You are previewing Agile Governance and Audit.
O'Reilly logo
Agile Governance and Audit

Book Description

“There are many things that I liked about this book, in particular the author's ability to energise the (sometimes dry) topics of auditing and software development with entertaining real-life examples and refreshing humour.”

Jamie Lynn Cooke, Agile expert and author of Agile Productivity Unleashed

“The author is an auditor writing about Agile from an expert’s point of view. This brings structure to a methodology which many assume is anarchic and potentially prone to descent into chaos at a moment’s notice ... I can see many organisations using this book as an extra selling/persuasion tool to implement Agile.”

Chris Evans, ITSM Specialist

The Agile auditing challenge

Many auditors are now encountering Agile management methodologies for the first time. In some cases, this can cause problems for the audit process because the methodology is very different from traditional approaches. Aside from the difficulties faced by the auditor, an ineffective audit can have a negative effect on an Agile project by giving a false impression of its progress. It might even harm the final project outcome.

Bridging the gap between Agile teams and Auditors

Written for auditors and Agile managers, Agile Governance and Audit bridges the gap between traditional auditing approaches and the requirements of Agile methodologies. It provides an overview of Agile for auditors and other risk professionals who have not encountered the approach before. The book also tells Agile teams what auditors and risk professionals need, and the sort of questions they are likely to ask.

Essential reading for anyone involved in an Agile audit

Each chapter includes hints and tips for auditors, and a selection of case studies is included to illustrate the practical issues involved in auditing Agile projects. This makes it an ideal book for any auditor encountering the Agile methodology, and any Agile teams preparing for a management audit.

This book will enable you to:

  • understand the principles of Agile
  • appreciate how it might be effectively audited
  • improve communication between the auditor and the Agile team.
  • Read this book to understand how to get the most out of Agile audits, whatever your role.

    About the Author

    A qualified accountant, Certified Information Systems Auditor (CISA) and Certified ScrumMaster™, Chris Wright has over 30 years’ experience of providing financial and IT advisory and risk management services. He worked for 16 years at KPMG where he managed a number of major IS audit and risk assignments.

    Table of Contents

    1. Cover
    2. Title
    3. Copyright
    4. Foreword
    5. Preface
    6. About The Author
    7. Acknowledgements
    8. Contents
    9. Chapter 1: Introduction to Agile
      1. Overview
      2. Agile’s history
      3. Agile definition
      4. Agile Manifesto
      5. Agile principles
      6. Three pillars of control
      7. Agile software development models
      8. Conclusion
    10. Chapter 2: Agile Versus Waterfall
      1. Overview
      2. Comparing Agile with waterfall
      3. How to audit Agile/waterfall decision
      4. Conclusion
    11. Chapter 3: Why Doesn’t My Auditor/Agile Project Team Understand Me?
      1. Overview
      2. Audit and Agile cultures
      3. How can we have a successful audit?
      4. Conclusion
    12. Chapter 4: Project Initiation and Risk Assessment
      1. Overview
      2. Project initiation
      3. Risk assessment
      4. How to audit project initiation
      5. Conclusion
    13. Chapter 5: Case Study PID & Risk Assessment
      1. Overview
      2. Case Study – extract of Project Initiation Document
      3. Suggested response
    14. Chapter 6: High-level Requirements.
      1. Overview
      2. Gathering of requirements
      3. Including controls in requirements
      4. How to audit requirements gathering
      5. Conclusion
    15. Chapter 7: Case Study for High-level Requirements
      1. Overview
      2. Case study extract of requirements
      3. Suggested response
    16. Chapter 8: Building and Testing
      1. Overview
      2. Build phase
      3. Testing phase
      4. How to audit build and testing phases
      5. Conclusion
    17. Chapter 9: Handover to the Business
      1. Overview
      2. Release management
      3. Business readiness
      4. IT readiness
      5. Controls readiness
      6. Auditing business handover
      7. Conclusion
    18. Chapter 10: Documentation for Governance and Audit
      1. Overview
      2. Agile governance objectives and principles
      3. Governance documentation
      4. Audit of Agile governance
      5. Conclusion
    19. Chapter 11: Top Tips to Take-away
    20. Further Resources
    21. ITG Resources