Many organizations often get stymied when dealing with information security, compliance, and audit requirements. There seems to be a misconception that DevOps practices won’t work in organizations which are under SOX or PCI regulations.

In this 2015 Forum paper, seven experts provide high-level guidance on three major concerns about DevOps Practices: DevOps and Change Control, DevOps and Security, DevOps and Separation of Duties.