b'
In this episode, Eric Landes addresses a question he received while delivering a class on Applying Professional Scrum. The student was a security specialist and was trying to figure out how Scrum teams handle the work needed to maintain security and compliance.\\xa0
If you are interested in attending Scrum training, check out our public Scrum training courses.
When conducting Scrum training, teams ask about different roles and how they fit on a team that only has developer, Scrum Master, and Product Owner accountabilities.\\xa0 It is a valid question, when I introduce the Scrum framework, it can be confusing how current jobs fit into the Scrum framework accountability.
The good news is that the Scrum framework talks about accountabilities, not job descriptions.\\xa0 So, the writers of the Scrum guide understand that existing job roles are not necessarily supplanted by the accountability.\\xa0 But Scrum does say that your Scrum team needs to be able to complete their work to make it potentially shippable.\\xa0\\xa0 A student asked how it could be shippable without their security group, InfoSec approving this.\\xa0 This specific organization, had to have a security review before any release could make it to production.
How does the Scrum framework handle these organizational constraints?\\xa0 The Scrum guide says "Scrum Teams are cross-functional, meaning the members have all the skills necessary to create value each Sprint."\\xa0\\xa0 And the Scrum team self-manages to make sure they have the right capabilities for the team.\\xa0
The Scrum guide is lightweight and not very prescriptive as you have probably noticed.\\xa0 I would answer that question using my experience, letting your team self-manage with this information.\\xa0 Practically speaking here are four ways your team could practice that self-management to help with this question:
These are 4 options that your team may want to adopt to help with Infosec or security requirements on a Scrum team.\\xa0 Your team may self-manage to a better option for your organization.\\xa0 Discussing what can be done within the team is a great first step!
I\\u2019d love to hear what you think. If you have a question or a comment, please email us at podcast@agilethought.com.
For more information on AgileThought\'s available courses, go to agilethought.com/services/training-certifications.\\xa0 This information is also available on the page of this podcast.\\xa0 Thanks for listening!
\\xa0
'