Agile is not a methodology to be used for fixing things that arent broken or for forcing process for the sake of process. Security professionals should adhere to these processes for specific and quantifiable reasons, not simply because managers mandate they do so. The principle of inspect and adapt should be applied to all aspects of the process, says Peter Paul. The process is designed to deliver high-quality, secure software in a rapid environment, and to eliminate traditional pitfalls common to the waterfall, functional specification, extended delivery planning and development strategies.”]