A great talk with Jason Chan, VP, Head of Information Security of Netflix about simplifying the security process for software developers, as well as some of the open source projects Netflix has shared with the community. Listen here. (Btw, Jason was the keynote speaker of Hacktivity 2014, he is really a great guy.)
Me, as leading the security team, I want to be making a few decisions as possible, and the best way to facilitate that is to make sure that people have context about what’s important to the company, what’s important to the team.
The idea being if you have all the information you need to make good decisions, that given maximum freedom you’re likely to come within a range of acceptability for decision making.
Then the responsibility aspect of it is, you are free to make your own choices you’re free to pursue your own paths, sometimes they’ll be the wrong choices. The responsibility element is you have to be accountable for those things.