DevGovOps – Key factors for IT governance for enterprises in a DevOps world

Publish date:

IT governance structures need to be better aligned to the idea economy

Multi-speed and agility are crucial to a competitive advantage in this modern economy, where the smaller players are known to be faster movers (i.e., small startups with disruptive ideas challenging enterprises and industries). Yet why does enterprise IT struggle to deliver at the speed business demands and more importantly at the speed of the customer?

Most large enterprises live by formal IT governance processes. These processes ensure the software delivery and deliverables follow the organization’s standards in terms of architecture, design, security, and reusability. Although these processes are designed to safeguard the business and keep delivery on track, they present a series of hoops to jump through requiring additional time and work for each delivery.

Besides, who hasn’t rolled their eyes when upon seeing governance and DevOps in the same sentence, let alone presented as a portmanteau? There’s no question that governance evokes thoughts such as heavyweight, slow, blocker. This doesn’t align with DevOps, a practice that evokes thoughts of speed and agility.

Progress is less about speed and more about direction

Startups and small agile companies tend to lend themselves well to adopting and maturing DevOps practices. They often have lightweight governance processes that are easy to manage and even easier when automated. Larger enterprises with deeply rooted governance processes and strict rules often take longer but can hugely benefit from DevOps improvements.

Staying within the DevOps paradigm, DevGovOps seeks to embed rightsized governance into DevOps, tailored to your organization and industry landscape. It looks at the application, iteration, and evolution of IT governance in a DevOps environment. If IT governance often determines the speed of IT change, then it can be a force for enabling rapid change or slowing down value delivery.

In some ways, we need to govern IT governance better to ensure we deploy just enough governance at the right time. It sounds superfluous and heavy handed – but to build a thriving DevOps environment you need to reconsider how your products are funded, governed, and compliant with all applicable internal and external policies.

What needs to be considered?

Seek collaboration and partnerships

DevOps succeeds in enterprising and dynamic environments. Thinking about how right-sized your IT controls are against the flexibility you are providing to your DevOps team is key. A partnership and collaborative approach to refining those controls is key.

This partnership means creating parameters with teams so we right-size the amount of freedom to pursue solutions they believe will work. This also means reducing the stringent KCIs (key control indicators) to the point where they are not blockers for change and innovation but facilitators. This ensures balance.

Consider acceptable thresholds and limits to your controls. This could mean empowering teams to use tools they prefer from an approved toolbox or even identifying and standardizing tools without unnecessary approvals.

A “sandbox” of flexible KCIs that allow your DevOps teams have enough wiggle room to experiment and respond to feedback and changing market needs. This enables them to tackle legacy issues that often riddle enterprise transformation.

The best rules are the ones that are invisible and you have to consider how your controls are seamlessly enabling innovation not stifling it.

Drive culture shift

Picking up from the first point, collaboration is not about tools, processes or even shared vision, it’s primarily about people. One of the key barriers to achieving effective DevOps governance is establishing the right collaborative culture.

If your colleagues and partners don’t buy into helping one another then this doesn’t work. Culture often poses the biggest challenge; getting people with different and often conflicting interests to work together is often difficult. Empowering people (not tools or processes) to align to a common vision takes time, effort, and is encouraged greatly by trust. Trust built from showing cross cutting benefit across teams quickly builds confidence.

One way to build confidence is evidencing consistent incremental value internally to the different teams and your organization as well as externally to the customer. This is best achieved via automation.

Being part of your organization’s culture, how can you change to influence the culture?


Automate! Automate! Automate!

Over the last few years, Automation has been a key ingredient for DevOps success –  A view consistently shared in several State of DevOps reports presented by Puppet and DevOps Research and Assessment (DORA). They must be on to something.

While traditional governance frameworks (still) offer value in today’s digital environment, we are often divided between asking for permission (following them religiously and slowing down value delivery) or forgiveness (damning the consequences, delivering value, and negotiating after – often with consequences). One way to circumvent the risks associated with either approach is automation.

Automation helps ensure quality and consistency with changes. For example, if there are visible transparent processes to verify work i.e. automated testing, trust can easily be built. Having control points automated encourages business confidence as there is less variability, less cost but greater visibility of compliance even in remaining manual processes.

Digitally ready, high-performing organizations automate heavily across areas such as configuration management, testing, deployments, and change management. This enables measurement, metrics and monitoring.This leads to more time for innovation, higher rates of collaboration, faster feedback cycles, and greater reliability.

What IT governance controls in your organization, department, platform teams can be automated?

Innovate. Standardize. Innovate. Standardize. – Rinse and repeat

While there are IT governance controls to enable experimentation, learning, and continuous improvement, there is a need to translate that innovation into far reaching benefits across your organization.

Building and standardizing better operational models, workflows and tools on the back of innovation enables enterprise growth faster soon enough. These standard practices tailored to and operationalized within your organization provide consistency and build further trust.

For example, with standardized automated pipelines across products groups we learn faster, shorten feedback loops and identify constraints better. Organizations in turn provide value consistently, strengthen reputation and increase growth quicker.

What else needs to be considered?


Continuous Governance

Once those factors have been considered and are in place, the next step in your IT governance and controls is continuous governance. Derived from the continuous paradigm, i.e. the pillars of the continuous everything model, it is the controlled (read facilitated) enablement of automated IT controls which promotes code across stages of a pipeline.

At the heart of continuous governance is pipelines. They enable the frequent release of secure and high-quality products to customers. Continuous governance defines the principles that can be designed into automated software controls that promote code from one stage of the pipeline to the next.

Build on those factors to integrate continuous governance


When approaching your IT governance consider the above factors to help you understand your organization’s current landscape and how you can start improving overall enterprise agility.

If, as a large enterprise, these factors are not considered, you could well end up delivering but be slowed down or even blocked by your IT controls rather than being accelerated by them. We are trading in an idea economy where business innovation, creativity at pace and fast feedback offer most value.

Your IT governance structures need to be better aligned to the idea economy. These factors provide the quickest ways to enable that alignment and achieve the pace your organization needs in a truly DevOps environment.

Transforming IT governance is not the goal, think continuous governance 

Chuks Anochie is a Lean, Agile and DevOps certified Digital Transformation Consultant with hands on implementation experience. He has spent over a decade advising and supporting companies on the best strategies for technology adoption. More recently involved in driving enterprise agility within organizations.

To learn more about how Capgemini’s Digital Transformation offering can stimulate enterprise DevOps and Agile growth, improve the speed and direction of delivery to generate better and new sources of value, contact

Find leading thinking on Digital Transformation as well as other key topics and trends at:

If you are interested in working with people like Chuks, take a look at our career opportunities here.

Related Posts


Delivering faster with better use of micro-frontends in financial services

Date icon September 21, 2021

What works well is multiple SPAs owned by specific DevOps teams that can decide what happens...


No one likes waiting. With Continuous Delivery, now you don’t have to!

Venky Chennapragada
Date icon March 22, 2021

Automated and on demand – here’s how, why, and when you should adopt Continuous Delivery...

cloud services

Product-oriented delivery, enabled by POD models

Rishi Kulkarni
Date icon November 26, 2020

Why POD models are the future