We’re a 24/7 financial institution with a regulated e-money license, so we have to make sure that every change to our production environment is safe and secure. And we need to be able to prove that with an audit trail.
When we came up to our internal audit we realized the manual processes we had weren’t scalable. One of the big challenges we had was in providing evidence for the segregation of duties. We had no way of getting a single pane view of that.
A change request would have to be made, it would then go for review to make sure those changes had been through all the necessary unit tests and scans, and then it would go to the DevOps team for deployment.
We now have a central system of record where the auditor can see a complete audit trail of changes across multiple systems
Now, the engineer just books a slot, and so long as all the prerequisites can be seen in the single pane we get with Kosli, they can deploy the changes themselves. The big value for us is in shifting trust and responsibility from people to a process.
We’ve gone from having five people involved in the release to a valuable and trusted process where anyone can see that every change has been tested, scanned, and approved.
We now have a central system of record where the auditor can see a complete audit trail of changes across multiple different systems. All the evidence and the approvals are right there in one place.