How do you provide independence when using SCRUM?
From my research it appears that a scrum team should have all the skills required to produce a working increments towards a finished product.
This will inevitably include testing to validate this increment and close of the user stories as Done Done.
As the team should also not have roles and allow everyone to contribute and support each other how have others dealt with requirements for independent reviews?
In my business we work to a European regulation standard that requires independent reviews at lots of different levels.
Can anyone provide some ideas or good reading materials to help us solve the issue?
In my experiences in two regulated fields in the US, Scrum is not incompatible with regulations that require independent review and/or verification and/or validation of work performed.
For me, the first step in a regulated industry is to understand the regulations. In my experience, people have set up processes without fully understanding what the regulations say nor the intent behind them. Instead of looking at different options to satisfy the regulations, they clone what other people have done, which may not be in the same context or require the same level of control.
From there, I recommend using value stream mapping techniques and build a team that can do as much of the work as possible. The goals should be to minimize hand-offs, align reviews with existing events, and ensure that work that is handed off is as done as possible for the team. In my experiences, people see these independent reviews or independent verification & validation efforts as a way to find defects. Instead, the team should be highly confident that issues won't be found - these steps become the necessary paperwork around the team's work. If this becomes the case, very little time is spent in these independent steps since the work is already of a high quality.
If you could share more about what regulation(s) are applicable and what types of product(s) you are making, I may be able to give some more insight. But what you're looking to do - apply Scrum in highly regulated environments - should be feasible. In fact, I would argue that applying agile and lean techniques are even more essential in these environments.
What is your question exactly? Is it about testing or governance? Reviewing and testing is not (necessarily) the same thing.
Testing should not be a problem. You can have a test expert or testing engineer on your team.
In my previous big scrum project, we had a test automation expert who tought the team how to build and integrate automated testing in the frameworks used by the client. He helped the team and was obsolete after a few months.
There is nothing wrong with this approach. Keep in mind: the Scrum Guide does not say there may not be a tester in the team. It just states there is no separate role for it. You should separate the notion of "role" and function or job title.
In the end, Scrum, states the team should organize itself so all skills are there to deliver a DONE increment.
If that means you have a person in your development team which has the function of a tester, that is totally fine.
The Development team as a whole is repsonsible for producing the increment, and if testing is part of your Definition of Done, the team as a whole is responsible that testing is done, before it can be released.
Scrum-wise, it is no problem you have a specific person on the team who does it, as long as you do not make him personally responsible.
Preferably, and in general, the team is shaped in such a way that there is no single point of failure. So, if your "test developer" is sick or fired, nothing gets DONE. So keep this in mind when organizing and growing the team
On the notion of governance and/or reviewing: it all depends on your Definition of Done.
If regulations dictate that an external (outside of the team) body of governance is required to have the final say in releasing the product increment, your Definition of Done should relfect that.
So your DoD could read something like "increment deliverd to Governance Body so tey can release autonomously" or even better "adhering to the Governance Body's Definition of Ready". In other words, the team will make sure it is DONE enough so the Governance Body can accept it.
This is ofcource not a full Agile way of working, and one should always seek minimal handover effort, minimal waste (in comprehensive documentation, time wasted communicating etc).
Depending on your context, you could even investigate if the entire chain the increment hass to pass along can be made Agile. You could be amazed how Agile transformation can do wonders in organizations which at first glance are unable to adopt to agility.
In my business we work to a European regulation standard that requires independent reviews at lots of different levels.
Does this standard preclude team members from contributing and supporting each other? Would the independence of a review prove troublesome?