DIT Digital Services Guidelines

Appearance

Acceptance

A software release is considered accepted only after it successfully passes all required validation stages and receives formal approval from the designated authorities. No software may be deployed to production without full acceptance.

1. Functional Acceptance

The system must satisfy all functional requirements defined by:

  • The Business Intelligence & Requirement Analysis Team
  • The Software Specification Document (SSD)
  • Approved change requests and additional requirements

Functional acceptance requires:

  • All user stories completed
  • All acceptance criteria met
  • No open high- or critical-severity defects
  • Medium-severity defects approved for postponement (if any)

2. Quality Assurance Acceptance

The QA team must issue a Final QA Acceptance Report, which includes:

  • Complete test execution results
  • Regression test validation
  • Performance test outcomes (if applicable)
  • Security test and vulnerability scan results
  • Verification of environment parity (dev → staging → prod)
  • Confirmation that the system meets release-quality standards

Acceptance cannot proceed if any blocking or critical issues remain unresolved.

3. DevOps Acceptance

Before a release is considered acceptable for deployment:

  • All GitOps changes must validate successfully
  • Kubernetes manifests, Helm charts, and infrastructure configurations must pass review
  • Secrets, config maps, queues, and database migrations must be validated
  • Monitoring, alerting, and logging dashboards must be confirmed operational
  • Rollback procedures must be tested and documented for the release

The Head of DevOps must confirm that the software can be safely deployed and operated.

4. Security & Compliance Acceptance

If applicable:

  • Penetration testing results
  • Security/privacy assessments
  • Compliance checks (RBAC, data retention, encryption requirements, etc.)
  • OWASP, API security, and dependency vulnerability checks

No release is acceptable with open high-risk security findings.

5. Business Acceptance

Business stakeholders must:

  • Validate key workflows
  • Confirm readiness for use in real-world operations
  • Approve any UI/UX-critical flows
  • Sign off on any functional assumptions or workflow clarifications

This is typically handled by the responsible ministry or entity using the system.

6. Final Approval

A release is officially accepted only after all of the following parties approve:

  1. Head of Digital Development
  2. Head of DevOps
  3. QA Team Lead
  4. (When applicable) The Business Owner or ministry representative

Once accepted, the software may be scheduled for production deployment through GitHub Releases and GitOps workflows.