Team of professionals

Back to all news

Case Study: ČSOB CZ – DevOps Capabilities Assessment

How we conducted a detailed DevOps assessment for ČSOB, delivering actionable recommendations and clear roadmaps across GitOps, Service Mesh, and Observability to accelerate their digital transformation.

About the Project

For ČSOB CZ (Czechoslovak Commercial Bank), we conducted a structured DevOps Capabilities Discovery Phase to assess current practices and design transformation strategies across three key areas: GitOps and Versioning, Service Mesh, and Observability. The engagement delivered concrete recommendations with clear prioritisation to enable ČSOB’s teams to implement meaningful improvements while respecting banking sector regulatory requirements.

Our proven assessment methodology

Phase 1: Introductory Workshop & Current State Analysis

  • Infrastructure assessment: Detailed evaluation of existing DevOps tools, including GitLab, GitHub Actions, ArgoCD, OpenShift, and Broadcom monitoring stack.
  • DevOps process evaluation: In-depth analysis of development and deployment workflows, CI/CD configurations, release management, and operational procedures to identify optimisation opportunities.
  • Team engagement: Direct collaboration with ČSOB’s development and operations teams to understand real pain points and organisational constraints.
  • Baseline establishment: Documentation of current capabilities across all focus areas.

Phase 2: Gap Analysis & Solution Design

  • Industry benchmarking: Comparison against banking sector best practices and modern DevOps standards.
  • Technology evaluation: Assessment of tools like OpenTelemetry, Prometheus, Elastic Stack, HashiCorp Vault, and Consul for their fit within ČSOB’s environment.
  • TO-DO recommendations development: Creation of detailed activity lists for each focus area, with specific recommendations ranked by importance and implementation complexity.
  • Roadmap prioritisation: Development of prioritised implementation roadmaps that identify quick wins and strategic initiatives, with the selection of immediate next steps based on impact assessment.

Key outcomes and value delivered

GitOps & Versioning Optimisation

Our assessment provided specific recommendations for consolidating CI/CD workflows, implementing Software Bill of Materials (SBOM) for container security, and establishing automated certificate lifecycle management. We designed a clear path from their current multi-tool environment (GitLab, UrbanCode, GitHub Actions, ArgoCD) to a standardised, secure deployment process.

Service Mesh Enhancement

We delivered a modular implementation strategy, breaking down their complex service mesh into manageable components (API Gateway, Ingress/Egress Gateway, Service Discovery), with specific guidance for gradual integration, starting with 5-10 applications. Our recommendations addressed their existing Consul, Envoy, and Vault implementations while planning for OpenShift integration.

Comprehensive Observability

We designed a hybrid approach, maintaining their Broadcom investments while introducing modern capabilities through OpenTelemetry and Prometheus. This addressed their vendor lock-in concerns while improving troubleshooting by better correlating data between metrics, logs, and traces.

Key benefits achieved

  • Enhanced security through container signing and SBOM implementation.
  • Improved operational efficiency via automated deployment processes.
  • Vendor flexibility through open standards adoption.
  • Faster problem resolution with better observability correlation.

Why our approach works

This engagement demonstrates our systematic methodology for DevOps transformation in highly regulated environments. We combine in-depth technical assessments with collaborative workshops to ensure that recommendations are both technically sound and organizationally achievable.

Key success factors

  • Banking sector expertise: Understanding of regulatory constraints and compliance requirements.
  • Collaborative approach: Working directly with client teams rather than imposing external solutions.
  • Practical focus: Delivering actionable recommendations with clear implementation paths.
  • Risk-aware planning: Phased implementation minimising operational disruption.

The result: ČSOB received not just an assessment report, but a practical transformation roadmap they could immediately begin executing with their existing teams and resources.

Client Statement

The external study has provided us with a valuable independent perspective on our processes and brought in new insights that go beyond our existing in-house know-how. Thanks to the objective and pragmatic assessment of further development options, we now have a clearer understanding of potential innovations and risks that we might have overlooked internally. I especially appreciate the perspective and independence that the external team brought to the evaluation, enabling us to make more qualified decisions about our future direction.

Roman Mašek, Director – IT Digital Services

Services Provided

 

Grow2FIT
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.