To many organizations, compliance is an essential part of operations. It’s important that the employees follow the laws, regulations, and standards as they are following their everyday processes and building large solutions.
Many of these organizations which include medical devices, automobiles, banking and financial services, and defense, are looking to adopt and/or scale agile programs with the goal of introducing best practices to be a lean organization all while staying compliant. Many enterprises are subject to other regulations, such as, ASPICE, HIPAA, ISO 26262, CMMI, IEC 61508, that require similar attention and audits to ensure compliance.
Historically, organizations operating under such regulations have relied on comprehensive quality management systems (QMS). Continually addressing compliance concerns is one of the eight practices of SAFe’s Business Solution and Lean Systems competency.
Unfortunately, many QMS systems are heavily influenced by traditional phase-gated waterfall methods. This makes it harder or even impossible for organizations to adopt new methods such as agile because they are used to the way they are working and don’t want to change that. On the right, you will see how SAFe describes an incremental approach to both development and compliance.