Roles and Accountabilities
Responsibility model
Section titled “Responsibility model”| Activity | Developer | Tech Lead / CODEOWNER | QA | Platform Engineering | Security | Release Owner |
|---|---|---|---|---|---|---|
| Implement and unit test | R | A | C | C | C | I |
| Review code and design | C | A/R | C | C | C | I |
| Maintain reusable CI | I | C | C | A/R | C | I |
| Maintain deployment automation | I | C | C | A/R | C | I |
| Define regression evidence | C | C | A/R | C | C | I |
| Triage security findings | R | A | C | C | C/R | I |
| Approve release readiness | C | C | R | C | C | A |
| Approve exceptions | C | C | C | R | R | A |
R responsible, A accountable, C consulted, I informed.
Key expectations
Section titled “Key expectations”A developer owns the correctness of the change, including tests and operational impact. A reviewer owns the quality of the decision to merge, not merely the presence of an approval. Platform Engineering owns reusable workflow reliability but does not own application test quality. QA owns the regression strategy and release evidence, while teams remain responsible for unit and component tests. Security enables policy and supports triage; engineering teams remediate findings in the code they own.