Select Page

Enterprise DevSecOps Assessment with Oteemo

At Oteemo, we specialize in helping organizations adopt DevSecOps successfully and accelerate their cloud-native transformation. Enterprise transformations require us to bring together People, Process, Technology and Culture to realize the best outcomes and ensure success. Our approach to DevSecOps is based on the premise that “DevSecOps is not something you buy, it is something you DO.”

In our experience, enterprises and their IT teams that are on the DevSecOps transformation journey fall within the following two categories when it comes to the state of that initiative:

In the very early stages of trying to figure out ways to successfully bootstrap DevSecOps. Organization is not aligned on basic definitions and success criteria for DevSecOps. No such thing as DevSecOps Roadmap exists.

Made progress with DevSecOps in the initial stages, implemented a successful pilot but are struggling to scale the DevSecOps practices that made the pilot successful.

Based on our extensive experience in implementing enterprise-scale DevSecOps, Oteemo has realized that the single biggest factor that leads to unsuccessful DevSecOps implementations is a lack of shared understanding of DevSecOps and what it means for your organization. DevSecOps as a buzzword has grown so much in popularity that it means many different things to many different people. So the question becomes: “How do we ensure alignment within the organization when it comes to our approach and move the organization in the right direction to successfully adopt these practices?”

To clearly articulate our approach to DevSecOps, we have built and standardized our DevSecOps Functional Model. The framework provides structure and guidance on how to accelerate and fine-tune DevSecOps initiatives to ensure a successful DevSecOps transformation. It is our belief that the IT function should not be a cost center but rather an enabler of the business within your organization and our approach ensures that outcome. Our DevSecOps Functional Model cuts across the enterprise functions or domains depicted in the graphic below. Security is a core capability of our framework that is embedded in all disciplines and is not treated as a stand-alone function in and by itself.
DevSecOps

Oteemo can bring that same acceleration to your company through our comprehensive DevSecOps assessment designed to discover, document and educate your staff to create a shared understanding and approach for DevSecOps.

The assessment focuses on the six core areas found in our DevSecOps Functional Model. Our teams will engage with the critical members of your organization through interviews, whiteboarding sessions and documentation reviews to understand your software delivery supply chain and identify how and where DevOps practices should be implemented. We begin each assessment by working through our standardized DevSecOps Maturity Model and then dive deeper into the custom needs of your organization by working directly with your key stakeholders in the software delivery supply chain. Oteemo’s DevSecOps Assessment typically lasts anywhere between four and six weeks with the following deliverables at the end of the engagement:

  • Current State Assessment Report – Comprehensive current state assessment of DevSecOps practices detailing findings, gaps, areas of improvements and recommended remediations.
  • DevSecOps Maturity Model– We will work with you to identify your current landing zone in DevSecOps maturity as well as identify the target zone for your enterprise within a few time periods.
  • Refined DevSecOps Goals– Customized DevSecOps goals focused on your organization’s DevSecOps maturity and vision. Using our proven DevSecOps Maturity Model, we will work with your teams to capture where you are today and help define your goals and objectives based on where you would like to be in the maturity model.
  • DevSecOps Roadmap – Detailed roadmap with concrete steps to achieve the goals and remediate any findings from the assessment.

Get Started with Your DevSecOps Assessment Now