Software development governance is concerned with establishing standards and control mechanisms to enable practioners in a development organization to carry out their roles and responsibilities while building or maintaining software development programs. A software development governance framework should not only facilitate the creation of processes that may act as a guide for project teams based on accumulated best practices from experience, but it should also serve to ensure that essential procedures have been followed. Therefore any serious attempt to establish a sustainable software development governance framework needs to build or reinforce these three key pillars: establishing and declaring software development processes, automating the enforcement of governance processes, institutionalization of compliance best practices so that teams are empowered to take corrective action earlier rather than discovering problems later where penalties may result.

When we started researching the current literature and tooling to help us understand the current state of art we were unable to find a single resource that elaborated how to transition from theory to practice. This has made us start work on a whitepaper that would dig deeper while giving an implementation model for software development governance. In this paper we aim to describe how it is possible to deploy a software governance framework including its automated compliance using a collaborative development environment. We use Microsoft’s Visual Studio Team System (VSTS) to illustrate and give a practical recipe for achieving governance automation. After talking about setting up a governance process architecture we guide you through the steps needed to achieve a comprehensive, continuous detection and validation of process enactment and out-of-compliance events. To that end, we also plan to include an implementation reference model which can act as a base for your own specific implementation. By installing an automated governance infrastructure, preparing for internal and external audits requires fewer people and less effort.

I will surely blog about this again when the whitepaper is publicly available.

This entry was posted on Thursday, September 27th, 2007 at 5:12 pm and is filed under General, Processes & Methodologies. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.