucas sharing her experience as an auditor working closely with development teams.

          Auditors are an excellent example of “shifting left” a non-technical role. Do you have similar examples? Let me know!

          Interview of the Month

          Auditing with agility with Clarissa Lucas

          Auditing with agility with Clarissa Lucas

          Clarissa Lucas is IT Audit Director, speaker, and book author. I loved talking to her because, for most of my professional career, I was dealing with the technical aspects of delivering software solutions. And I remember many times I was freaking out because I saw that “we”, the technical people, and “they”, the non-technical people, were not aligned on how we delivered software. Clarissa comes from that other side of the fence and is working hard to achieve the alignment of delivery and audit. We talked about auditing with agility and tearing down the fence between delivery teams and auditors.

          QED 2023 conference

          We’re back in Zadar for another QED conference!

          Our keynote speaker will be Kelsey Hightower, Distinguished Engineer at Google Cloud, and we’ll talk about the value technology brings to the table! Register here and join us!

          DevOps Quiz

          Mini quiz

          What do you say?

          Auditors are your...

          View Results

          DevOps Quiz

          Hand picked

          What Are Cloud-Bound Applications?Bilgin Ibryam describes the evolution of cloud-native context characterized by the cloud addressing both infrastructure and application layer needs. Looking at your application, you will literally not know where (one) cloud begins, and (another) cloud ends.

          Thousands of Popular Websites See What You Type—Before You Hit SubmitIf you thought you could write whatever you wanted in website forms before you hit submit, think again. Lily Hay Newman shares the results of a study: a surprising number of websites capture your data as you type it, even before you hit Submit.

          What you give up when moving into engineering management – Engineering management is excellent, but people sometimes don’t appreciate the trade-offs they will need to make. If you’re considering this role, Karl Hughes shares some of the things you’ll need to give up to succeed.

          The Brutal Truth: Developer Experience Challenges in Non-Tech EnterprisesBMK shares his view on challenges that non-tech enterprises have in achieving positive developer experience.

          Read with us

          Read with us

          Beyond Agile Auditing: Three Core Components to Revolutionize Your Internal Audit Practices

          link Get the book

          Clarissa’s book will be released in Spring 2023. Listen to our conversation as a sneak preview of the good advice you can get from the book.

          If you’re interested in integrating the audit function, as well as other non-technical functions, in your software delivery process, Clarissa has you covered. Her experience as a non-technical person living the mindset of progressive technical organizations is gold.

          Header photo by ian dooley on Unsplash

          DevOps articles delivered monthly.







            Ivan Krnić

            Ivan is Director of Engineering at CROZ, 🎙0800-DEVOPS podcast host and O'Reilly author contributing to "97 Things Every Cloud Engineer Should Know". His special areas of interest cover DevOps culture, sociotechnical nature of software delivery and cloud native architectures. Particularly interested in leadership and organizational change, he is helping organizations align business and tech, focus their efforts, and essentially work smarter, not harder. You can follow him on Twitter as @ikrnic.

              DevOps articles delivered monthly.