Back to overview

From One Week to One Hour

RapDev Enables CI/CD Automation and Monitoring for Northern Trust

Download PDF

RapDev’s automation tools reduced this financial service firm’s change approval timelines dramatically, increasing their ROI on ServiceNow investment

Northern Trust is a Fortune 500 financial services business with headquarters in Chicago. They work with corporations, institutional investors, ultra-high-net-worth individuals, and many other types of customers.

They are one of the largest banking institutions in the U.S. as well as one of the oldest in continuous operation, with offices across 20 U.S. states as well as locations in 23 other countries across many regions of the world. As of June 2021, they held $1.5 trillion in assets under management and another $15.7 in custody.

25,000 employees
$6.59 billion in revenue (2021)
$1.5 trillion in assets under management
$15.7 trillion in assets under custody
The Challenge

Speeding Up DevOps Checks and Balances

As businesses and consumers have many choices about where to invest, save, and deploy their capital, it is vital for finservs to offer cutting-edge technology. This includes both internal applications and client- or customer-facing applications, plus websites and many other technological components.

To stay competitive, modern developers — even those in highly-regulated industries — must offer high-quality software and release it quickly. Accomplishing this at enterprise scale requires a high level of confidence in the quality and security of those applications. 

To achieve this goal, organizations must embrace modern practices like Dev(Sec)Ops and continuous integration and deployment (CI/CD). These approaches apply tools and processes that value and facilitate speed. Companies who want to develop software in a cutting-edge manner must embrace automation across the software development and delivery processes.

For the engineering teams responsible for CI/CD pipelines at Northern Trust, checking software code for vulnerabilities and licensing compliance had become a bottleneck in the release process.

The team used a set of tools and approaches, including:

  • Unit tests.
  • Functional tests.
  • CAST Highlight.
  • Checkmarx.
  • Insight AppSec.
  • Performance Center.
  • SonarQube.

These processes helped them conduct pre-release gate checks for software and the microservices underpinning them. Unfortunately, this still required manual evaluation of the results to determine whether to make and/or approve a change. 

In fact, for a single change, employees often had to contact four to five different teams to gather testing results. Only then could they decide whether to approve a new release or other change. 

These manual gate-checks also made the approval process subjective. Furthermore, given the highly regulated nature of the financial services industry, it was important to ensure each change approval was compliant and left an auditable paper trail. With thousands of changes a week, there was only so much the engineers could do manually.

To streamline the release process, Northern Trust sought a way to automate this. Initially, they opted to use the ServiceNow DevOps module. However, the module did not support Github Actions out of the box, which was a key requirement. They needed to uplevel their implementation, and they recognized that external expertise would speed up the process and deliver the best possible results.

The Solution

Automated ServiceNow Implementation with RapDev

RapDev is an engineering consulting firm that helps organizations gain visibility into their cloud-native services and infrastructure by implementing ServiceNow. The company’s expertise in DevOps and modern development practices means it’s able to create customized implementations for each customer. For Northern Trust, RapDev’s engineers recommended utilizing the ServiceNow DevOps application to accelerate change management. 

RapDev also recommended Northern Trust use the ServiceNow Governance, Risk, and Compliance (GRC) application to comply with financial services and other key industry regulations. As a ServiceNow Elite Partner, RapDev is an expert at engineering effective solutions that automate key steps across the software development life cycle (SDLC), while also ensuring an audit trail for compliance requirements. 

When Northern Trust asked ServiceNow to recommend an implementation partner, RapDev was their obvious choice. After meeting with the RapDev team, Northern Trust signed on to quickly roll out ServiceNow for their CI/CD pipelines. 

Proprietary automation tools are central to RapDev’s ServiceNow implementations. Instead of forcing Northern Trust to perform manual testing on their microservices, RapDev automated the discovery of microservices and artifacts and their storage in ServiceNow. This created a central system of record for artifact names, versions, and other metadata associated with an application. 

The Results

Increased Speed and Accuracy, Time Saved

Partnering with RapDev enabled Northern Trust to:

  • Onboard multiple teams

    Onboard multiple teams, 186 pipelines, and 99 repositories.
  • Reduce time

    Reduce the time required for change approvals from one week to one hour.
  • Regain hours

    Regain three hours of (highly valuable) developer time per developer.
  • More accurate configuration

    Achieve 97% accuracy for a configuration management database by registering all microservices via now.yaml, decreasing overall risk.
  • Implement Change Approval Policy

    Implement a Change Approval Policy that drove automated approval, manual approval, or automated rejection decisions.
  • Deploy DevOps Implementations

    Quickly deploy DevOps implementations using a tagging strategy to track microservices by treating them as SDLC components.
  • Automatic detection new artifacts

    Automatically detect new artifacts and push them into ServiceNow with their artifact name, version name, and testing results.

With this information in one place, the Northern Trust team now has complete visibility into the software delivery lifecycle. They can release updates and new features with confidence, knowing they’re mitigating risks and vulnerabilities and maintaining an audit trail.

“As a DevOps leader,” said Junna, “I want to automate all development activities as much as possible. Bringing all this into a popular system of records like ServiceNow [with RapDev’s support] is a big accomplishment. This kind of visibility gives us a lot of savings in terms of effort; and more than savings, that visibility gives us risk mitigation from the code quality and licensing perspective. RapDev made all of this a reality for us.” 

RapDev’s deployment also enabled Northern Trust to increase the ROI of their investment in ServiceNow. Through their work with RapDev, Northern Trust was able to identify additional use cases for ServiceNow within their organization, further increasing the platform's ROI.

Overall, the RapDev implementation with Northern Trust has been a huge success on multiple fronts and has given the team increased confidence in the quality and speed of their software delivery processes without increasing risk to the company. 

"My experience with RapDev was awesome,” said Basivi R. Junna, the VP/principal architect of DevOps at Northern Trust. “The implementation, the solution, the scheduling, executing according to timelines — and most importantly, designing solutions for our requirements that are maintainable and sustainable."

What's next?

ServiceNow Expansion Opportunities

With ServiceNow’s value proven, Northern Trust is now looking to implement it across their entire organization. This will help them bring the time and cost savings, risk reduction, and process improvements they have already implemented to the whole company. Staying competitive in financial services requires this sort of forward-thinking investment, and Northern Trust is a perfect example of how to do it right.

Let's talk

Found a solution that might help your team? Talk to our team and get started.