Just hearing the word compliance scares the living daylight out of many project teams. And true, the traditional way of assuring compliance, with big up front requirements gathering, waterfall style gates, and verification / certification at the end is a bad one: neither does it satisfy the demands of fast paced, value focused product or service delivery, nor does it satisfy the demands of an increasingly strict and complex regulatory landscape.
So it is time for a new approach: compliance by design or continuous compliance takes the stance that involving compliance early and continuously through the full product lifecycle leads to better outcomes for products and compliance itself.
Based on experiences in MedTech and EdTech this talk presents the reasons why the current approach to compliance must change, what a sustainable valuable compliance approach must look like, and how we can transition from one to the other.
It then describes a framework for continuous compliance across the entire product lifecycle from analysis to design, development to release, and operation.
It demonstrates how the outcomes are far more pleasant working with (and for) compliance, better products that have higher degrees of compliance and improved compliance operations be this as part of BAU monitoring, ad hoc auditing, periodic certifications or incident management.