checklists/
Review
Checklists
The artefacts a reviewer applies during structured review work — architecture, deployment readiness, and security checklists — as designed coverage instruments with dimensions, calibration, and tier-awareness, distinct from the governance disciplines that produce them.
3 topics in this section
checklists/architecture/
Architecture Review Checklist
The artefact a reviewer applies to evaluate whether a proposed architecture meets the system's actual non-functional requirements — recognising that architecture review is the moment when capacity, latency, security, resilience, observability, and operability concerns either get surfaced and addressed or get inherited as production problems by future operators.
→
checklists/deployment/
Deployment Readiness Checklist
The artefact that determines whether a change is ready to ship — recognising that deployment readiness is a gate (proceed / defer / rollback), not a document, and that the checklist's items are calibrated by the specific production failure modes the team has actually experienced rather than by generic best practices that don't reflect the system's real risks.
→
checklists/security/
Security Review Checklist
The artefact that evaluates whether a proposed system defends adequately against the threats it actually faces — recognising that security review is about coverage of the attack surface, alignment with the documented threat model, and calibration by the incidents and findings that prior reviews missed, not about ticking compliance boxes that don't reflect the system's real risks.
→