DevOps Org Requirements

a cheatsheet for all of us

Posted by Cads on 13th Jun 2017

This cheatsheet is shamelessly cribbed, reworded and tweaked from for 2016

Organizational Criteria for DevOps:

Continuous Integration
Deployment Automation
Collaborative Culture
Automated Infrastructure
Strong Monitoring of Applications
Strong Monitoring of Infrastructure
WIP Limits are set
Tests are Automated
Version Control used for all Code Changes
Key quality and productivity metrics are published and visible

Release and Operations Characteristics:

Deployments should be onDemand - multiple times a day
Keep Metrics on degradation and hotfix/rollback/patch etc
Impairment to be solved in less than 1 hour max
Code commit to production should be as fast as possible (depends on pipeline)
Metrics on Rework/Unplanned, New Work, Remediation of Security, User Defects, Onboarding

Operations and Engineering Goals:

Do Not fear deployments
Deployments should not be disruptive
Deployments should be easy and pain-free

Team Characteristics:

Team Seeks Information
Messengers are protected
Share Responsibilities
Collborate and reward collaboration (cross functional as well)
Failure causes inquiry
Welcome new ideas
Failures are seen as an opportunity to improve

Team Member Characteristics:

Take risks and be vulnerable in front of team members
High Quality on Time!
Clarify roles, plans and goals
Work has to matter to you and create change!

Product Management Requirements:

Features to be sliced to allow frequent production releases
Features to be decomposed to allow for work to complete in < Week
Features to be decomposed to allow for MVP

Visibility into how products or features move through the biz from idea to customer
Visibility into how products or features move through dev from idea to customer
Dashboards to show flow of products and features through the process
Info on the flow should be readily available.

Customer Feedback Loop Characteristics:

Customer Satisfaction metrics to be gathered regularly
Customer feedback on feature quality to be prioritized
Actively seek out cusatomer feedback on quality of products and features
Use this info to inform the design of products and features

Security Considerations:

Make Security and Compliance a priority
Review Security on all major features of the application
Ensure that this review process is as frictionless as possible
Allow Info Security to have input into design
Test Security in the Auto Test Suite
Infosec attends demos and provides feedback
Integrate Infosec into the daily work of the SDLC
InfoSec should make tools and processes to enable Dev and Ops to function well