update
This commit is contained in:
@@ -39,7 +39,7 @@ This document defines the documentation framework for a software project. It est
|
|||||||
- Boundary definitions that state what is in scope and out of scope.
|
- Boundary definitions that state what is in scope and out of scope.
|
||||||
- Security requirements including threat model outcomes, authentication and authorization expectations, data classification, encryption requirements, and compliance controls.
|
- Security requirements including threat model outcomes, authentication and authorization expectations, data classification, encryption requirements, and compliance controls.
|
||||||
- Observability requirements specifying required telemetry, metrics, traces, logs, alerting thresholds, and retention policies.
|
- Observability requirements specifying required telemetry, metrics, traces, logs, alerting thresholds, and retention policies.
|
||||||
- Traceability rule: do not cite other documents as the source of requirements. requirements.md is the canonical first document in the ASG Framework.
|
- Traceability Rule: Requirements must be self-contained (no cross-references to other docs as justification), but must include IDs (e.g., FR-001) so downstream artifacts (spec, UI spec, architecture) can trace back. All downstream documents MUST cite requirement IDs, but requirements themselves stand alone.
|
||||||
|
|
||||||
**Best Practices**:
|
**Best Practices**:
|
||||||
- Link each requirement to a measurable KPI
|
- Link each requirement to a measurable KPI
|
||||||
|
|||||||
Reference in New Issue
Block a user