The good news is that the product my team is developing is being adopted broadly within the organization. The bad news is that in the future in order for my software to be used in products subject to regulated enviroments we will not pass scrutiny. Seeing this problem out there on the horizon has inspired me to challenge my team to take the next step of the maturity journey and evolve our Agile/Scrum process. I am not an expert on the specifics of achieving compliance, but it seems to me it is pretty simple. Basically it entails documenting what is to be built, build what you say you will build, then show evidence you tested that you built what you intended. Also, involved is change management over the whole lifecycle. So if that’s the general process, I keep peeling the onion back and finding traceability at the root.
I brought this to the team, and we’re having some trouble getting traction on trying to improve our traceability story. The lack of action makes me wonder if I am asking for the wrong thing. How do the rest of you Agile-ites deal with traceability? Specifically, I am looking for the ability to look at the potential impact of change by knowing all stories impacted should we change a particular story. In the RUP, we had a neat little report called the traceability matrix. It was easy to see impact of changes.
Please feel free to share your tips to getting to a solid traceability story. Without it, I am likely shut out of some important business opportunities to “sell” my application into scenarios where regulation is required. Looking forward to getting some ideas.