Engineering Operating Procedure Documentation – Apliqo

Location of Documentation: This page is part of the Engineering & DevOps space. All updates are version-controlled via Confluence.

1. Reliability and Performance Monitoring Procedures

**Monitoring Tools:**

- Uptime checks (CI/CD integration)

- TestRail for automated test coverage

**Metrics Tracked:**

- Uptime %

- Response time

- Failure/error rates

**Alerting:** Notifications via integrated tools (Slack/email)

**Review Cadence:** Weekly summaries and monthly performance reviews

2. Data Insertion / Deletion Processes

**Platform:** IBM PA/TM1 engine handles all write-back, insertion, and deletion processes

**Audit Features:**

- User-based tracking

- Timestamped logs

- Change history linked to business rules

**Access Control:** Role-based TM1 security configuration

3. Production Push Processes

**Approval Flow:**

- Minimum 2 developer approvals per PR

- Description must outline changes, risks, and rollback plan

**CI/CD Pipeline:**

- Automated test suite triggered

- Blocking merge on failure

**Rollback Strategy:** Scripts available for all services

4. Production Test Implementation Processes

- No direct testing in production

**Test Environment:**

- Fully isolated staging environment

- Reflects production data schemas without PII

**Ownership:** Test cases created by both QA and dev teams

5. SDLC Processes

**Development Methodology:** Agile with Kanban-style boards

**Tools Used:**

- Jira for work management

- Confluence for documentation

**Sprint Cycle:**

- Biweekly retrospectives

- Continuous planning and backlog grooming

6. Code Review

**Review Requirements:**

- All PRs undergo peer review

- Large changes reviewed by tech leads

**Tools Used:**

- GitHub PRs

- AI tools like Copilot or CodeQL

**Focus Areas:**

- Readability, scalability, security, maintainability

7. Post-Mortem and Incident Reviews

**Initiation Trigger:** Any P1 or P2 incident

**Documentation Tool:** Jira Support Portal

**Template Includes:**

- Timeline

- Root Cause

- Customer Impact

- Preventive Action Items

**Review Timeline:** Within 72 hours of incident resolution

8. On-Call Requirements and Expectations

**Support Model:** Varies by customer SLA

**Rotation:**

- Tier 1: 24/7

- Tier 2: Business hours

**Escalation Flow:** Support → Dev → Tech Lead → Incident Owner

9. Access Control and Change Management (ISO 27001)

**Segregated Access:**

- Different permissions for Dev, Staging, Prod

- Developers cannot access prod data

**Change Logging:**

- All PRs tracked via Jira and GitHub

- Categorized by type (feature, bug, hotfix)

- Linked documentation in Confluence

10. Secure Development Policy

**Standards:** Based on OWASP Top 10

**Security Tools:**

- Dependency scanners (e.g., Snyk, Dependabot)

**Policies:**

- Annual developer training

- Code signing for releases