Use Cases

Ensuring Compliance in Software Development with Checklists

Learn how HeroCoders leverages global checklists, user mentions, and workflow validators to ensure compliant software development.

Platform / Project Type

Jira Software Project

Featured Apps

Checklist for Jira (Enterprise)

Workflow & Issue Type

Software simplified workflow

Set-up Tasks

Create global checklists

Create checklist templates

Set workflow validator

Checklists not only allow you to break down what needs to be done; they provide a track record of what has been done – making them an excellent tool for assuring compliance. Checklists for Jira includes an array of features you can use to establish compliance in your software projects, including:

  • Checklist history
  • Checklist permissions
  • Email notifications
  • Global checklists
  • Integration with Jira automation
  • Workflow validators

Being a software development company ourselves, we at HeroCoders eat our own dog food by using live, admin-controlled global checklists for QA and release management in our development projects. We managed our SOC 2 compliance process by using checklist templates with user mentions, and we enforce our checklists with workflow validators.

Software Development QA Compliance

QA, including compliance with internal standards, is one of the most common use cases for checklists. Our team has a global checklist that is automatically added to bug fixes and feature improvements to ensure that the newly-developed fix works as expected in all applicable environments:

Sometimes a Jira work item is created in a development project that does not need to comply with the automatically applied checklists – such as a work item to update the documentation. Since the checklists are enforced with a validator (see below), the checklist still needs to be completed. The toggle all items feature allows all of the list items on these issues to be set to N/A with a single click.

Software Development Release Compliance

As our product grew (its available in multiple versions) our release process became more complex. We use a second global checklist to ensure that new features are released to all required instances.

A Software Compliance Project for Achieving SOC 2

HeroCoders recently achieved SOC 2 Type II compliance. We created a Jira project to manage our SOC 2 journey and made extensive use of checklists and checklist templates in that project.

Assessing Findings

As part of our SOC 2 process, we reviewed AWS GuardDuty findings and assessed which ones required action. Note that using checklist statuses (in this case the SKIPPED status) allows us to record not only what was done, but also what was considered and intentionally not done.

Policy and Access Compliance

We frequently create checklists (and save them as templates to be reused at regular intervals) to track that team members are complying with security requirements. Mentioning each user provides  a record showing that the entire team is in compliance. Examples include:

  • Asking all team members to check a box saying that they have read a policy
  • Asking all team members to check a box saying that they have enabled 2FA
  • Asking a designated service owner to review which users have access

Managing Penetration Tests for SOC 2 Compliance

Of course, checklists are also useful for breaking down the tasks that need to be done, as in this example where we used a checklist to manage penetration testing.

The Checklist Validator

To ensure that the requirements defined in the Checklists aren’t bypassed, we use the All checklist items are completed workflow validator.

Additional Checklist Features for Compliance

Global checklists, checklist templates, user mentions and validators are the checklist features our team uses for compliance, but they aren’t the only ones. Checklists for Jira also provides:

For HeroCoders, use of checklists has proven to be an invaluable asset in ensuring compliance throughout our software development processes. By leveraging global checklists, user mentions, and workflow validators, we have streamlined our QA and release management, while also effectively managing our SOC 2 compliance journey. The ability to track progress, enforce standards, and maintain a comprehensive history not only enhances our operational efficiency, but also reinforces our commitment to quality and accountability.

As we continue developing and dogfooding Checklists for Jira, compliance use cases will remain a key focus—empowering both us and our customers to build compliant software.

TRY IT FOR FREE TODAY

CHECKLISTS FOR JIRA (ENTERPRISE)

GET STARTED
GET STARTED

More Resources to
Turbocharge Your Teams

Productivity Tips and Tricks
Explore More
Explore More
Professional Services and Support
Find Solution Partners
Find Solution Partners