QA/01
Project quality plan.
Dedicated QA plan per project — engineering OR software. Defines procedures, criteria, resources and the standard the deliverable must meet.
Whether it's a road section or a software release — documented QA plan, inspections at every stage, records for every decision, independent review. ISO 9001-aligned and independently assessed.
Dedicated QA plan per project — engineering OR software. Defines procedures, criteria, resources and the standard the deliverable must meet.
Engineering: inspections at every construction stage. Software: unit, integration and end-to-end testing in CI/CD. Nothing ships without passing.
Engineering: material certificates, inspection reports, test records. Software: git history, code review records, deployment logs. Complete audit trail from start to handover.
Periodic review by management. Post-project retrospectives. Lessons learned fed back into processes. Same discipline whether the output is concrete or code.
Daily toolbox meetings. Mandatory PPE. Certified operators only on heavy plant. Underground services located before excavation. Formal accident investigation with root-cause analysis. We will never trade a worker's safety for a deadline.
AES-256 encryption at rest and in transit. NDPA compliance. Role-based access control. Immutable audit trails. Annual penetration testing. Incident response plan tested annually. Security is the foundation, not a feature.
AES-256 at rest. TLS 1.3 in transit. Cryptographic key management with rotation. No exceptions.
RBAC on every system. MFA for admin access. Session timeout. Every access logged and auditable.
Data processing agreements. Privacy impact assessments. Data minimisation. Retention policies. Breach notification within 72 hours.
Real-time system monitoring. Automated alerting. Annual pen test by certified third party. Vulnerability scanning. Incident response procedures.