The Misunderstood Troll - A compliance and audit fairy tale

The Misunderstood Troll - A compliance and audit fairy tale

Sep 8, 2023

Who likes software audits? nobody! Meetings? bah. Paperwork? oh no, being eaten? Definitely not!

Dive into a whimsical re-imagining of the change management process by Alex Kantor. Based on Alex's talk at Exploring DevOps, security, audit compliance event in Oslo.

Discover how the people of land of Paymoria made its epic quest as an engineering driven start up by avoiding paperwork, meetings and automated its change management process and discovered that they could ship faster and build more with Kosli!

In Paymoria, there lived a grumpy and evil troll named Tore. Tore would periodically emerge from his hiding spot in Auditus, demanding evidence of compliance processes and threatening to devour anyone who failed to comply. Naturally, the good folks of Paymoria were constantly on guard against this cantankerous creature.

Nobody likes being eaten, but what made matters worse was the tedious and mind-numbing task of copying and pasting evidence into endless word documents to satisfy the troll's insatiable appetite. This tiresome ordeal was not unique to Paymoria—it plagued many distant lands where countless processes were created to appease and protect against trolls.

As time passed, these processes were implemented across different realms without anyone daring to question their purpose. It was always the same refrain: "Don't get eaten by the trolls!" One such process was the segregation of duty, where builders passed their work to deployers, who would then meticulously check every step before seeking approval for deployment. Although necessary for the troll's scrutiny, this arduous process significantly hindered the swift delivery of value to the kingdom and its connected lands.

But then, a courageous Deployment Manager approached the King of Technology with a bold question: "Is this process truly necessary?" The King, accustomed to simply avoiding the troll, had never pondered the value of these age-old procedures. However, as Paymoria expanded and deployment demands increased, the inefficiency of the process became glaringly apparent.

Enter Kosli, offering the promise of a warm, fuzzy feeling and a solution to streamline the evidence-gathering process. No more mindless copying and pasting—just a smooth flow of information that would satisfy the troll while sparing the team from potential consumption.

Empowered by this revelation, the King and the Deployment Manager embarked on a brave journey to Auditus, where they approached the troll with a proposition. After shedding a few tears, Tore revealed his true intentions—he only wished to be a helpful friend, ensuring everyone's safety without slowing them down.

Realizing their mistake, the King proposed a new way forward. If they could demonstrate that builders couldn't deploy without proper checks and approvals following compliance gates, Tore promised not to impede their progress. And so, after three months of collaboration and leveraging Kosli's magic, the Deployment Manager and their team created a single pane of glass—a comprehensive view for the troll to monitor changes while maintaining control.

Automation took center stage, expediting the approval process and saving countless hours. Builders felt empowered, releasing smaller increments more frequently, and deployers redirected their time toward making impactful improvements across the land.

Through collaboration, curiosity, and the right tools, a happy ending unfolded. So come and join us on this whimsical adventure of compliance and audit, where evil trolls aren't always what they seem!

For more DevOps, Audit and Compliance content:
✅ subscribe to the channel
✅ visit https://www.kosli.com/blog

A massive thank you to Alex's collaboration, to whom this story would't have been possible.

Written and narrated by: Alex Kantor
https://www.linkedin.com/in/alexkantor87/

Illustrated by The Boy Fitz Hammond
https://www.tbfh.com/

Brought to life by Kosli
Creative direction Jonathan Coull
https://www.linkedin.com/in/jonathancoull/

Follow us @
Twitter: https://twitter.com/_kosli
Linkedin: https://www.linkedin.com/company/kosli-dev

Kosli
Visti: https://www.kosli.com/
Email: info@kosli.com

#DevOps #ChangeManagement #AutomateChangeManagement
#SoftwareAudit #audit #evidencegathering #internalaudit #externalaudit #ISO20071 #ContinuousDelivery #ContinuousCompliance #MakeFriendsWithChange

0:00 - Intro

0:19 - Beware the troll

0:24 - The Land of Paymoria

00:48 - Don't get eaten!

01:24 - The compliance process - Segregation of duty

02:38 - The brave Deployment Manager

03:00 - The King of Technology

04:04 - A visitor from a far away land

06:48 - The journey to Auditus

07:40 - The Misunderstood Troll

08:50 - Happily ever after

09:40 - The end