BIO-QMS Master Track Index
Project: CODITECT Biosciences QMS Platform Tracks: 17 (A-Q) Total Tasks: ~409 Sections: 89 Sprint Plan: 10 sprints (20 weeks) Updated: 2026-02-14
Track Assignment Rules
- Extract keywords from your task
- Search this index for matching keywords
- Use the identified track (highest keyword match)
- Consult track owner for cross-track dependencies
Track Overview
| Track | Name | Agent | Status | Tasks | Sprint |
|---|---|---|---|---|---|
| A | Presentation & Publishing | frontend-react-typescript-expert | Active | 34 | S1-S3 |
| B | Competitive Intelligence & GTM | competitive-analyst | In Progress | 28 (4/28) | S1-S3 |
| C | Technical Foundation | senior-architect | Planned | 41 | S3-S6 |
| D | Compliance & Security | security-specialist | Planned | 33 | S3-S6 |
| E | Operations & Deployment | devops-engineer | Planned | 20 | S5-S7 |
| F | Documentation & Training | codi-documentation-writer | Ongoing | 24 | S3+ |
| G | Revenue & Billing Operations | payment-systems-specialist | Planned | 24 | S5-S7 |
| H | Customer Operations | customer-onboarding | Planned | 24 | S5-S8 |
| I | Sales & Business Development | sales-workflow | Planned | 20 | S4-S7 |
| J | Product Management & Analytics | product-analytics-specialist | Planned | 22 | S6-S8 |
| K | Platform Reliability & Maintenance | sre-on-call-assistant | Planned | 24 | S7-S9 |
| L | Data & Business Intelligence | data-pipeline-specialist | Planned | 22 | S6-S9 |
| M | Security Operations | incident-response-specialist | Planned | 18 | S6-S9 |
| N | Legal & Regulatory Operations | regulatory-change-monitor | Planned | 26 | S5-S8 |
| O | Partner Ecosystem | partner-onboarding | Planned | 19 | S8-S10 |
| P | Accessibility & Internationalization | accessibility-testing-specialist | Planned | 18 | S4-S10 |
| Q | AI & Automation Governance | responsible-ai | Planned | 12 | S8-S10 |
Keyword Index
Track A: Presentation & Publishing Platform
Keywords: viewer, dashboard, markdown, rendering, remark, rehype, unified, publish.json, manifest, navigation, search, MiniSearch, sidebar, breadcrumb, presentation, fullscreen, slides, keyboard, cloud publishing, deploy, Vite, React, Tailwind, NDA, auth, access control, DocumentViewToken, NDARecord, npm package, reusable, multi-project
Sections:
- A.1: Viewer Enhancement — Markdown Rendering
- A.2: Navigation & Search
- A.3: Presentation Mode
- A.4: Cloud Publishing Platform (ADR-195)
- A.5: NDA-Gated Access Control (ADR-196)
- A.6: Multi-Project Reusable Package
Track B: Competitive Intelligence & GTM
Keywords: competitive, market analysis, TAM, SAM, SOM, ICP, customer segmentation, competitor, battlecard, positioning, moat, GTM, go-to-market, revenue, channel, demand generation, content strategy, customer success, expansion, launch plan, metrics, dashboard, prompt 76, prompt 77, prompt 78, reconciliation, artifact update
Sections:
- B.0: Pre-Sprint Document Verification
- B.1: Competitive Market Analysis (Prompt 76)
- B.2: GTM Strategy Generation (Prompt 77)
- B.3: Cross-Artifact Impact Register (Prompt 78)
- B.4: Artifact Reconciliation & Update
Track C: Technical Foundation
Keywords: backend, API, NestJS, Prisma, scaffold, state machine, workflow engine, CAPA, deviation, change control, agent orchestration, AI, LLM, e-signature, cryptography, ECDSA, SHA-256, integration, webhook, ERP, LIMS, MES, REST, GraphQL
Sections:
- C.1: Backend API Scaffold (NestJS/Prisma)
- C.2: State Machine Engine Implementation
- C.3: Agent Orchestration Framework
- C.4: E-Signature & Crypto Foundation
- C.5: Integration & API Layer
Track D: Compliance & Security
Keywords: compliance, FDA, 21 CFR Part 11, HIPAA, SOC 2, audit trail, validation, IQ/OQ/PQ, encryption, access control, RBAC, PHI, BAA, evidence, gap closure, cryptographic, digital signature, pen test, vulnerability, ALCOA+, crypto-shredding, tenant lifecycle, GAMP 5, re-validation
Sections:
- D.1: Critical Gap Closure (Crypto/Signatures)
- D.2: FDA 21 CFR Part 11 Validation
- D.3: HIPAA Security Controls
- D.4: SOC 2 Compliance Implementation
- D.5: Audit Trail & Evidence Package
- D.6: Multi-Tenancy & Tenant Lifecycle
- D.7: Validation Execution & Management
Track E: Operations & Deployment
Keywords: CI/CD, pipeline, GitHub Actions, Docker, container, GKE, Cloud Run, GCP, infrastructure, Terraform, monitoring, observability, Datadog, Prometheus, Grafana, alerting, backup, disaster recovery, RPO, RTO, SLA, failover, chaos engineering, runbook
Sections:
- E.1: CI/CD Pipeline
- E.2: Infrastructure (GKE/Cloud Run)
- E.3: Monitoring & Observability
- E.4: Backup & Disaster Recovery
- E.5: DR Validation & Automation
Track F: Documentation & Training
Keywords: documentation, user guide, admin guide, API docs, OpenAPI, Swagger, compliance docs, validation protocol, training, onboarding, SOPs, work instructions, inventory, artifact, GxP, qualification, competency, training records, refresher
Sections:
- F.1: User Documentation
- F.2: API Documentation
- F.3: Admin & Compliance Docs
- F.4: Training Materials
- F.5: Document Inventory Updates
- F.6: Training Record Management & Qualification
Track G: Revenue & Billing Operations
Keywords: revenue, billing, subscription, pricing, tier, invoicing, Stripe, payment, metering, usage, overage, MRR, ARR, NRR, ASC 606, deferred revenue, proration, dunning, PCI DSS, quote, CPQ, churn, gross margin
Sections:
- G.1: Subscription Management
- G.2: Pricing Engine & Tier Management
- G.3: Invoicing & Payment Processing
- G.4: Usage Metering & Overage Billing
- G.5: Revenue Recognition & Reporting
Track H: Customer Operations
Keywords: customer, onboarding, TTFV, retention, support, ticketing, SLA, escalation, health score, churn prediction, CSM, NPS, CSAT, portal, self-service, API key, notification, email, changelog, knowledge base
Sections:
- H.1: Customer Onboarding Workflow
- H.2: Support Ticketing System
- H.3: Customer Success & Health Scoring
- H.4: Customer Portal & Self-Service
- H.5: Customer Communication Engine
Track I: Sales & Business Development
Keywords: sales, CRM, HubSpot, Salesforce, pipeline, lead scoring, MQL, SQL, forecast, battlecard, ROI calculator, demo, case study, compliance assessment, gap analysis, proposal, CPQ, e-signature, DocuSign, contract, partner, channel, co-selling
Sections:
- I.1: CRM & Pipeline Management
- I.2: Sales Enablement & Collateral
- I.3: Compliance Assessment Tool
- I.4: Proposal & Contract Automation
- I.5: Partner Channel Management
Track J: Product Management & Analytics
Keywords: product, telemetry, analytics, event tracking, BigQuery, ClickHouse, Pub/Sub, cohort, retention, segmentation, DAU, MAU, stickiness, A/B testing, experimentation, feature flag, guardrail, NPS, CSAT, roadmap, feedback, voting
Sections:
- J.1: Product Telemetry Infrastructure
- J.2: Feature Analytics & Adoption
- J.3: WO Analytics Dashboard
- J.4: A/B Testing & Experimentation
- J.5: Feedback & Roadmap Management
Track K: Platform Reliability & Maintenance
Keywords: SLA, SLO, SLI, error budget, incident, SEV1, SEV2, on-call, escalation, postmortem, MTTR, MTTD, runbook, patching, dependency, Dependabot, Renovate, Snyk, performance, load testing, chaos engineering, Litmus, GameDay, resilience, DR, multi-site, hub-and-spoke, batch traceability
Sections:
- K.1: SLA Management & Error Budgets
- K.2: Incident Management Process
- K.3: Patch & Dependency Management
- K.4: Performance Testing & Optimization
- K.5: Chaos Engineering & Resilience
- K.6: Multi-Site Coordination
Track L: Data & Business Intelligence
Keywords: data warehouse, BigQuery, star schema, CDC, Debezium, data lake, Parquet, GCS, ETL, ELT, dbt, Airflow, pipeline, BI, dashboard, Tableau, PowerBI, data governance, data quality, PII, retention, regulatory reporting, FDA evidence, HIPAA reporting, SOC 2 evidence
Sections:
- L.1: Data Warehouse Architecture
- L.2: ETL/ELT Pipeline
- L.3: BI Dashboards & Reporting
- L.4: Data Governance & Quality
- L.5: Regulatory Reporting Automation
Track M: Security Operations
Keywords: SAST, DAST, SCA, Semgrep, CodeQL, OWASP ZAP, Snyk, vulnerability, CVE, CVSS, pentest, SIEM, Splunk, threat detection, secrets, Vault, KMS, HSM, key rotation, incident response, forensics, breach notification
Sections:
- M.1: Application Security Pipeline
- M.2: Vulnerability Management
- M.3: Security Incident Response
- M.4: Secrets & Key Management
- M.5: Security Monitoring & Detection
Track N: Legal & Regulatory Operations
Keywords: terms of service, privacy policy, acceptable use, GDPR, CCPA, DSR, data subject, consent, DPIA, cookie, cross-border, SCC, contract, MSA, BAA, NDA, DPA, regulatory intelligence, FDA, EMA, MHRA, SBOM, license compliance, vendor risk, IP, patent
Sections:
- N.1: Terms of Service & Privacy Policy
- N.2: GDPR/CCPA Compliance Engine
- N.3: Contract Lifecycle Management
- N.4: Regulatory Change Monitoring
- N.5: IP & Vendor Compliance
Track O: Partner Ecosystem
Keywords: partner, Silver, Gold, Platinum, tier, certification, deal registration, channel, marketplace, integration, ERP, LIMS, CMMS, SAP, Oracle, developer portal, SDK, TypeScript SDK, Python SDK, API key, webhook, hackathon, co-selling, MDF, JBR
Sections:
- O.1: Partner Program Foundation
- O.2: Integration Marketplace
- O.3: Developer API & SDK
- O.4: Partner Analytics & Operations
Track Q: AI & Automation Governance
Keywords: AI governance, responsible AI, model versioning, bias audit, explainability, LIME, SHAP, model risk, FDA SAMD, AI testing, A/B testing, human-in-loop, agent monitoring, prompt versioning, automation policy, approval workflow, risk-based
Sections:
- Q.1: AI Model Governance Framework
- Q.2: AI Testing & Validation
- Q.3: Automation Risk Management
Track P: Accessibility & Internationalization
Keywords: accessibility, WCAG 2.1, a11y, ARIA, screen reader, keyboard navigation, contrast, focus indicator, i18n, internationalization, l10n, localization, ICU MessageFormat, RTL, bidirectional, Crowdin, Lokalise, locale, translation, data residency, multi-region, GDPR region
Sections:
- P.1: WCAG 2.1 AA Compliance
- P.2: Internationalization (i18n) Framework
- P.3: Localization (l10n) Pipeline
- P.4: Regional Data Residency
- P.5: Accessibility Testing Automation
Cross-Track Dependencies
| Dependency | From | To | Description |
|---|---|---|---|
| Viewer foundation | A.1 | A.2, A.3, P.1 | Markdown rendering before nav/search/a11y |
| Cloud platform | A.4 | A.5 | Deploy before auth |
| Competitive data | B.1 | B.2, I.2 | Market analysis before GTM and sales collateral |
| Backend scaffold | C.1 | C.2-C.5, G.1, H.1-H.2, J.1, N.2 | API framework before all backend features |
| State machine | C.2 | J.3 | WO engine before WO analytics |
| Integrations | C.5 | O.2, O.3 | Integration layer before marketplace/SDK |
| Crypto foundation | D.1 | C.4, M.4 | Gap closure before e-sig and secrets mgmt |
| HIPAA controls | D.3 | N.2, N.3 | HIPAA before GDPR engine and BAA management |
| CI/CD pipeline | E.1 | M.1, K.3 | Pipeline before security scanning and patching |
| Infrastructure | E.2 | K.1, L.1, P.4 | GCP before SLA monitoring, data warehouse, regions |
| Monitoring | E.3 | K.1-K.2, M.3 | Observability before SLA/incident management |
| Subscriptions | G.1 | G.2-G.5, H.3 | Subscription model before pricing/billing/health |
| Payments | G.3 | H.4, I.4 | Payment processing before billing portal/contracts |
| CRM | I.1 | I.3-I.5, H.3 | CRM before assessment tool, proposals, partner mgmt |
| Telemetry | J.1 | J.2-J.4 | Event tracking before analytics/experimentation |
| Partner program | I.5, O.1 | O.2-O.4 | Foundation before marketplace/SDK/analytics |
| i18n framework | P.2 | P.3, P.4 | i18n before localization and regional data |
| AI governance | Q.1 | Q.2-Q.3 | Model governance before AI testing/risk mgmt |
| Agent framework | C.3 | Q.1 | Agent orchestration before AI governance |
| Data warehouse | L.1 | Q.2 | Warehouse before AI model monitoring data |
| Validation | D.7 | Q.2 | Validation framework before AI validation |
| Tenant lifecycle | D.6 | H.1, G.1 | Tenant provisioning before onboarding/billing |
| DR automation | E.5 | K.5 | DR validation before chaos engineering |
| Training records | F.6 | D.2 | Training records for Part 11 compliance |
| Multi-site | K.6 | O.1 | Site management before partner coordination |
| All tracks | * | F.* | Documentation continuous across all work |
Intra-Track Dependencies
Added v3.1: These dependencies exist within individual TRACK files and must be respected during sprint planning.
| Track | From | To | Description |
|---|---|---|---|
| A | A.1 | A.2, A.3 | Viewer rendering before nav/search and presentation |
| A | A.1-A.3 | A.4 | Local features before cloud publishing |
| A | A.4 | A.5 | Cloud deploy before NDA-gated auth |
| A | A.1-A.5 | A.6 | All features before multi-project packaging |
| B | B.0 | B.1-B.4 | Document verification before execution |
| B | B.1 | B.2 | Competitive data before GTM strategy |
| B | B.1, B.2 | B.3 | Analysis before impact register |
| B | B.1-B.3 | B.4 | All analysis before reconciliation |
| C | C.1 | C.2, C.3, C.5 | Backend scaffold before features |
| C | C.1, C.2 | C.3 | Backend + state machine before agents |
| C | C.1-C.4 | C.5 | Core features before integrations |
| D | D.1 | D.2 | Crypto gap closure before FDA validation |
| D | D.3 | D.4 | HIPAA before SOC 2 |
| D | D.2-D.4 | D.5 | Compliance controls before audit trail |
| D | D.3 | D.6 | HIPAA before tenant lifecycle |
| D | D.2 | D.7 | FDA validation before validation execution |
| E | E.1 | E.2 | CI/CD before infrastructure |
| E | E.2 | E.3, E.4 | Infra before monitoring and DR |
| E | E.4 | E.5 | DR before DR validation/automation |
| F | F.1-F.3 | F.4 | Docs before training materials |
| F | F.4 | F.6 | Training before training records/qualification |
| G | G.1 | G.2 | Subscriptions before pricing engine |
| G | G.1, G.2 | G.3 | Sub + pricing before invoicing/payment |
| G | G.3 | G.4 | Payments before usage metering |
| G | G.3, G.4 | G.5 | Revenue flows before recognition/reporting |
| H | H.1, H.2 | H.3 | Onboarding + support before health scoring |
| H | H.1-H.4 | H.5 | All ops before communication engine |
| I | I.1 | I.4 | CRM before proposals/contracts |
| I | I.1 | I.5 | CRM before partner channel |
| J | J.1 | J.2, J.3, J.4 | Telemetry before analytics/A-B testing |
| K | K.1 | K.6 | SLA management before multi-site |
| K | K.1-K.4 | K.5 | All reliability before chaos engineering |
| L | L.1 | L.2 | Data warehouse before ETL pipelines |
| L | L.1, L.2 | L.3 | Warehouse + ETL before BI dashboards |
| L | L.1 | L.4 | Warehouse before data governance |
| L | L.2, L.3 | L.5 | Pipelines + dashboards before regulatory reporting |
| M | M.1 | M.2, M.3 | AppSec pipeline before vuln mgmt and IR |
| M | M.2, M.3 | M.5 | Vuln mgmt + IR before security monitoring |
| N | N.2-N.4 | N.4 | GDPR/contracts before regulatory monitoring |
| O | O.1 | O.2 | Partner program before marketplace |
| O | O.1-O.3 | O.4 | Program + marketplace + SDK before analytics |
| P | P.2 | P.3 | i18n framework before localization |
| P | P.1 | P.5 | WCAG audit before a11y test automation |
| Q | Q.1 | Q.2, Q.3 | AI governance before testing/risk mgmt |
Sprint Dependency Map
Per-sprint dependency verification. Each section's
Depends Onis cross-referenced against sprint assignments to verify all prerequisites are satisfied before the section's sprint begins.Legend: ✅ = dependency in earlier sprint | ⚠️ = dependency in same sprint (sequence matters) | ❌ = dependency in LATER sprint (violation)
S1 (Weeks 1-2): Presentation + Doc Verification
| Section | Depends On | Dep Sprint | Status |
|---|---|---|---|
| A.1 | None | — | ✅ |
| A.2 | A.1 | S1 | ⚠️ |
| A.3 | A.1 | S1 | ⚠️ |
| B.0 | None | — | ✅ |
Sequencing: A.1 must complete before A.2 and A.3 can start. B.0 is independent.
S2 (Weeks 3-4): Cloud Publishing + Competitive Analysis
| Section | Depends On | Dep Sprint | Status |
|---|---|---|---|
| A.4 | A.1-A.3 | S1 | ✅ |
| B.1 | None | — | ✅ |
| B.2 (start) | B.1 | S2 | ⚠️ |
Sequencing: B.1 competitive analysis must produce artifacts before B.2 GTM can begin.
S3 (Weeks 5-6): Auth + GTM + Foundation Start
| Section | Depends On | Dep Sprint | Status |
|---|---|---|---|
| A.5 | A.4 | S2 | ✅ |
| A.6 | A.1-A.5 | S1-S2 | ✅ |
| B.3 | B.1, B.2 | S2, S2-S3 | ⚠️ |
| B.4 | B.1-B.3 | S2-S3 | ⚠️ |
| C.1 (start) | None | — | ✅ |
| D.1 | None | — | ✅ |
Sequencing: B.3 and B.4 depend on B.2 completing within this sprint. C.1 and D.1 are independent entry points.
S4 (Weeks 7-8): Backend Core + Sales Enablement
| Section | Depends On | Dep Sprint | Status |
|---|---|---|---|
| C.1-C.2 | C.1 (S3-S4) | S3 | ✅ |
| C.4 | C.1, D.1 | S3-S4, S3 | ✅ |
| D.2 | C.1, C.4, D.1 | S3-S4, S4, S3 | ⚠️ |
| I.1 | None (external tool) | — | ✅ |
| I.2 | B.1, B.2 | S2, S2-S3 | ✅ |
| P.1 | A.1, C.1 | S1, S3-S4 | ✅ |
Sequencing: D.2 needs C.4 from same sprint. C.4 should complete before D.2 starts.
S5 (Weeks 9-10): Agents + Integrations + Billing
| Section | Depends On | Dep Sprint | Status |
|---|---|---|---|
| C.3 | C.1, C.2 | S3-S4, S4 | ✅ |
| C.5 (core) | C.1-C.4 | S3-S4 | ✅ |
| D.3 | C.1 | S3-S4 | ✅ |
| D.6 | C.1, D.3 | S3-S4, S5 | ⚠️ |
| G.1 | C.1 | S3-S4 | ✅ |
| G.2 | G.1 | S5 | ⚠️ |
| H.1 | C.1, C.5 | S3-S4, S5 | ⚠️ |
| N.1 | None | — | ✅ |
Sequencing: D.6 needs D.3 (same sprint). G.2 needs G.1 (same sprint). H.1 needs C.5 core (same sprint). Three intra-sprint chains — schedule D.3→D.6, G.1→G.2, C.5→H.1.
S6 (Weeks 11-12): Ops + Payments + Data Warehouse
| Section | Depends On | Dep Sprint | Status |
|---|---|---|---|
| C.5 (healthcare) | C.1-C.4 | S3-S4 | ✅ |
| D.4 | C.1, D.3 | S3-S4, S5 | ✅ |
| D.7 | D.2 | S4-S5 | ✅ |
| E.1 | C.1 | S3-S4 | ✅ |
| E.2 | E.1 | S6 | ⚠️ |
| G.3 | G.1, G.2 | S5, S5 | ✅ |
| H.2 | C.1 | S3-S4 | ✅ |
| I.3 | C.1, D.1 | S3-S4, S3 | ✅ |
| J.1 | C.1 | S3-S4 | ✅ |
| L.1 | C.1, E.2 | S3-S4, S6 | ⚠️ |
| M.1 | E.1 | S6 | ⚠️ |
| M.4 | D.1, E.2 | S3, S6 | ⚠️ |
| N.2 | C.1, D.3 | S3-S4, S5 | ✅ |
| P.2 | C.1 | S3-S4 | ✅ |
No violations. K.1 and N.3 moved to S7 in v3.2.
Sequencing: E.1→E.2, E.1→M.1, E.2→L.1, E.2→M.4. Heavy intra-sprint dependency chain on E.1/E.2.
S7 (Weeks 13-14): Analytics + Monitoring + Reliability
| Section | Depends On | Dep Sprint | Status |
|---|---|---|---|
| D.5 | D.2-D.4 | S4-S6 | ✅ |
| E.3 | E.2 | S6 | ✅ |
| E.4 | E.2 | S6 | ✅ |
| E.5 | E.4 | S7 | ⚠️ |
| G.4 | C.1, G.3 | S3-S4, S6 | ✅ |
| G.5 | G.3, G.4 | S6, S7 | ⚠️ |
| H.3 | H.1, H.2, G.1 | S5, S6, S5 | ✅ |
| I.4 | G.2, I.1 | S5, S4-S5 | ✅ |
| I.5 | I.1, G.1 | S4-S5, S5 | ✅ |
| J.2 | J.1 | S6 | ✅ |
| J.3 | C.2, J.1 | S4, S6 | ✅ |
| K.1 | E.3 | S7 | ⚠️ |
| K.2 | E.3 | S7 | ⚠️ |
| L.2 | L.1 | S6 | ✅ |
| M.3 | M.1, E.3 | S6, S7 | ⚠️ |
| N.3 | I.4 | S7 | ⚠️ |
| N.4 | D.2-D.4 | S4-S6 | ✅ |
No violations. K.1 and N.3 moved here from S6 in v3.2; F.6 moved to S8 in v3.2.
Sequencing: E.4→E.5, E.3→K.1, E.3→K.2, E.3→M.3, G.4→G.5, I.4→N.3. Multiple chains off E.3 — complete early in sprint.
S8 (Weeks 15-16): Docs + BI + Marketplace + AI Governance
| Section | Depends On | Dep Sprint | Status |
|---|---|---|---|
| F.1 | A.1-A.3, C.1-C.2 | S1, S3-S4 | ✅ |
| F.2 | C.1, C.5 | S3-S4, S5-S6 | ✅ |
| F.3 | D.2-D.5 | S4-S7 | ✅ |
| F.4 | F.1-F.3 | S8 | ⚠️ |
| F.6 | F.4, C.1 | S8, S3-S4 | ⚠️ |
| H.4 | C.1, G.3 | S3-S4, S6 | ✅ |
| H.5 | H.1-H.4 | S5-S8 | ⚠️ |
| J.4 | J.1 | S6 | ✅ |
| K.4 | C.1, E.2 | S3-S4, S6 | ✅ |
| K.6 | K.1, E.2 | S7, S6 | ✅ |
| L.3 | L.1, L.2 | S6, S7 | ✅ |
| L.4 | L.1 | S6 | ✅ |
| O.1 | I.5 | S7 | ✅ |
| O.2 | C.5, O.1 | S5-S6, S8 | ⚠️ |
| P.3 | P.2 | S6 | ✅ |
| P.4 | E.2, N.2 | S6, S6 | ✅ |
| Q.1 | C.3 | S5 | ✅ |
No violations. F.6 moved here from S7 in v3.2.
Sequencing: F.1→F.2→F.3→F.4→F.6 is a 5-step chain within S8. H.4→H.5. O.1→O.2. Start F-chain and O-chain early.
S9 (Weeks 17-18): Patching + Resilience + Vulnerability
| Section | Depends On | Dep Sprint | Status |
|---|---|---|---|
| K.3 | E.1 | S6 | ✅ |
| K.5 | K.1-K.4 | S6-S8 | ✅ |
| L.5 | L.2, L.3 | S7, S8 | ✅ |
| M.2 | M.1 | S6 | ✅ |
| N.5 | None | — | ✅ |
| O.3 | C.5, F.2 | S5-S6, S8 | ✅ |
| Q.2 | Q.1, C.3 | S8, S5 | ✅ |
No violations. All dependencies satisfied from earlier sprints.
S10 (Weeks 19-20): Final Polish
| Section | Depends On | Dep Sprint | Status |
|---|---|---|---|
| F.5 | All tracks | Ongoing | ✅ |
| J.5 | C.1 | S3-S4 | ✅ |
| M.5 | M.2, M.3 | S9, S7 | ✅ |
| O.4 | O.1-O.3 | S8-S9 | ✅ |
| P.5 | P.1 | S4 | ✅ |
| Q.3 | Q.1, L.1-L.2, C.3 | S8, S6-S7, S5 | ✅ |
No violations. All dependencies satisfied.
Dependency Violations Summary (v3.2 — All Resolved)
| # | Section | Was | Dep | Dep Sprint | Fix | Status |
|---|---|---|---|---|---|---|
| 1 | K.1 | S6 | E.3 | S7 | Moved K.1 to S7 | ✅ Fixed |
| 2 | N.3 | S6 | I.4 | S7 | Moved N.3 to S7 | ✅ Fixed |
| 3 | F.6 | S7 | F.4 | S8 | Moved F.6 to S8 | ✅ Fixed |
v3.2 result: Zero dependency violations remaining. All 89 sections have dependencies satisfied by earlier or same-sprint sections. Load impact: S6: 42→33 (-9), S7: 30→35 (+5), S8: 34→38 (+4). Max sprint: S8 at 38 tasks. Range: 12-38.
Sprint Allocation (10 Sprints, 20 Weeks)
Rebalanced v3.2: Dependency-verified sprint plan. v3.2 fixed 3 forward-reference violations from v3.1: K.1 S6→S7, N.3 S6→S7, F.6 S7→S8. All 89 sections now have dependencies satisfied by earlier or same-sprint sections. Zero violations remaining. Sprint range: 12-38 tasks (max S8). Original v2 max was 32 (S7). Peak S6 reduced from 42→33.
| Sprint | Weeks | Sections | Est. Tasks | Goal |
|---|---|---|---|---|
| S1 | 1-2 | A.1, A.2, A.3, B.0 | ~19 | Presentation-grade local website + doc verification |
| S2 | 3-4 | A.4, B.1, B.2 (start) | ~12 | Cloud publishing + competitive analysis |
| S3 | 5-6 | A.5, A.6, B.2-B.4, C.1 (start), D.1 | ~22 | Auth + GTM + foundation start |
| S4 | 7-8 | C.1-C.2, C.4, D.2, I.1-I.2, P.1 | ~24 | Backend core + sales enablement + a11y audit |
| S5 | 9-10 | C.3, C.5 (core), D.3, D.6, G.1-G.2, H.1, N.1 | ~38 | Agents + integrations + billing + tenant lifecycle |
| S6 | 11-12 | C.5 (healthcare), D.4, D.7, E.1-E.2, G.3, H.2, I.3, J.1, L.1, M.1, M.4, N.2, P.2 | ~33 | Ops + payments + data warehouse + pipelines |
| S7 | 13-14 | D.5, E.3-E.5, G.4-G.5, H.3, I.4-I.5, J.2-J.3, K.1-K.2, L.2, M.3, N.3-N.4 | ~35 | Analytics + monitoring + SLA + contracts + reliability |
| S8 | 15-16 | F.1-F.4, F.6, H.4-H.5, J.4, K.4, K.6, L.3-L.4, O.1-O.2, P.3-P.4, Q.1 | ~38 | Docs + training + BI + marketplace + AI governance |
| S9 | 17-18 | K.3, K.5, L.5, M.2, N.5, O.3, Q.2 | ~29 | Patching + resilience + vulnerability + vendor + SDK |
| S10 | 19-20 | F.5, J.5, M.5, O.4, P.5, Q.3 | ~14 | Final: security monitoring + feedback + partner ops + a11y |
Sprint Load Analysis
| Sprint | Original (v2) | v3.0 | v3.1 | v3.2 | Notes |
|---|---|---|---|---|---|
| S1 | 15 | 15 | 19 | 19 | B.0 doc verification |
| S2 | 12 | 12 | 12 | 12 | Unchanged |
| S3 | 22 | 22 | 22 | 22 | Unchanged |
| S4 | 20 | 24 | 24 | 24 | C.2 change governance |
| S5 | 28 | 38 | 38 | 38 | D.6 tenant lifecycle |
| S6 | 24 | 42 | 42 | 33 | v3.2: K.1, N.3 out (dep violations) |
| S7 | 32 | 38 | 30 | 35 | v3.2: K.1, N.3 in; F.6 out |
| S8 | 24 | 42 | 34 | 38 | v3.2: F.6 in |
| S9 | 12 | 16 | 29 | 29 | Unchanged from v3.1 |
| S10 | 7 | 11 | 14 | 14 | Unchanged from v3.1 |
v3.0 rebalancing moves (from v2):
- K.1 (SLA Management): S7→S6 — only needs E.3, available in S6
- L.1 (Data Warehouse): S7→S6 — only needs E.2, available in S6
- N.3 (Contracts): S7→S6 — contract templates independent
- O.1 (Partner Foundation): S7→S8 — low priority, no S7 dependents
- C.5 split: core (C.5.1-C.5.6) in S5, healthcare (C.5.7-C.5.10) in S6
v3.1 rebalancing moves (from v3.0):
- K.3 (Patch & Dependency): S7→S9 — depends on E.1 (S5), no S7 dependents
- M.2 (Vulnerability Mgmt): S7→S9 — depends on M.1 (S6), no S7 dependents
- M.5 (Security Monitoring): S8→S10 — depends on M.2/M.3 (S9/S7-S8)
- N.5 (IP & Vendor Compliance): S8→S9 — no blocking deps
v3.2 dependency violation fixes (from v3.1):
- K.1 (SLA Management): S6→S7 — depends on E.3 (S7), was forward-referencing
- N.3 (Contract Lifecycle): S6→S7 — depends on I.4 (S7), was forward-referencing
- F.6 (Training Records): S7→S8 — depends on F.4 (S8), was forward-referencing
- Result: Zero dependency violations. Max sprint: S8 at 38 tasks. Range: 12-38 (was 12-42)
Compliance: CODITECT Track Nomenclature Standard (ADR-054)