It didn’t all change in March 2020. Not really. The UK high street has been in the throes of a gradual revolution for decades. From the rise of ecommerce, to the birth of mobile, social commerce, and a growing emphasis on experience, change has been underway for a while. In fact for many, the pandemic has acted as a wake-up call. Digital transformation was no longer a ‘nice to have’ but a matter of survival. Necessity sparked innovation and customers are enjoying more flexibility and conveni ...
…
continue reading
İçerik AgileThought and Dan Neumann at AgileThought tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan AgileThought and Dan Neumann at AgileThought veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
Agile Coaches' Corner benzeri
The Village Global podcast takes you inside the world of venture capital and technology, featuring enlightening interviews with entrepreneurs, investors and tech industry leaders. Learn more at www.villageglobal.vc.
…
continue reading
Ever wondered what makes great go-to-market leaders grow, even when the going gets tough? We have, too. And we’re on a mission to uncover the magic that makes that growth happen. This is Go-to-Market Magic, the show where we talk to go-to-market leaders and visionaries about the “aha!” moments they experience and the pivotal decisions they’ve made, all in the name of growth. And we’re not just talking about revenue growth that goes up and to the right — we’ll also discuss how they improve th ...
…
continue reading
The Partnership Economy explores the power of partnerships through candid conversations and stories with industry leaders. Our hosts, David A. Yovanno, CEO and Todd Crawford, Co-founder, of impact.com, unpack the future of partnerships as a lever for scale and an opportunity to put the consumer first.
…
continue reading
Bitcoin groundbreakers share personal stories of how Bitcoin is changing lives for the better. Host Mauricio Di Bartolomeo, co-founder and CSO of Ledn, speaks with leading Bitcoin voices, entrepreneurs, and human rights advocates to hear their unique journey and practical real-world examples of how Bitcoin has made a positive impact in their lives. Brought to you by Ledn, a leading financial services company built for Bitcoin & digital assets. Ledn offers a suite of lending, saving and tradi ...
…
continue reading
Bitcoin pioneer Charlie Shrem peels back the layers on the lives and backgrounds of the world's most impactful innovators. Centering around intimate narratives, Shrem uncovers a detailed, previously unspoken story of the genesis and evolution of bitcoin, cryptocurrency, artificial intelligence, and the web3 movements. Join Shrem as he journeys through the uncharted territories of tech revolutions, revealing the human side of the stories that shaped the digital world we live in today.
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Agile for Humans™ is a weekly podcast dedicated to the individuals and interactions that make agile work. The goal is to help create safe and collaborative working environments where people are empowered to do their best work.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
A bootstrappers podcast for founders, entrepreneurs, visionaries and dreamers who are building businesses from the ground up without the taking on debt or selling equity. Here we cover marketing, sales, organization and mindset issues that matter to you
…
continue reading
Player FM - Podcast Uygulaması
Player FM uygulamasıyla çevrimdışı Player FM !
Player FM uygulamasıyla çevrimdışı Player FM !
))
4 Ways Security People Can Be Involved with Scrum Teams
Manage episode 352807640 series 2481978
İçerik AgileThought and Dan Neumann at AgileThought tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan AgileThought and Dan Neumann at AgileThought veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
In this episode, Eric Landes addresses a question he received while delivering a class on Applying Professional Scrum. The student was a security specialist and was trying to figure out how Scrum teams handle the work needed to maintain security and compliance.
If you are interested in attending Scrum training, check out our public Scrum training courses.
How Does Security Fit into a Scrum Team?When conducting Scrum training, teams ask about different roles and how they fit on a team that only has developer, Scrum Master, and Product Owner accountabilities. It is a valid question, when I introduce the Scrum framework, it can be confusing how current jobs fit into the Scrum framework accountability.
The good news is that the Scrum framework talks about accountabilities, not job descriptions. So, the writers of the Scrum guide understand that existing job roles are not necessarily supplanted by the accountability. But Scrum does say that your Scrum team needs to be able to complete their work to make it potentially shippable. A student asked how it could be shippable without their security group, InfoSec approving this. This specific organization, had to have a security review before any release could make it to production.
How does the Scrum framework handle these organizational constraints? The Scrum guide says "Scrum Teams are cross-functional, meaning the members have all the skills necessary to create value each Sprint." And the Scrum team self-manages to make sure they have the right capabilities for the team.
The Scrum guide is lightweight and not very prescriptive as you have probably noticed. I would answer that question using my experience, letting your team self-manage with this information. Practically speaking here are four ways your team could practice that self-management to help with this question:
- Add someone with security expertise to your team - The team would coordinate with the folks in charge of security to add that skill set to the team. This would involve coordinating when that person would be needed.
- Have someone knowledge transfer with security people - Similar to number one, by having a security expert work with the team for a sprint or two, knowledge transfer can happen. A team member volunteers to learn, the security folks agree on when this can be done, and now your team has someone with the skills to get those security policies implemented. The security Infosec team can now work with other Scrum teams to help them add these skillsets.
- Add security policies to your definition of done - Adding security checks to a team’s Definition of Done might help the team by providing guidance as to what can be done. In combination with 4, this might have the least amount of time spent learning for the team.
- Security gives teams automation to do security checks. - If your security organization is creating automation to validate security issues, your team should use this. So, a conversation or two or more, with the security folks is needed to validate what tools are available for your team. This could be the least intrusive option for your team.
These are 4 options that your team may want to adopt to help with Infosec or security requirements on a Scrum team. Your team may self-manage to a better option for your organization. Discussing what can be done within the team is a great first step!
Want to Learn More or Get in Touch?I’d love to hear what you think. If you have a question or a comment, please email us at podcast@agilethought.com.
For more information on AgileThought's available courses, go to agilethought.com/services/training-certifications. This information is also available on the page of this podcast. Thanks for listening!
From
312 bölüm
Paylaş
Manage episode 352807640 series 2481978
İçerik AgileThought and Dan Neumann at AgileThought tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan AgileThought and Dan Neumann at AgileThought veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
In this episode, Eric Landes addresses a question he received while delivering a class on Applying Professional Scrum. The student was a security specialist and was trying to figure out how Scrum teams handle the work needed to maintain security and compliance.
If you are interested in attending Scrum training, check out our public Scrum training courses.
How Does Security Fit into a Scrum Team?When conducting Scrum training, teams ask about different roles and how they fit on a team that only has developer, Scrum Master, and Product Owner accountabilities. It is a valid question, when I introduce the Scrum framework, it can be confusing how current jobs fit into the Scrum framework accountability.
The good news is that the Scrum framework talks about accountabilities, not job descriptions. So, the writers of the Scrum guide understand that existing job roles are not necessarily supplanted by the accountability. But Scrum does say that your Scrum team needs to be able to complete their work to make it potentially shippable. A student asked how it could be shippable without their security group, InfoSec approving this. This specific organization, had to have a security review before any release could make it to production.
How does the Scrum framework handle these organizational constraints? The Scrum guide says "Scrum Teams are cross-functional, meaning the members have all the skills necessary to create value each Sprint." And the Scrum team self-manages to make sure they have the right capabilities for the team.
The Scrum guide is lightweight and not very prescriptive as you have probably noticed. I would answer that question using my experience, letting your team self-manage with this information. Practically speaking here are four ways your team could practice that self-management to help with this question:
- Add someone with security expertise to your team - The team would coordinate with the folks in charge of security to add that skill set to the team. This would involve coordinating when that person would be needed.
- Have someone knowledge transfer with security people - Similar to number one, by having a security expert work with the team for a sprint or two, knowledge transfer can happen. A team member volunteers to learn, the security folks agree on when this can be done, and now your team has someone with the skills to get those security policies implemented. The security Infosec team can now work with other Scrum teams to help them add these skillsets.
- Add security policies to your definition of done - Adding security checks to a team’s Definition of Done might help the team by providing guidance as to what can be done. In combination with 4, this might have the least amount of time spent learning for the team.
- Security gives teams automation to do security checks. - If your security organization is creating automation to validate security issues, your team should use this. So, a conversation or two or more, with the security folks is needed to validate what tools are available for your team. This could be the least intrusive option for your team.
These are 4 options that your team may want to adopt to help with Infosec or security requirements on a Scrum team. Your team may self-manage to a better option for your organization. Discussing what can be done within the team is a great first step!
Want to Learn More or Get in Touch?I’d love to hear what you think. If you have a question or a comment, please email us at podcast@agilethought.com.
For more information on AgileThought's available courses, go to agilethought.com/services/training-certifications. This information is also available on the page of this podcast. Thanks for listening!
From
312 bölüm
Tüm bölümler
×
Player FM'e Hoş Geldiniz!
Player FM şu anda sizin için internetteki yüksek kalitedeki podcast'leri arıyor. En iyi podcast uygulaması ve Android, iPhone ve internet üzerinde çalışıyor. Aboneliklerinizi cihazlar arasında eş zamanlamak için üye olun.
Agile Coaches' Corner benzeri
It didn’t all change in March 2020. Not really. The UK high street has been in the throes of a gradual revolution for decades. From the rise of ecommerce, to the birth of mobile, social commerce, and a growing emphasis on experience, change has been underway for a while. In fact for many, the pandemic has acted as a wake-up call. Digital transformation was no longer a ‘nice to have’ but a matter of survival. Necessity sparked innovation and customers are enjoying more flexibility and conveni ...
…
continue reading
The Village Global podcast takes you inside the world of venture capital and technology, featuring enlightening interviews with entrepreneurs, investors and tech industry leaders. Learn more at www.villageglobal.vc.
…
continue reading
Ever wondered what makes great go-to-market leaders grow, even when the going gets tough? We have, too. And we’re on a mission to uncover the magic that makes that growth happen. This is Go-to-Market Magic, the show where we talk to go-to-market leaders and visionaries about the “aha!” moments they experience and the pivotal decisions they’ve made, all in the name of growth. And we’re not just talking about revenue growth that goes up and to the right — we’ll also discuss how they improve th ...
…
continue reading
The Partnership Economy explores the power of partnerships through candid conversations and stories with industry leaders. Our hosts, David A. Yovanno, CEO and Todd Crawford, Co-founder, of impact.com, unpack the future of partnerships as a lever for scale and an opportunity to put the consumer first.
…
continue reading
Bitcoin groundbreakers share personal stories of how Bitcoin is changing lives for the better. Host Mauricio Di Bartolomeo, co-founder and CSO of Ledn, speaks with leading Bitcoin voices, entrepreneurs, and human rights advocates to hear their unique journey and practical real-world examples of how Bitcoin has made a positive impact in their lives. Brought to you by Ledn, a leading financial services company built for Bitcoin & digital assets. Ledn offers a suite of lending, saving and tradi ...
…
continue reading
Bitcoin pioneer Charlie Shrem peels back the layers on the lives and backgrounds of the world's most impactful innovators. Centering around intimate narratives, Shrem uncovers a detailed, previously unspoken story of the genesis and evolution of bitcoin, cryptocurrency, artificial intelligence, and the web3 movements. Join Shrem as he journeys through the uncharted territories of tech revolutions, revealing the human side of the stories that shaped the digital world we live in today.
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Agile for Humans™ is a weekly podcast dedicated to the individuals and interactions that make agile work. The goal is to help create safe and collaborative working environments where people are empowered to do their best work.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
A bootstrappers podcast for founders, entrepreneurs, visionaries and dreamers who are building businesses from the ground up without the taking on debt or selling equity. Here we cover marketing, sales, organization and mindset issues that matter to you
…
continue reading
Player FM - Podcast Uygulaması
Player FM uygulamasıyla çevrimdışı Player FM !
Player FM uygulamasıyla çevrimdışı Player FM !
