What is Nostr?
Waldo Jaquith /
npub1v3u…wupy
2024-06-04 15:04:33

Waldo Jaquith on Nostr: Blog entry: Agencies must not outsource compliance to their vendor scrum team. ...

Blog entry: Agencies must not outsource compliance to their vendor scrum team.

Incorporating HIPAA, NIST 800-53, or agency policy documents into a software development contract by reference means that the vendor will have to, at times, ignore the product owner, ignore user research, ignore the roadmap, and simply do what they believe those policy documents say to do. That is Actually Bad. Don't do that. https://waldo.jaquith.org/blog/2024/06/outsourcing-compliance/
Author Public Key
npub1v3uupkjgerfn7pyx9kk2pe08d4wynqs2py04avp0kfusxymswn7qfvwupy