22 lines
960 B
Markdown
22 lines
960 B
Markdown
# Non-Functional Review Criteria
|
|
|
|
- **Security**
|
|
- PASS: auth/authz, secret handling, and threat mitigations in place.
|
|
- CONCERNS: minor gaps with clear owners.
|
|
- FAIL: critical exposure or missing controls.
|
|
- **Performance**
|
|
- PASS: metrics meet targets with profiling evidence.
|
|
- CONCERNS: trending toward limits or missing baselines.
|
|
- FAIL: breaches SLO/SLA or introduces resource leaks.
|
|
- **Reliability**
|
|
- PASS: error handling, retries, health checks verified.
|
|
- CONCERNS: partial coverage or missing telemetry.
|
|
- FAIL: no recovery path or crash scenarios unresolved.
|
|
- **Maintainability**
|
|
- PASS: clean code, tests, and documentation shipped together.
|
|
- CONCERNS: duplication, low coverage, or unclear ownership.
|
|
- FAIL: absent tests, tangled implementations, or no observability.
|
|
- Default to CONCERNS when targets or evidence are undefined—force the team to clarify before sign-off.
|
|
|
|
_Source: Murat NFR assessment guidance._
|