Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Satisfying External Auditor requests for software deployment using JIRA

John Parchman, CCSP
John Parchman, CCSP
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 22, 2021

We at a least annually get an audit requests such as the following:

  1. Provide a system-generated listing of {insert major application here} code changes deployed to the production information system since {insert date here}.
  2. Provide a system-generated listing of {insert major application here} database changes deployed to the production information system since {insert date here}.

We have some thoughts on how to accomplish this but I wanted to get the community's  thoughts as well regarding transitions, hooks back from GitLab to Jira, Jira Workflows, etc. to satisfy these audit requests.

 

Answer
Watch
Like Be the first to like this
363 views

1 answer

0 votes
John Price
John Price
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 6, 2021

It depends on whether your deployments are automated or manual, but you can accommodate both I think.   Normally I don't suggest a lot of customized Issue Types, but in this case it may be warranted for ease of auditing and clarity.  Something like:

  • Create a Software Release issue type and add whatever fields are needed for auditing.  Try to limit custom fields if the description will do.  Maybe just
    • Select list of Deployment Environments
    • Select list of Products 
    • ??
  • For manual releases you can create a Software Release issue and populate as needed.
  • For automated pipelines, you can have a standard/templated deployment action or step that creates an issue in Jira (push model).  You'd have to think about how to permission that.

One downside is that it won't scale nicely if your app consists of microservices or a lot of tiny bits.  You also probably don't want to execute this for lower environments.  "Hey , I pushed the shipping calculator service to QA for the 80th time today!"

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security