Methodology
How the work is actually done.
Our methodology is the same on a five-day forensic engagement and on a multi-year support retainer. The work is small, the discipline is constant.
Three principles, expanded
Evidence first
Before we propose anything, we reproduce the issue, capture the artifact, and write it down. Conclusions trail evidence; they never lead it.
Change minimal
Every change is scoped to a single issue, on a single branch, with a single owner. Refactors are explicit deliverables, never opportunistic.
Governance always
Backups, written UAT sign-off, version-controlled documentation, and a tested rollback path are mandatory on every production change — including the small ones.
Six-step forensic process
- 01
Reconstruct
Rebuild the system in a controlled environment from the artifacts we receive.
- 02
Map
Document the architecture, dependencies, and data flow as they actually exist.
- 03
Reproduce
Reproduce each reported issue against the reconstructed environment.
- 04
Document
Capture every finding with the evidence required to act on it.
- 05
Fix
Define the smallest change that resolves each issue, sequenced by impact.
- 06
Govern
Hand the work over with documentation, governance, and a defensible audit trail.
Eleven-step deployment pipeline
- 01Develop
- 02Test
- 03Document
- 04Commit
- 05Stage
- 06UAT
- 07Sign-off
- 08Backup
- 09Deploy
- 10Smoke test
- 11Update
What we never do
- We never deploy to production without written UAT sign-off from the application owner.
- We never delete code.
- We never batch fixes.
- We never proceed when uncertain.