While we have a rhythm to our product development lifecycle and have an established structure, the process remains undocumented. A documented process will allow us to respond with supporting evidence for security assessment questionnaires, and will also allow us to identify opportunities (i.e. fodder for this list) where we can continue to optimize our overall delivery from design/development to support.
Using HEFLO, a business process mapping (BPM) tool, our entire SDLC has been documented around the five pillars of Plan, Build, Quality Check, Release, and Monitor. The documentation is now readily available for client requests and more importantly, the exercise of reflecting on our process has allowed us to identify areas of improvement to act appropriately.
Five Pillars of SDLC
Requirements, Quality & Design Management
User interview -> Technical evaluation -> Design prototype -> Roadmapping
Source Code Management
Write user stories and test Cases -> Backlog grooming -> Sprint -> Live preview
Code Quality, Testing, and Coverage
System testing -> Security audit -> Regression testing
Internal demo -> Deploys Staging -> UAT & signoff -> Deploys Prod
Identify automated tests, Metrics, Incident management, Tracking engineering dependencies
- Business Process Model and Notation (BPMN)
- Business Process Management (HEFLO)