Modern Development Controls and Managing Compliance in DevOps

Presenter: Andrew Hall, Director, KPMG

Event Type: Chapter/Luncheon Meetings

Date: Tuesday, December 9, 2025

Time: 12:00pm - 1:00pm PT

Location: Virtual Meeting

Pricing: Members - Free; Non-members - $20

Instructional delivery method: Online

CPE credit(s): 1.0 hour

Advanced preparation: None required

Event Details: Modern development practices like DevSecOps and Agile are revolutionizing software development - requiring those responsible for securing and auditing these processes to adapt swiftly. In this session, participants will explore the fundamental principles and practices of Agile and DevSecOps, focusing on its distinctions from traditional software development methodologies and controls. The discussion will cover essential DevSecOps concepts such continuous integration and continuous delivery and the significance of risk identification and control evaluation within DevSecOps environments. Through real-world examples and case studies, attendees will gain practical strategies and tools to identify and mitigate risks effectively in their organizations.

Speaker Bio: Andrew is a Director in the KPMG Cybersecurity and Technology Risk practice, specializing in leveraging data analytics and advanced automation capabilities to transform and streamline internal control environments and digital transformations. Andrew leads cross-functional teams in developing compliance workflows and real-time risk monitoring systems, with a focus on DevSecOps and modern delivery processes for highly advanced and regulated organizations. These systems significantly enhance organizational efficiency and risk management, resulting in real-time control assessment and attestation.

Refund Policy: Refunds up to 1 day before event

Consent for Photos, Audio and Video Recordings Taken at Events or for Marketing Purposes:

By attending this event I agree irrevocably and free of charge that ISACA or any third party who is acting on ISACA’s behalf may create images, videos and/or sound recordings of me (“works”) at the event for marketing and/or educational purposes. For these purposes, the granting of rights in the works also includes the rights to adapt, reproduce, distribute, perform, making available to the public, broadcast, retransmit or sublicense the works to ISACA’s affiliates. The granting of rights in the works also includes all current and future media, goes beyond the repetition of an event and is not restricted to time or territory.

View ISACA Puget Sound Chapter’s Privacy Policy >>

https://engage.isaca.org/pugetsoundchapter/privacypolicy

For more information on this topic and our speakers, please see our website at https://engage.isaca.org/pugetsoundchapter/home