Avionics Software Certification (DO-178C)
Zero-failure programs where certification, partners, and supply chains must execute against gated evidence.
Inside this journey
-
Customer Discovery
Capture program timelines, DAL targets, current structural coverage gaps, DER interactions, and procurement/legal constraints.
Discovery Questions
Tell Us About Your Program — Start Wherever Feels Right
- Which program or product line should we use for context in this discovery?
- What’s your target certification standard and level (e.g., DO-178C DAL)?
- Roughly where are you on the program timeline today?
- Who should be on the short list of internal stakeholders we may speak with (names or roles)?
- Give one quick example of a certification-related headache you’re dealing with right now (a short story, please).
Are You Comfortable Betting Certification on 'Good Enough'?
- How confident do you feel that your current evidence set will satisfy your DER and the certification authority?
- Where do you sense the biggest blind spots in your evidence—structural coverage, traceability, tool qualification, or something else?
- How long have these blind spots been affecting your program schedule and team morale?
- Tell us about a recent moment when certification uncertainty forced a costly decision or delay—what happened and what did it feel like for the team?
- If an outside vendor promised to remove months from your certification path, what would you need to see or hear to believe them?
What's Actually Breaking the Timeline?
- Which of these is currently the single biggest schedule risk for your path to certification?
- How frequently do DER comments or regulator questions generate rework on your verification artifacts?
- Which toolchains and test benches are you currently using (list product names and versions where possible)?
- Describe the structural coverage numbers you’re seeing today (statement/decision/MC/DC) and where the shortfalls are.
- When coverage gaps appear, how do you typically try to close them—manual review, extra tests, refactor, or other?
- Which past fixes had the biggest impact on schedule (positive or negative)? Tell us one story and its lesson.
Who Holds the Keys — People, Tools, and Gatekeepers
- Who currently owns tool qualification and certification liaison activities inside your org?
- How would you describe your team's familiarity with DO-178C tool qualification and regulator expectations?
- Which external reviewers or gatekeepers will the certification evidence need to convince (e.g., DER, FAA office, EASA office)?
- What procurement or legal constraints might affect how we can deliver tools or on‑site services (IP restrictions, license terms, export controls, Purchase Order types)?
- How easy is it for us to get access to your environments and artifacts for qualification runs (code repos, test benches, toolchains)?
- Who would be the day‑to‑day contact for on‑site consultants if we move forward?
When Regulators Say 'Show Me', What Do We Have?
- If asked today, how complete are your Tool Qualification artifacts (TORs, TQPs, tests, user manuals)?
- How often have regulators or DERs pushed back specifically on tool qualification documentation in your history?
- What kinds of evidence do you lack right now for regulator confidence (automated logs, coverage reports, execution records, traceability matrices)?
- Have you previously used pre‑qualified tools or qualification kits accepted by FAA/EASA? If yes, which ones and what was the outcome?
- Tell us about the last regulator interaction that surprised you—what was asked for that you didn’t expect?
- If we provided a pre‑built qualification kit with regulator-facing artifacts, what would need to change in your internal review process to adopt it?
If We Could Snap Our Fingers — What Success Would Actually Feel Like?
- Imagine certification goes exactly as planned—what concrete milestones came first, and how did the team feel when it was over?
- Which outcomes would deliver measurable program value (time saved to certification, reduced rework, audit acceptance rate, reduced contractor hours)?
- What internal KPIs would you use to judge whether a tooling and services partner succeeded?
- How would success change your organization beyond certification—hiring, reuse across programs, or market confidence?
- What’s the one thing you’d most want to avoid even if certification success was guaranteed (e.g., loss of control, vendor lock‑in, long onboarding)?
What Would Make Saying Yes Easy — Practical Constraints and Next Steps
- What procurement or contracting timeline do we need to meet to start work when you expect—are there internal deadlines we must hit?
- Which commercial models would your team prefer for tools and on‑site consulting?
- What legal or IP terms would be a hard stop for you (e.g., source escrow, indemnity limits, export constraints)?
- If we proposed a short pilot (30–60 days) to demonstrate tool qualification and coverage improvements, what success criteria would you demand before expanding the engagement?
- Who in procurement and legal needs to be involved in the next conversation, and what are their main concerns?
- Realistically, when could we schedule a working session to review artifacts and run a small qualification test?
-
Solution Experience
Use the customer’s artifacts and failure modes to show how our pre‑qualified tools and DER‑aligned services close evidence gaps and shorten certification timelines.
Experience Meetings
- Solution Experience Intake
- Failure‑Mode & Evidence Gap Workshop
- Proof‑of‑Concept Plan & Success Criteria
- Live Qualification Simulation (Controlled Run)
- Validation & DER/Regulator Prep Review
- Secure immediate validation responses from customer and DER (confirm acceptance or list specific gaps).
- Assign responsibilities, environments, and timelines for the POC execution.
- Confirm DER checkpoints and acceptance criteria required for regulator buy‑in.
- Lock a decision threshold for proceeding to a full deployment engagement based on POC outcomes.
- Seller to deliver final POC runbook, schedule, and success criteria document.
- Customer to provision required environments and test benches per the runbook.
- Customer to confirm DER participant(s) and their availability for checkpoints.
- Both parties to agree on the measurement method for time savings and coverage improvement.
- Setup & Pre‑checks
- Produce a complete evidence package for the targeted gaps that can be reviewed by DERs/regulators.
- Demonstrate measurable improvement toward the one‑sentence future state (coverage, time estimate reduction).
- Introductions & Objectives
- Seller to deliver the evidence bundle (qualification kit, logs, coverage reports, trace matrices) and a short run report within 24 hours.
- Customer to perform an initial review and provide DER feedback or acceptance comments within 3 business days.
- If acceptance incomplete, both parties to schedule a remediation run and assign owners for each open item.
- Present Evidence Package & Traceability
- Obtain DER preliminary acceptance or a clearly scoped remediation plan with owners and timelines.
- Agree the next commercial and operational steps to transition from POC to deployment.
- Document and schedule remediation runs or follow‑up validations as required.
- Secure commitment to a Deployment Enablement kickoff date or conditional approval criteria.
- Customer/DER to provide written preliminary acceptance or a remediation list within 5 business days.
- Seller to update the qualification kit and produce any extra artifacts required by DER comments.
- Seller and customer to finalize SOW amendments and schedule the Deployment Enablement kickoff.
- Both parties to capture lessons learned from the POC and feed them into the project risk register.
- Capture and agree a one‑sentence current state that will drive the experience.
- Surface and quantify the immediate program consequences of the current state.
- Define and record a single‑sentence future state/outcome the experience must prove.
- Obtain access commitments and an artifact inventory to run targeted proofs.
- Customer to provide named access to artifacts (code, tests, existing coverage reports, tool logs) within 48 hours.
- Customer to supply program timeline, DAL targets, and DER contact details.
- Seller to draft a short POC runbook and share required environments and credentials checklist.
- Schedule the Failure‑Mode & Evidence Gap Workshop with all technical and certification stakeholders.
- Recap One‑Sentence Current State & Consequence
- Produce a prioritized list of failure modes tied to explicit evidence gaps.
- Attach measurable consequences (time/cost/regulator risk) to each gap.
- Agree which gaps will be proven in the live proof runs and which tools/services will be used.
- Secure DER involvement plan or checkpoints for the upcoming proof.
- Customer to mark and package the specific artifacts selected for the proof runs (modules, tests, harnesses).
- Seller to produce a gap‑to‑tool mapping document showing exactly which qualification kit artifacts will be used for each gap.
- Assign owners and deadlines for each high‑priority gap remediation step.
- Customer to confirm DER availability for checkpoint(s) during the live run.
- Reconfirm One‑Sentence Future State
- Agree a measurable POC that, if successful, proves the future state and quantifies schedule reduction.
- Failure‑Mode Walkthrough (Artifact‑Led)
- POC Scope & Deliverables
- One‑Sentence Current State
- Controlled Tool Qualification Run
- DER Acceptance Checklist Review
- Generate & Inspect Evidence Bundle
- Consequence Quantification
- Open Items & Remediation Plan
- Success Criteria & Metrics
- Map Each Failure to Evidence Gap
- Artifact Inventory & Access
- Quantify Impact per Gap
- Execution Plan & Roles
- Deployment & Commercial Next Steps
- Consequence Re‑check (Proof Tie‑Back)
- Sign‑Off & Commitments
- Define One‑Sentence Future State
-
Solution Scope
Define the toolset, qualification kits, consulting engagement, deliverables, on‑site support, and regulator acceptance criteria.
Scope Configuration
- Install and license pre-qualified DO-178C tool suite
- Configure CI integration and automated test pipelines
- Instrument source code for MC/DC, decision, and statement coverage
- Execute automated test campaigns and capture results
- Generate structural coverage reports with traceability evidence
- Deliver Tool Qualification Kit (TOR, TQP, qualification artifacts)
- Integrate requirements-to-code-to-test traceability links
- Deploy hardware-in-the-loop (HIL) or software-in-the-loop (SIL) test harness
- Implement runtime error-detection and safety-logging instrumentation
- Package certification submission artifacts for DER review
- Convert DO-178B artifacts to DO-178C-compliant formats
- Provide on-site certification engineering and DER liaison
Scope Questions
Install and license pre-qualified DO-178C tool suite
- Is installation and licensing of the pre-qualified tool suite required for this program?
- Which Design Assurance Level(s) apply to the software that will use the tools?
- Do you require on-premise installation, cloud-hosted instance, or a hybrid deployment?
- Do you already hold any licenses for our tools (or equivalent) that can be reused?
- If you answered 'Yes' or 'Partial / limited', list existing tool names, versions, and seat counts
- How many concurrent users/seats will require licenses initially?
- Are there procurement or legal constraints we should know (e.g., PO terms, indemnity limits, escrow requirements)?
- If yes, please summarize the procurement/legal constraints
Configure CI integration and automated test pipelines
- Do you want us to configure CI/CD pipelines that run verification and qualification artifacts?
- Which CI systems or orchestration tools are in use or preferred?
- What is your branching and release model (e.g., trunk-based, GitFlow, release branches)?
- Do test pipelines need to run on every commit, nightly, on-demand, or only per milestone?
- Are there artifact storage or security requirements for build and test artifacts (e.g., S3, internal artifactory)?
- If yes, specify artifact storage, retention policy, or access controls required
- Do you require integration of test results into your existing defect tracking or reporting tools?
- Which teams will own CI pipelines (Dev, Verification, DevOps, Other)?
Instrument source code for MC/DC, decision, and statement coverage
- Do you want our team to perform automated instrumentation to capture MC/DC, decision, and statement coverage?
- Which programming languages and compilers are used in the codebase to be instrumented?
- Is full access to source code and the build system available for instrumentation activities?
- Which build systems and toolchains are in use (e.g., Make, CMake, Bazel, proprietary)?
- Are there compiler/linker flags or safety constraints that could prevent instrumentation (e.g., safety-certified compilers, optimization constraints)?
- What MC/DC and structural coverage targets do you require for each DAL (e.g., 100% MC/DC for DAL A)?
- Do you apply coding standards (e.g., MISRA, CERT) that affect instrumentation or reporting?
- If yes, list applicable coding standards and any special handling required
Execute automated test campaigns and capture results
- Should we execute automated test campaigns or enable your CI to run them?
- Which test frameworks or harnesses are used or preferred (unit, integration, system-level)?
- What execution environments will tests run in (host PC, SIL, HIL, target hardware)?
- Do tests require automated test data generation or manual test vectors?
- What is the expected volume of test cases and average execution time per test?
- Should failed tests automatically create tickets or raise alerts in your defect system?
- Who is the owner for test execution runs and triage (Verification lead, Dev lead, DevOps, Other)?
Generate structural coverage reports with traceability evidence
- Do you require automated generation of structural coverage reports for each run or only per milestone?
- Which report formats are required for your workflows or regulators?
- Is traceability from requirements to test cases to coverage required in the report?
- Do regulators or DERs expect any specific evidence packaging or filename conventions?
- Who will be responsible for approving generated coverage reports internally?
- Do you require annotated source-level evidence showing how coverage points map to requirement IDs?
- Are there confidentiality or export-control constraints on sharing coverage artifacts with us or DERs?
Deliver Tool Qualification Kit (TOR, TQP, qualification artifacts)
- Do you need a tailored Tool Qualification Kit (TQK) including TOR and TQP for this program?
- Has your DER or regulator previously accepted our standard qualification artifacts for similar tools?
- Which artifacts do you need included in the kit (select all that apply)?
- Does the TQK need tailoring to program-specific processes, tools, or work products?
- Do you require a walkthrough or presentation of the TQK to your DER or certification authority?
- Are there deadlines for delivering qualification artifacts aligned to certification milestones?
- If yes, provide the target milestone dates for TQK delivery
Integrate requirements-to-code-to-test traceability links
- Do you require automated traceability links from requirements to code and test artifacts?
- Which requirements management or ALM tools do you use (select all that apply)?
- What level of traceability granularity is needed (requirement->test, requirement->code module, statement-level)?
- Do you have existing traceability artifacts that must be preserved or migrated?
- Should traceability links be bi-directional and queryable in your ALM/reporting tools?
- Are there specific requirement identifiers or naming conventions to adhere to?
- If yes, provide examples or the naming convention to follow
Deploy hardware-in-the-loop (HIL) or software-in-the-loop (SIL) test harness
- Do you require HIL, SIL, or both test harness deployments?
- Do you already have HIL racks or SIL environments available on-site?
- Are real-time constraints present that require our team to tune real-time OS or I/O latency?
- Will we need to procure, build, or integrate third-party hardware-in-the-loop components?
- Is physical access to lab facilities and power/network provisioning available for on-site setup?
- Do safety or security clearances restrict who can work on the HIL/SIL systems?
- If integration with avionics buses (ARINC, CAN, MIL-STD) is required, list which buses and interfaces are needed
Implement runtime error-detection and safety-logging instrumentation
- Do you require runtime error detection and safety-logging instrumentation to be implemented?
-
Mutual Commit
Confirm commercial terms, licensing, statement of work, milestones to certification, and legal/DER review responsibilities.
Agreement Modules
- Non-Disclosure Agreement (NDA)
- Master Services Agreement (MSA)
- Statement of Work (SOW)
- Software Licensing Agreement
- Tool Qualification Plan & Deliverables
- Commercial Terms & Pricing Schedule
- Payment Schedule & Milestone Billing
- Milestones to Certification & Acceptance Criteria
- DER / Regulatory Review Responsibilities
- On‑Site Consulting & Resource Assignment
- Change Order & Scope Management
- Data Security, Export Control & DPA
- Liability, Insurance & Indemnity Terms
- Termination, Transition & Source Code Escrow
-
Deployment
Operationalize rollout with readiness checks, enablement, and outcome validation.
-
Pre-Deployment Readiness
Verify access to code, test benches, toolchains, environments, owners, and the presence of required artifacts for tool qualification runs.
Readiness Questions
Getting Started — Tell Us About Your Program
- What is your program name and the primary system or aircraft it supports?
- Which phase best describes where you are today?
- What Design Assurance Level(s) apply to the software on this program?
- Who are the primary stakeholders we should know (roles and teams)? Please list names and roles if possible.
- What is the target certification milestone date (date or milestone name)?
If This Project Misses Its Deadline, What Breaks First?
- If your current timeline slips by three months, what is the most consequential impact for the program or your team?
- Which stakeholders will feel the pressure first and how would they react?
- How often do schedule slips on verification/tool qualification translate into formal contract or supplier impacts for you?
- Describe a recent delay tied to certification evidence generation—what caused it and how was it resolved?
Why Are Coverage Gaps Still There?
- When you look at structural coverage shortfalls today, what's the single biggest reason they persist?
- Which modules or subsystems show the lowest MC/DC or decision coverage right now? Please identify by component or code package.
- Which of the following do you believe contributes most to coverage gaps on your program?
- How long have these coverage issues persisted—weeks, months, or across multiple releases?
- How does encountering coverage gaps make your verification team feel and behave (e.g., firefighting, deprioritizing other tasks)?
Who’s Really Driving Tool Qualification—and Is That Enough?
- Do you have a named owner responsible for tool qualification and DER engagement, and is that owner empowered to make decisions?
- Which tool qualification artifacts do you already have for your primary verification tools?
- Have you previously had a tool qualification submission accepted or rejected by FAA/EASA or a DER? Tell us what happened.
- Who at your organization typically handles DER coordination and regulator callbacks (name/role)?
- What would a successful tool qualification outcome look like to your certification manager and to your DER?
Can You Give Us Access to Code, Labs, and Toolchains—Really?
- If we requested workspace access this week, how confident are you that you could provide code, CI logs, and test benches within 7 days?
- Which of the following environments and artifacts are available and stable for external qualification runs?
- What levels of access can you grant to our engineers (select all that apply)?
- Are there contractual, export control, or NDA constraints we should know about before requesting artifacts?
- Who is the technical gatekeeper for access (name/role) and what is the fastest route to get their approval?
What Would It Feel Like to Remove Months From Certification?
- If evidence generation and tool qualification were accelerated, which single program outcome would you celebrate first?
- How many certification months would be meaningful for your stakeholders to recover?
- Which certification milestones would you prioritize shortening (pick top 3)?
- How will you measure success internally—reduced hours, fewer DER iterations, days to signoff, or something else?
- What internal blockers would still remain even if tooling and evidence were improved (e.g., hiring freezes, frozen budgets)?
What Would Make Our On‑Site Work Seamless?
- What constraints would make it difficult for an external consultant to operate effectively on-site?
- Which engagement rhythm do you prefer for on-site support and training?
- What format of training best helps your engineers become self-sufficient (choose all that apply)?
- Who will be the day-to-day host/sponsor for our consultant while on-site (role and responsibilities)?
- Are there specific KPIs or handoffs you expect at the end of an on-site engagement?
Let’s Align Commercial, Legal, and DER Expectations Upfront
- What commercial constraints make procurement slow or painful for you?
- Are there license terms or IP concerns that have blocked tool procurement in the past?
- Who signs off on cost and scope (name/role), and what is their typical decision horizon?
- Would you want our standard SOW and license terms reviewed before we schedule a commercial discussion?
- What would be a non‑negotiable clause for you in a tool qualification or services contract?
Ready to Commit to Practical Next Steps?
- Given what we’ve discussed, how ready are you to engage our team to run an initial qualification pilot?
- Who must be in the next alignment meeting for things to move forward (list names/roles)?
- What immediate artifacts should we prepare and deliver to you before any on-site work begins? (pick all that apply)
- What is the single biggest blocker that would prevent you from starting a pilot in the next 30 days?
- How do you prefer to continue the conversation? (select primary)
-
Deployment Enablement
Schedule installations, on‑site consultant assignments, training, and the execution plan for qualification and coverage closure activities.
-
Validation Checklist
Run acceptance checks: qualification kit evidence, MC/DC/structural coverage reports, DER signoffs, and regulator submission readiness.
Validation Questions
Starting Where You Are — Quick Program Snapshot
- Tell us in a few sentences what program or product this discovery is about (scope, major features, current phase).
- What is your target certification milestone or delivery date?
- Which Design Assurance Level(s) apply to the software components in scope?
- Who will be our primary technical contact on your team (role/title)?
- Which certification authorities will be involved?
Are You Comfortable With That Risk? — Coverage and Evidence Reality Check
- How confident are you that current structural coverage will satisfy DAL A/B objectives without rework?
- Which coverage metrics are you actively measuring today?
- Where are coverage shortfalls concentrated (specific modules, subsystems, or workflows)? Please give examples.
- How long have those shortfalls existed and what attempts have been made to close them?
- What downstream impacts do these gaps cause (schedule delays, regulator pushback, rework, cost overruns)?
When Pre‑Qualification Isn’t Enough — Tool Qualification and Regulator Pushback
- Have you ever had a tool qualification package rejected or heavily questioned by a DER or certification authority?
- Which parts of your tool qualification artifacts feel weakest or most likely to be challenged?
- Describe a recent example where tool evidence was problematic—what did the regulator/DER ask for and how did it impact your timeline?
- Who internally reviews and approves tool qualification deliverables before regulator submission?
- Which pre‑qualified tools (vendor names) are you currently using or evaluating?
What’s Getting in the Way? — Root Causes of Schedule Friction
- If you had to name the single most common cause of certification delays on this program, what would it be?
- Which of the following have repeatedly caused time loss on your project?
- How often do builds or environment issues block qualification runs?
- How long does it typically take to prepare and run a tool qualification or coverage campaign from 'ready' to deliverable?
- Who gets pulled into firefighting when a certification task stalls, and how does that affect project priorities?
What Would Pressure‑Free Certification Feel Like?
- Imagine DERs sign off with minimal questions — what would change for your team, timeline, or costs?
- Which regulator acceptance behaviors would make you feel confident (document-only approval, on‑site audit passed, informal DER acceptance, prior similar approvals)?
- Which deliverables or artifacts would make your DER comfortable without repeated rework?
- If we could shave X weeks off your schedule, what is the smallest time saving that would make a meaningful difference?
- What worries you emotionally about racing toward certification (stress, reputational risk, resource burnout, contractual penalties)?
Who Needs to Be in the Room — Stakeholders, Legal, and Procurement
- Who are the decision-makers for tool selection and consulting engagement on this program?
- Do you have procurement or licensing constraints that could block using our tools (e.g., audit rights, indemnity, on‑site install restrictions)?
- How long does your legal/procurement group typically take to approve third‑party tool contracts or SOWs?
- Who will be responsible for coordinating DER reviews and regulator submissions on your side?
- Are there internal policies (security, data residency, configuration management) that control how external consultants can work on your systems?
Show Me the Actual Artifacts — Evidence Readiness and Gaps
- Which of these artifact types do you already have for the components in scope?
- Do you maintain automated pipelines that can reproduce coverage runs and qualification evidence?
- Which coverage reports are produced today and at what frequency?
- How complete are your trace links between requirements, tests, and coverage results (percentage estimated)?
- If we asked you to attach three representative artifacts right now (requirements, a coverage report, and a TQP), which ones would you choose and why?
Where Do We Start Together? — Practical First Moves and Pilot Scope
- What would a successful 4–6 week pilot look like to demonstrate our tools and DER‑aligned services on your program?
- Which of these pilot goals would be highest priority?
- What internal resources can you commit to a pilot (engineer days per week, access to test benches, DER time)?
- What would be an acceptable commercial model for the pilot?
- What constraints would prevent you from starting a pilot in the next 30 days?
If We Partnered, What Would Success Require? — Metrics, Buy‑in, and Long‑Term Value
- How will you measure the success of a tooling and consulting engagement (schedule reduction, regulator acceptance, fewer rework cycles, cost savings)?
- What internal KPIs would need to improve to justify continuing beyond a pilot?
- What level of DER involvement would you want us to provide or coordinate (on‑call, part‑time review, full DER engagement)?
- What commercial or procurement concessions would make it easy for your legal team to approve our tools and services?
- What is your preferred long‑term support model post‑certification (maintenance subscription, annual audits, ad‑hoc consulting)?
Decision Rhythm — How Fast and How Often Should We Talk?
- What cadence for status and evidence reviews would keep momentum without overwhelming your team?
- How do you prefer evidence to be presented for regulator/DER review?
- Who must approve the commercial proposal before we can start work, and what sign‑off criteria will they use?
- When do you need a detailed proposal or SOW from us to meet your internal decision timelines?
- Who else should we involve from your side for next steps (names, roles, or teams)?
-
-
Success
Confirm certification milestones met, capture lessons, and maintain a shared channel for issues and enhancement requests.
Success Reviews
- Certification Closeout Review
- Lessons Learned Workshop
- Post-Certification Support Handoff
- Enhancement & Roadmap Prioritization
- Regulatory Archive & Audit Readiness
Issues & Enhancements
- Prepare a qualification impact memo for items that trigger requalification and share with DERs.
- Open and configure a shared, auditable channel for ongoing issues and enhancement requests.
- Agree and document SLAs, escalation procedures, and on-call responsibilities.
- Transfer knowledge and confirm access to all certification artifacts for support teams.
- Provision shared channel and invite all stakeholders with configured roles and templates.
- Publish and circulate the support runbook, SLA matrix, and escalation list.
- Create issue templates and automation in the customer's issue tracker for certification-related tickets.
- Confirm on-call schedule and contact details for the first 90 days post-certification.
- Collect Outstanding Enhancement Requests
- Produce a prioritized, time-phased enhancement roadmap aligned with certification constraints.
- Assign owners and preliminary estimates for near-term enhancements.
- Identify any enhancements that require immediate regulatory consultation or DER re-engagement.
- Populate the customer's roadmap/tracker with prioritized enhancements and owners.
- Welcome & Objectives
- Estimate resources and update SOW or change orders for agreed enhancements.
- Schedule periodic roadmap reviews (quarterly) to re-evaluate priorities against program timelines.
- Review Retention & Compliance Requirements
- Confirm archive meets regulator and organizational retention and access requirements.
- Ensure auditors can access and replay qualification evidence with clear chain-of-custody.
- Obtain formal sign-off on certification records and archival approach.
- Finalize and publish the archive index and access permissions to stakeholders and auditors.
- Implement backup and DR plan for certification artifacts and verify integrity checks.
- Provide auditors with a guided walkthrough package and credentials for a test access.
- Record formal sign-off from program leadership and store sign-off artifact in the archive.
- Formally confirm that certification milestones are achieved and accepted by DERs/regulators.
- Identify and document any residual items requiring tracking post-closeout.
- Agree on owners and deadlines for closeout and archival activities.
- Deliver final certification package and regulator receipts to program archive and stakeholders.
- Create and assign trackers for any residual open items with owners and SLAs.
- Confirm and capture DER signoff artifacts in the shared repository.
- Schedule follow-up review for any conditional regulator feedback.
- Context & Rules of Engagement
- Produce a prioritized list of 5–10 actionable improvements to reduce future certification time and risk.
- Assign clear owners and timelines for each improvement item.
- Capture reusable artifacts and updates required for qualification kits and playbooks.
- Draft and circulate a Lessons Learned report with prioritized actions and owners.
- Update tool qualification kits and certification playbooks based on agreed changes.
- Schedule training or brown-bag sessions for identified skill gaps (e.g., DER expectations, MC/DC practices).
- Create timeline and checkpoints for tracking improvements implementation.
- Support Model Overview
- Milestone Status Review
- Shared Channel Onboarding
- Timeline Recap
- Impact Assessment
- Archive Repository Walkthrough
- Audit Access & Replayability
- Prioritization Criteria & Scoring
- Issue Triage & Escalation Paths
- What Worked Well
- Evidence & Submission Audit
- Service Level Agreements and Response Targets
- Roadmap Draft & Resource Planning
- What Didn’t Work & Root Cause Analysis
- Retention Policies & Backup Strategy
- DER / Regulator Signoffs
- Residual Risks & Open Items
- Improvement Brainstorm & Solutions
- Decision & Owner Assignment
- Knowledge Transfer & Artifacts
- Certification Records Sign-off