FlowCon 2013 San Francisco, November 1

James DeLuccia, Senior Manager in Advisory Services practice at Ernst & Young LLP

James DeLuccia

Biography: James DeLuccia

James J. DeLuccia IV is a Senior Manager in the Advisory Services practice of Ernst & Young LLP.  James, a published author with John Wiley & Sons, specializes in multi-national enterprise governance, privacy, and security initiatives involving holistic technology and controls reengineering.  He has broad experience across a number of major industries including technology, data services, healthcare, telecommunications, financial services, industrial manufacturers, power generation, and consumer products.  In addition, James has over 16 years of development and implementation of technology and processes achieving operational integrity.  Most recently, he has provided advisory services and leadership in support of designing, deploying, and certifying global security compliance programs for leaders within the cloud and financial services sector. 

James oversees the firm’s ISO advisory and certification services in the Americas, and coordinates globally the Payment Card Industry practice.  

You can find James on twitter @jdeluccia 

Presentation: Successfully establishing and representing DevOps in an audit

Time: Friday 14:50 - 15:20 / Location: Robertson 2 & 3

Organizations and development teams are moving beyond static deployment models to those embracing a continuous delivery/DevOp-style set of processes.  The deployment of doing tens, hundreds, or even thousands of deploys per day as 'normal' does not align to the SDLC, separation of duties, and common controls expected by auditors.  As the leader for the Ernst & Young Americas Certification Services, James oversees all of the audits against common industry standards, and champions several global program implementation roll-outs.  Developing and 'translating' the control environment behaviors of clients, such as Google, Amazon, Workday, and others is difficult.  This discussion will bridge the needs of auditors with the community of developers by sharing examples, discussing the assurance expectations, and how to communicate to pass an audit.