(Is there) A Model For "scaled/governed" DevOps?

Paul Wilford

Published Feb 27, 2018

So we have a talented team who can automate stuff. We have an Organisation that 'gets it'. We have the ability to flex compute power in ways never previously thought possible. We recently reviewed the impact of our process automation on our 3rd line Operations team, and in a large project we can see that out of around 450 logged tickets in 6 months, only 3 have ended up with IT Operations teams; so, in a round about kind of way, we have sort of proven that the DevOps model can work.

But, we are in a regulated industry. This means we also have some nagging problems from compliance, audit, GDPR/New York Cyber, Finance, and doubtless there are others. Some of these 'nagging problems' offer up the opportunity to expose the Organisation to significant financial and reputational risk.

Our Business people understand the risks, our Developers understand development, our IT Operations team offer some middle ground to bridge the gap between the two. So that leaves a question... Should we go for:

Option (1) a pure model, where Business people communicate openly and freely with a Developers in order to articulate the risk and value.
Option (2) to capitalise on the skills of our IT Operations team to smooth the road ahead?

If we go with option (1), I can foresee much contention within the Business about priorities, the Delivery team aren't well placed to arbitrate on these affairs, meaning exciting new stuff is likely to win out, at least until the first eye watering fine lands. Then things may swing almost too far the other way.

If we go with option (2), we have higher overheads in our model, and those centre on people who offer an interesting counterbalance to the (potentially dangerous) enthusiasm of the Business and the Delivery teams. This can be seen as change resistance, BUT, I don't think it should be dismissed as such. We also have the challenge of centralising a shared service for governance, which sounds frightening to an Agilist

Here is what I think we should do:

In this model:

The Delivery team get what they want, when they want it - subject to governance restrictions
The Business doesn't have to fear change, as the Operational considerations are still getting focus
IT Operations need to skill up on the automation being deployed by Delivery teams, it will be the only way for them to keep up
IT Operations as a function may need Development capability in order to keep an eye on shared capabilities

To view or add a comment, sign in

(Is there) A Model For "scaled/governed" DevOps?

Paul Wilford

More articles by Paul Wilford

Others also viewed

The Evolution of Ops: Navigating the Paths of DevOps, DevSecOps, and MLOps

PCI DSS and DevOps: How to Embed Compliance into CI/CD Without Slowing Down IT

DevOps and Security: How to Strike the Right Balance

AI Won't Take Your DevOps Job. It Will Take the 80% You Hate.

DevOps Team Lead

Automating Security Compliance with GitOps & Policy as Code

The Future of DevOps & IT Strategy in 2025: Key Trends & Predictions

DevOps - Words are Important, so is Security

DevSecOps Vs DevOps: What Every Cloud Engineer Needs to Know in 2025

Explore content categories