Clarissa Lucas and Bill Bensing interview Justin Reock about Developer Productivity Engineering (DPE) and its role in auditing and governance. They discuss the importance of measuring engineering productivity, observing the value stream, and identifying bottlenecks and impediments to productivity. They also explore the concept of proactive risk management and the need for partnership between developers and auditors. The conversation highlights the challenges of breaking silos and the potential for DPE to reduce developer toil and improve overall software quality. They conclude by reframing auditing as a way to fight cyber criminals and protect against exploitation. The conversation explores the intersection of auditing, governance, risk, and compliance (GRC) with the tech industry. It highlights the need for empathy, partnership, and bridging the gap between developers and auditors. The toxic mentality in the tech industry is also discussed.Follow Justin:LinkedIn - https://www.linkedin.com/in/justinreock/ X (Twitter) - https://twitter.com/jreockTakeawaysDeveloper Productivity Engineering (DPE) focuses on measuring engineering productivity and addressing pain points in the software development process.DPE involves observing the value stream, identifying bottlenecks, and applying technology solutions to improve developer productivity.Proactive risk management is an important aspect of DPE, allowing organizations to prevent issues before they become problems.Partnership between developers and auditors is crucial for effective DPE, breaking down silos and leveraging each other's expertise.Reframing auditing as fighting cyber criminals can help developers see the value of auditing and governance in protecting against exploitation. There are commonalities and opportunities for collaboration between the auditing/GRC and tech industries.Empathy, vulnerability, and partnership are essential for effective auditing and GRC.Developers can bridge the gap with auditors by framing conversations as part of a fuller responsibility and recognizing the limitations of software solutions.The tech industry should overcome the toxic mentality of thinking they can solve every problem and instead embrace teamwork and collaboration.Chapters00:00 Introduction and Overview01:16 Developer Productivity Engineering (DPE)03:23 Developer Productivity Engineering (DPE) and Governance and the Value Stream04:49 The Importance of the Build System05:42 Developer Productivity Engineering (DPE) and Governance07:49 Proactive Risk Management09:03 Partnership between Developers and Auditors09:56 The Role of Auditors in Developer Productivity Engineering (DPE)11:29 The Challenge of Breaking Silos21:53 The Divide between Developers and Other Departments27:59 Reducing the Negative Side Effects of Unrestricted Development28:24 The Role of Automation in Auditing31:24 Reducing Developer Toil through Developer Productivity Engineering (DPE)34:09 Partnership and Breaking Down Silos39:07 Reframing Auditing as Fighting Cyber Criminals40:58 Exploring the Complexity of Auditing and Governance, Risk, and Compliance (GRC)42:16 Empathy and Partnership in Auditing and  Governance, Risk, and Compliance (GRC)43:11 Bridging the Gap between Developers and Auditors43:40 Overcoming the Toxic Mentality in the Tech Industry44:40 Outro & Follow Justin

Ver todos los episodios