This checklist is part of the Agentic SDLC — How to Deliver with Confidence guide. It is designed to be used independently. No prior reading is required.
Use this checklist when reviewing an execution plan before code generation begins. The plan translates a specification into a sequenced execution path. It determines the order of work, the scope of each generation unit, and where specialist review is required.
Phase Scoping
- The plan breaks the work into discrete phases with clear boundaries
- Each phase has a defined scope: what is included and what is excluded
- Each phase produces a verifiable output — something that can be checked against the specification independently
- No single phase is so large that its output cannot be meaningfully reviewed
- Phases correspond to logical domain boundaries (data layer, API layer, presentation layer) rather than arbitrary size splits
Dependency Ordering
- Dependencies between phases are identified and sequenced correctly
- Phases that produce interfaces consumed by later phases are scheduled first
- Circular dependencies are identified and resolved (or explicitly accepted with a mitigation strategy)
- External dependencies (third-party services, shared libraries, infrastructure provisioning) are accounted for in the schedule
- The plan identifies which phases can execute in parallel and which must be sequential
Specialist Domain Coverage
- The plan identifies which specialist review domains are triggered by each phase
- Database changes: migration strategy, rollback approach, data integrity checks, and performance impact are flagged for specialist review
- Security-sensitive changes: authentication, authorization, data handling, and trust boundary modifications are flagged for specialist review
- API changes: backward compatibility, versioning, contract completeness, and consumer impact are flagged for specialist review
- Infrastructure changes: deployment configuration, scaling behavior, failure modes, and environment parity are flagged for specialist review
- The plan names who will perform each specialist review (role or individual)
Risk Identification
- The plan identifies risks specific to each phase (not generic project risks)
- High-risk phases are flagged: phases that involve irreversible changes (migrations, data transformations), security-critical paths, or performance-sensitive components
- The plan includes a mitigation approach for each identified risk — even if the mitigation is “verify carefully”
- The plan identifies what happens if a phase fails verification: is it regenerated, patched, or does the plan need to be revised?
- The plan identifies assumptions that, if wrong, would invalidate the execution sequence
Completeness
- Every requirement in the accepted specification is covered by at least one phase
- Test strategy is included: what is tested at each phase, what is tested at the end
- The plan accounts for governance constraints: compiled rules, invariants, and conventions that apply to each phase
- The plan includes a verification step after each phase, not just at the end