Quality Management
Plans and manages quality requirements; performs quality assurance and control.
established project management guidelines definition
Project Quality Management includes the processes for incorporating the organization's quality policy regarding planning, managing, and controlling project and product quality requirements to meet stakeholders' objectives. It addresses both the management of the project (process quality) and the deliverables of the project (product quality). Acceptance criteria, sign-off workflows, test cases, and code-review obligations are quality management work products.
Processes in this Knowledge Area
Plan Quality Management
Outputs: quality management plan, quality metrics.
REQ-FUN-033— Approve via REST/MCP/web UI with identical audit rowsREQ-NFR-001— API median latency for read operations <= 200ms at 10 concurrent clients on reference machineREQ-NFR-002— API median latency for write operations <= 500ms at 10 concurrent clientsREQ-NFR-003— Web UI initial page load <= 3s on reference machine over local networkREQ-NFR-004— Audit log search returns p95 <= 1s on 100k-row datasetREQ-NFR-031— Fresh install comes up within 5 minutes from installer launch to first successful loginREQ-NFR-040— First-time established_guidelines_literate user can create project, add deliverable, request sign-off in <10 min without docsREQ-NFR-041— All forms show validation errors inlineREQ-NFR-063— Read-only mode middleware adds <= 5 ms p99 overhead on read endpoints
Manage Quality
Outputs: quality reports, test and evaluation documents, change requests.
REQ-FUN-034— Approver can reject with required rationale textREQ-NFR-042— Keyboard navigation works for primary flows (browse, claim, approve)REQ-NFR-060— Code includes automated tests; CI runs them on every commitREQ-NFR-061— Documentation (help/dev/ai) updated in same change as source it documents
Control Quality
Outputs: quality control measurements, verified deliverables, work performance information.
REQ-FUN-005— Store sign-offs with id, subject_kind, subject_id, mode, state, requested_by, created_atREQ-FUN-006— Store sign-off events (requested, approved, rejected, delegated) tied to sign-off idREQ-FUN-030— Actor can request a sign-off on any sign-off-eligible subjectREQ-FUN-031— Sign-off any-of mode (one approver suffices)REQ-FUN-032— Sign-off all-of mode (every named approver must approve)REQ-FUN-036— Rejected sign-off is not reusable; new sign-off ID required for re-requestREQ-FUN-063— Web UI allows approval, rejection, and delegation actions
Secondary support
Requirements whose primary KA is elsewhere, but which also support Quality Management.
| ID | Description | Primary KA |
|---|---|---|
| REQ-FUN-035 | Approver can delegate to another actor within configured delegation scope | Resource Management |
| REQ-FUN-037 | Notify approvers when a sign-off is requested or delegated to them | Communications Management |
| REQ-FUN-038 | Agent actor only approves sign-offs whose subject falls within delegated scope | Resource Management |
| REQ-FUN-043 | All POST endpoints accept Idempotency-Key header; same response for retries within 24h | Integration Management |
| REQ-FUN-062 | Web UI surfaces sign-off requests assigned to logged-in user | Communications Management |
| REQ-FUN-070 | Every state-changing operation produces exactly one audit row | Integration Management |
| REQ-FUN-071 | Audit log append-only at DB level (no UPDATE or DELETE granted to app role) | Integration Management |
| REQ-NFR-010 | All non-localhost traffic over TLS 1.2+ | Risk Management |
| REQ-NFR-012 | Passwords (if stored) hashed with modern KDF (Argon2id or bcrypt) | Risk Management |
| REQ-NFR-020 | Every mutation produces exactly one audit row regardless of API surface | Integration Management |
| REQ-NFR-021 | Audit rows include actor, ts (UTC ISO 8601), entity kind/id, before/after, change reason | Integration Management |
| REQ-NFR-030 | System tolerates single-process restarts without data loss | Risk Management |
| REQ-NFR-032 | Backups schedulable; restore-from-backup produces identical operational state | Risk Management |
| REQ-NFR-064 | PWA service worker MUST NOT cache approval-decision-bearing endpoints — only static shell | Risk Management |
| REQ-NFR-065 | Worktree provisioning on claim completes within 5 seconds for repos up to 1 GB | Resource Management |
All requirements primarily mapped to Quality Management (22)
| ID | Description | Primary Process Group |
|---|---|---|
| REQ-FUN-005 | Store sign-offs with id, subject_kind, subject_id, mode, state, requested_by, created_at | Monitoring & Controlling |
| REQ-FUN-006 | Store sign-off events (requested, approved, rejected, delegated) tied to sign-off id | Monitoring & Controlling |
| REQ-FUN-030 | Actor can request a sign-off on any sign-off-eligible subject | Monitoring & Controlling |
| REQ-FUN-031 | Sign-off any-of mode (one approver suffices) | Monitoring & Controlling |
| REQ-FUN-032 | Sign-off all-of mode (every named approver must approve) | Monitoring & Controlling |
| REQ-FUN-033 | Approve via REST/MCP/web UI with identical audit rows | Monitoring & Controlling |
| REQ-FUN-034 | Approver can reject with required rationale text | Monitoring & Controlling |
| REQ-FUN-036 | Rejected sign-off is not reusable; new sign-off ID required for re-request | Monitoring & Controlling |
| REQ-FUN-063 | Web UI allows approval, rejection, and delegation actions | Monitoring & Controlling |
| REQ-FUN-137 | Quality Report view (aggregated quality dashboard) | Monitoring & Controlling |
| REQ-FUN-138 | Test Case + Test Run entities per deliverable | Executing |
| REQ-NFR-001 | API median latency for read operations <= 200ms at 10 concurrent clients on reference machine | Planning |
| REQ-NFR-002 | API median latency for write operations <= 500ms at 10 concurrent clients | Planning |
| REQ-NFR-003 | Web UI initial page load <= 3s on reference machine over local network | Planning |
| REQ-NFR-004 | Audit log search returns p95 <= 1s on 100k-row dataset | Planning |
| REQ-NFR-031 | Fresh install comes up within 5 minutes from installer launch to first successful login | Planning |
| REQ-NFR-040 | First-time established_guidelines_literate user can create project, add deliverable, request sign-off in <10 min without docs | Planning |
| REQ-NFR-041 | All forms show validation errors inline | Executing |
| REQ-NFR-042 | Keyboard navigation works for primary flows (browse, claim, approve) | Executing |
| REQ-NFR-060 | Code includes automated tests; CI runs them on every commit | Executing |
| REQ-NFR-061 | Documentation (help/dev/ai) updated in same change as source it documents | Executing |
| REQ-NFR-063 | Read-only mode middleware adds <= 5 ms p99 overhead on read endpoints | Planning |