Agile software development, particularly using Scrum, has revolutionized the way software is built and delivered. At its core, Agile embraces iterative and incremental development, a stark contrast to traditional “waterfall” methodologies. The primary objective is to deliver working software frequently and in small increments, ensuring continuous feedback, adaptability, and rapid value delivery. However, we know […]
Note: This post is written with a lot of help from AI, used to summarize the standards mentioned below. Artificial intelligence (AI) is reshaping industries, but it also brings new risks. From security vulnerabilities to compliance challenges, organizations must balance innovation with responsibility. New standards were created and newer are emerging to guide this […]
Ever wondered what the differences between these terms are? We use them in GRC very often, but we rarely think what they mean. This creates in time some stretching of these concepts, meaning that their meanings overlap to a certain degree. A Policy is a high-level, mandatory statement of principles and intent. A Standard […]
I wrote ages ago this article, where I compared briefly the Annex A in the two versions of the standard: https://www.sorinmustaca.com/annex-a-of-iso-27001-2022-explained/ But, I feel that there is still need to detail a bit the changes, especially that now more and more business are forced to re-audit for the newer standard. Overview of Annex A […]
ENX has released an interesting article about how NIS2 requirements map to TISAX requirements. For this, there is a short introductory article called “TISAX and Cybersecurity in Industry – Expert Analysis Confirms NIS2 Coverage” and and a full article of 75 pages : https://enx.com/TISAX-NIS2-en.pdf An analysis conducted within ENX’s expert working groups examined how well […]
Click below for the podcast version (AI generated): Challenges that stop teams to deliver and how to solve them Objection 1: “Our features are too complex for short sprints” This is the most common objection I hear, and it reveals a fundamental misunderstanding. The solution isn’t longer sprints or more sprints — it’s better feature […]
Click below for the podcast version (AI generated): Guide for delivering frequently software features that matter: the three Pillars of successful frequent delivery If you’re a software engineer older than 30 years, then you definitely have worked following a non-agile methodology. Those methodologies are based on a fixed structure, a lot of planning, and hope […]
Time for some other type of posts, not related to what I usually write about. But it bothers me to see so many “shiny” posts on Linkedin, when I know for sure that the reality is so much different than what they write there. So, time to demystify a bit this topic. This is a […]
Move fast and fail fast In software development, the mantra “move fast and fail fast” has become both a rallying cry and a source of considerable debate. It champions rapid iteration, prioritizing speed and output, often at the perceived expense of meticulous planning and architectural foresight. This approach, deeply intertwined with the principles of agile […]
They can’t mix, can they? Seems like a contradiction to talk about classical project management and the best agile software development methodology ? But let me ask you this: ever feel like traditional project management is great for mapping out the big picture but falls short when it comes to the nitty-gritty of execution? And […]
You must be logged in to post a comment.