Agile on the rise: Integrating effective controls into Agile environments

Start adding items to your reading lists:
Save this item to:
This item has been saved to your reading list.

Changing control activities to enable the rise of Agile

As the use of Agile becomes pervasive, all risk, compliance, and assurance executives need to embrace how these highly effective methods can co-exist with effective controls. With a sufficient understanding of the Agile environment and leading controls development practices, risk professionals can take the right steps to integrate controls that protect against risk and non-compliance without compromising much needed agility.

Agile in action - Building controls into the process at a top five healthcare payer

Agile was being rolled out to a subset of applications at a top five healthcare payer. There was a concern that audits may fail once applications or enhancements were promoted to production. Executive leadership took the initiative to ensure controls were being built into Agile processes.

  • A gap analysis was performed against the expectation of SOX, Internal Audit, SOC, Security, and other regulatory requirements
  • Control gaps that were identified were closed and controls training performed 
  • As Agile scaled compliance with the controls framework was limited due to lack of awareness, awareness training and communication was undertaken to promote the importance of adherence to the controls framework
  • Ongoing monitoring was then established to help drive compliance with the controls 
  • Better integration with the DevOps teams was promoted, as DevOps was seen as key to maximizing the benefits from Agile

How we can help

Agile transformations are complex. Successfully designing, adopting and executing an Agile transformation requires significant planning, review and organizational readiness. Here's how we can support your team on this journey:

  • Provide Agile consulting
  • Conduct Agile maturity assessments
  • Perform program and project risk assessments
  • Assess Software Development Life Cycle and Agile methodologies
  • Develop controls frameworks for Agile projects
  • Assess control mechanisms
  • Help risk, compliance, controls and audit functions as they enable Agile teams
  • Provide foundational and in-depth Agile training and ongoing coaching


Contact us

Mike Shipham

Director, PwC US

Matt Bonser

Director, PwC US

Follow us