Can SRE Bring Governance and Compliance into the Future?

We are about 15 years into the DevOps revolution. And yet silos still stand tall. Especially around important departments that protect your organization from getting in real trouble.

Mario Platt, as both Chief Information Security Officer at Broadlight Global and a security consultant, wants to break down another of those barriers. This time between governance, risk and compliance (GRC) and engineering. His talk at WTF is SRE last month, in the DevSecOps track, was a plea to Site Reliability Engineering (SREs) professionals to take up the role as mediators to bridge this divide.

The SRE, he argues, is perfectly suited to better align the view of work imagined by governance, risk management and compliance policymakers with the operational reality of engineering teams. And SREs are in the right sociotechnical position to filter, propagate and automate much of these GRC and security best practices.

Uniting these two powerful but very different departments is the next step toward becoming a high-performing DevOps organization.

Leave a Comment