DeveloperWeek Europe 2021 DeveloperWeek Europe 2021
Get your ticket or log in to build your agenda.

OPEN TALK: What Developers Can Do Now To Survive Their Next Compliance Audit

OPEN Stage
Join on Hopin

Alex Jones
Cobalt, IT Manager

Alex Jones is an Information Security professional with extensive background in media, audio and communications. He is currently the Information Security Manager at, the leading Pentest as a Service provider, where he leads Cobalt’s security program. Prior to joining Cobalt Alex led security and compliance teams at Hudson’s Bay Company, Gainsight, Express Scripts and Cognizant.

Security and development teams might not have a lot in common, but there's always a collective sigh of relief when a difficult compliance audit ends. Auditors for SOC 2, ISO 27001 — or really, any framework — will inevitably pull your developers into providing evidence, explaining vague processes, and correcting identified issues. If both teams don't start following best practices well before the audit begins, it sidetracks roadmaps and hurts your ability to deliver on business-critical projects.
So what can development leads do now to minimize disruption later? What changes can your team start already, and what items should you be expecting from your security colleagues? I'll aim to answer both these questions, pulling from 8+ years of experience in leading security teams through compliance audits across a variety of business sizes and industries.