How China’s Agricultural Bank Leads the Way in DevOps Maturity

China is undergoing a wave of digital, networked, and intelligent transformation, and enterprises are increasingly adopting DevOps to improve IT efficiency.

The China Academy of Information and Communications Technology (CAICT) leads the "DevOps Capability Maturity Model" series of standards, which provide strong guidance for industries; leading companies have improved IT capabilities, integrated team resources and talent, and better supported business systems through participation in CAICT‑organized assessments.

To date, six state‑owned commercial banks have taken part in the DevOps capability maturity assessments. The Agricultural Bank of China (ABC) has passed 33 assessments, ranking first among state‑owned banks, covering Agile Development Management (2 items), Continuous Delivery (12 items), Technical Operations (2 items), Application Design (1 item), DevSecOps (14 items), and Continuous Testing (2 items).

As of 25 April 2024, ABC’s evaluated projects include the Unified Encryption Platform, Integrated Mobile Office Personal Note Module, Micro‑Bank Credit Card WeChat Service – Polaris Marketing Tool, Open Banking Authentication Gateway, and IoT Platform Smart Operations Module, all of which have successfully passed the DevSecOps Level 2 security and risk management assessment.

The assessments have enabled ABC to seamlessly integrate application security controls with project management processes and pipelines, validate organization‑level security governance, identify further optimization opportunities in measurement feedback, and foster a "security for all" culture across organizational, team, and project levels.

Key milestones include: April 2024 – 5 new assessments announced; December 2023 – 7 assessments announced; October 2023 – 4 assessments announced; December 2022 – 11 assessments announced; November 2020 – 1 assessment announced; June 2020 – 5 assessments announced.

The evaluated projects span Java and C# technology stacks, cloud‑on‑premise environments, front‑end and back‑end services, and micro‑service architectures, covering invoicing, mobile marketing, credit, personal online banking, and distributed interconnectivity, achieving end‑to‑end closed‑loop delivery through tools, processes, and standards.

The DevOps Capability Maturity Model series, jointly developed by CAICT, the Cloud Computing Open Source Industry Alliance, the Efficient Operations Community, BATJ, and major financial and telecom enterprises, has been published by the Ministry of Industry and Information Technology and adopted by many leading firms. It was also formally concluded as an ITU‑T standard (Y.3525) in July 2020.