Seriously, I’d tune in. We have protocols “for Sox compliance”, but I’ve never been privy to an audit so have no idea if they’re effective.
As a DevSecOps professional, I may have opportunities to make compliance easier or more effective, if I knew how they worked or had any feedback
Edit: I love the idea of ComplianceAsCode mentioned here, and hadn’t read of it before but it looks all about infrastructure while I’m all about product builds
Seriously, I’d tune in. We have protocols “for Sox compliance”, but I’ve never been privy to an audit so have no idea if they’re effective.
As a DevSecOps professional, I may have opportunities to make compliance easier or more effective, if I knew how they worked or had any feedback
Edit: I love the idea of ComplianceAsCode mentioned here, and hadn’t read of it before but it looks all about infrastructure while I’m all about product builds