icon-carat-right menu search cmu-wordmark

Revelations from an Agile and DevSecOps Transformation in a Large Organization: An Experiential Case Study

White Paper
This paper presents lessons and insights from observing a software development effort for a large, well-funded, and highly regulated program that adopted Agile and DevSecOps principles during 12 months of software development.
Publisher

Software Engineering Institute

DOI (Digital Object Identifier)
10.1145/3529320.3529

Abstract

This paper presents the lessons learned, and the observations and insights gained, from observing a software development effort for a large, well-funded, and highly regulated program that adopted Agile and DevSecOps principles during a 12-month period of iterative software development. The program was originally set up to use the waterfall software development approach with a traditional earned value (EV) scheme. It completed several iterations of development using this structure. The program then shifted to using a combination of Agile and DevSecOps. In this paper, we describe challenges encountered during this transition that inhibited realization of some of the benefits associated with Agile and DevSecOps. Largely, these challenges were a result of poor planning, engineering, and communication. We present this advisory account to others undertaking similar DevSecOps and Agile transitions, particularly in large organizations, so that they may better strategize and prepare methods to diminish similar shortcomings and increase the odds of a successful transition.