Skip to main content

Segeration of duties(SOD)

The purpose of this policy is to ensure that no single employee/team has complete control over a process. By separating key duties, we reduce the risk of fraud, errors, and other risks that may negatively impact our organization. Doc cover the Segeration of duties (SOD) for different teams as below:

  • DevOps Team
  • Backend Team
    • Product Team
    • Delivery Team
  • Frontend Team
  • AI Team
  • Customer Success Team

DevOps Team

  • DevOps team is responsible for the deployment and maintenance of software applications. They work closely with developers to ensure that the software is deployed in a timely and secure manner.
    • Developers who write code for the application should not have access to production environments. This separation helps to prevent accidental or intentional changes to the production environment that can cause disruptions.
    • DevOps team members should not have the ability to make changes to the application code. If they need, they should have approval from devops/backend lead. This separation helps to prevent unauthorized changes that can compromise the integrity of the software.
    • DevOps team should not be responsible for configuring access control for the application. This helps prevent unauthorized access to sensitive data or systems.
    • DevOps team should not be responsible for approving code changes. This helps ensure that code is thoroughly reviewed and tested before being deployed to production.
    • L1, L2, and L3 refer to different levels of support and responsibility. Here's a brief description of each level:
    • L1:
      • Responsible for initial triage and response to incidents and service requests.
      • Should not have access to production systems or be involved in making changes to production environments.
      • They handles basic issues and requests, such as deployment requests, server access and minor troubleshooting.
      • They provide support for 24x7 & may escalate issues to L2 or L3 support teams as needed.
      • May involve analyzing system logs, debugging code, or collaborating with development teams to identify and resolve issues in develoment environment.
    • L2:
      • Responsible for investigating and resolving more complex issues that cannot be resolved by L1 support.
      • Should have limited access to production systems, only for troubleshooting and monitoring purposes.
      • They also provide support for 24x7 as needed.
      • Should not have the ability to make changes to production environments, except for emergency situations.
      • May involve analyzing system logs, debugging code, or collaborating with development teams to identify and resolve issues in develeopment,testing and production.
    • L3:
      • Responsible for handling the most complex issues that require expert knowledge and experience.
      • Handles the most complex and critical issues that cannot be resolved by L2 support.
      • Should have full access to production systems and be able to make changes to production environments.
      • May involve analyzing system performance, troubleshooting complex code issues, or making changes to production environments.
      • May involve on-call duties and round-the-clock support for critical applications or services.

Backend Team

Backend team is responsible for developing the server-side components of a software application. They are usually responsible for creating the APIs, databases, and other infrastructure required to run the application. In backend, we have 2 teams as described below.

Product Team

The Product team is responsible for the following:

  • Understanding the functionality that is to be developed
  • Brainstorming and compiling the best possible technical solution to develop the functionality making sure it is stable and scalable once developed.
  • Developing the functionality in collaboration with Front end team and AI team if needed.
  • Integration testing of the functionality with different teams to make sure functionality is working as expected is all possible cases.
  • Deploying the feature with collaboration with the DevOps team.
  • Resolving any issues that might come up related to the functionality developed.
  • L1, L2, and L3 refer to different levels of support and responsibility. Here's a brief description of each level:
  • L1:
    • Debugging smaller issues and making changes and bug fixes in existing functionalities.
    • Developing functionalities that are east to implement and require moderate technical skill sets for developing them.
    • Integrating and testing the functionality developed in coordination with front end and ai team if required.
  • L2:
    • Responsible for debugging and resolving more complex issues that cannot be resolved by L1 support.
    • Developing more technically challenging functionalities that L1 support cannot.
    • Helping L1 support in case any assistance in needed.
    • Coordinate with Front end team and ai team to rollout the new feature developed post integration and testing of the functionality.
  • L3:
    • Responsible for handling the most complex issues that require expert knowledge, experience and deep technical expertise.
    • Handles the most complex and critical issues that cannot be resolved by L2 support.
    • Working closely with other members of the development team to ensure that software projects are completed on time and to a high standard.
    • Participating in code reviews and providing feedback to other members of the development team wherever required.
    • May involve round-the-clock support for critical issues that may arise.

Delivery Team

The Delivery team is responsible for ensuring that the product is delivered to customers in a timely and efficient manner.

  • Members of the Delivery team should not have access to the prod database.
  • Delivery team members should not have the ability to make changes to the application's technical infrastructure. This helps prevent unauthorized changes that can compromise the integrity of the software.
  • Delivery Team make approaches for Brand features which are to be added in the basecode and after the approval from product team, implements it
  • Client requirement and feasibility of features is taken care by delivery team
  • Integrations are taken care by delivery team such as channels, crm
  • Email bot system is handled by delivery team.
  • L1, L2, and L3 refer to different levels of support and responsibility. Here's a brief description of each level:
  • L1:
    • The first point of contact for users or customers who need assistance with backend issues in developemt.
    • Typically handles basic issues and requests, such as bugs, message changes, reports scheduling
    • They do have direct code push into production environment, can push only in development environment.
  • L2:
    • Responsible for investigating and resolving more complex backend issues that cannot be resolved by L1 support.
    • May involve identifying and fixing bugs, optimizing brand secific codes, channel integration approach and implementation
    • Should not have the ability to make changes to production environments, except for emergency situations.
    • May escalate unresolved issues to L3 as needed.
  • L3:
    • Handles the most complex and critical backend issues that cannot be resolved by L2 support.
    • Typically requires advanced technical skills and knowledge of entire system
    • May involve developing approaches for codebase features and implementation.
    • May collaborate with front-end teams to integrate those features effeciently
    • May involve on-call duties and round-the-clock support for critical back-end applications or services.

Frontend Team

The frontend team is responsible for developing the user interface of a software application. They are usually responsible for creating JavaScript code that runs in the user's browser.

  • Developers who write code for the frontend should not be responsible for testing or deploying that code to production. This separation helps to prevent errors and ensure that the code is thoroughly tested before being released to the public.
  • Members of the Frontend team should not have backend and ai repo access.
  • Designers who create the visual designs of the application should not have access to the codebase. This separation helps to prevent conflicts of interest and ensures that the designers focus on creating high-quality designs rather than getting involved in coding.
  • Members of the Frontend team should not be responsible for configuring access control for the application. This helps prevent unauthorized access to sensitive data or systems.
  • L1, L2, and L3 refer to different levels of support and responsibility for handling front-end development tasks. Here's a brief description of each level:
  • L1:
    • The first point of contact for users or customers who need assistance with front-end issues in developemt.
    • Typically handles basic issues and requests, such as minor designing issues, text alignment, conflicts in html css and minor troubleshooting.
    • They do have direct code push into production environment, can push only in development environment.
  • L2:
    • Responsible for investigating and resolving more complex front-end issues that cannot be resolved by L1 support.
    • May involve identifying and fixing bugs, optimizing page load times, or implementing new UI components on development and production.
    • Should not have the ability to make changes to production environments, except for emergency situations.
    • May escalate unresolved issues to L3 support or development teams as needed.
  • L3:
    • Handles the most complex and critical front-end issues that cannot be resolved by L2 support.
    • Typically requires advanced technical skills and deep knowledge of front-end frameworks, such as React or Angular.
    • May involve developing complex UI components, optimizing page performance, or implementing complex user interactions.
    • May collaborate with back-end teams to integrate front-end components with back-end services.
    • May involve on-call duties and round-the-clock support for critical front-end applications or services.

AI Team

AI team is responsible for developing and maintaining AI models that are integrated into the software application.

  • Members of the AI team should not have access to sensitive user data. This helps protect user privacy and prevent unauthorized data access.
  • AI team members should not be responsible for creating or modifying the application code. This helps ensure that code changes are thoroughly reviewed and tested before being deployed.
  • Members of the AI team should not be responsible for deploying the AI models into the production environment. This should be done by a separate team or process that ensures that changes are made in a controlled and auditable manner.
  • Members of the AI team should not be solely responsible for monitoring and maintaining the AI models in production. This should be done by a devops team or process that ensures that issues are detected and resolved in a timely and effective manner.
  • Members of the AI team should not be responsible for configuring access control for the application or for performing security testing. These tasks should be performed by a devops team or process that ensures that the application is secure and that access is restricted to authorized individuals.
  • Members of the AI team should not be solely responsible for monitoring and maintaining the AI models in production. This should be done by a devops team or process that ensures that issues are detected and resolved in a timely and effective manner.
  • L1, L2, and L3 refer to different levels of support and responsibility for handling AI development tasks. Here's a brief description of each level:
  • L1:
    • The first point of contact for users or customers who need assistance with basic AI tasks or queries.
    • They do have direct code push into production environment, can push only in development environment.
    • May escalate more complex issues to L2 or L3 support teams as needed.
    • L1 members may be responsible for collecting and labeling data, preprocessing data for use in models, and running simple experiments to test model performance.
  • L2:
    • Responsible for investigating and resolving more complex AI issues that cannot be resolved by L1 support.
    • May involve in AI model development, training and fine-tuning models, evaluating model performance, or troubleshooting training or deployment issues in development and production.
    • L2 support team members typically have deep expertise in machine learning and deep learning algorithms, as well as experience working with AI frameworks such as TensorFlow or PyTorch.
    • May escalate unresolved issues to L3 support or development teams as needed.
  • L3:
    • Handles the most complex and critical AI issues that cannot be resolved by L2 support.
    • Typically requires advanced technical skills and deep knowledge of AI frameworks, such as TensorFlow or PyTorch.
    • May involve developing custom models, designing and implementing complex AI architectures, or optimizing model performance.
    • May collaborate with data science or engineering teams to integrate AI models with other systems or services and desinging data pipelines.
    • May involve on-call duties and round-the-clock support for critical AI applications or services.

Customer Success Team

The Customer Success team is responsible for ensuring that customers are satisfied with the product and providing support when issues arise.

  • Members of the Customer Success team should not have access to the prod database. This separation helps to prevent conflicts of interest and ensures that the Customer Success team focuses on customer needs rather than getting involved in coding.
  • Customer Success team members should not have the ability to make changes to the application's technical infrastructure. This helps prevent unauthorized changes that can compromise the integrity of the software.
  • Customer Success team provide customer support to clients proactively 24x7.
  • Customer Success team Perform Sanity Testing / Regression testing & bot hung Analysis & production testing end to end.
  • Auditing chats and raising issues with the respective teams.
  • Capture customer VOC/pain points during different stages in a project life cycle ( onboarding) via surveys, reviews,etc.
  • L1, L2, and L3 refer to different levels of support and responsibility for customer success team. Here's a brief description of each level:
  • L1:
    • Auditing chats on Ori dashboard and raising issues with the respective teams.
    • Performing Production testing(end to end) raising issues with the respective teams.
    • Performing Sanity Testing and sharing results with the respective stakeholders.
    • Perform regression testing and sharing results with the respective stakeholders.
    • Perform initial level analysis, validate the issue and acknowledge the stakeholders.
    • Perform root cause analysis and fix the issues.
  • L2
    • If L1 is not able to perform RCA of the issue, L2 performs RCA.
    • Post performing RCA if L1 is not able to fix the issue , L2 is responsible for fixing the issue.
    • Perform pre-launch QA and share results with the stakeholders.
    • Capturing all the important data points while performing market research.
    • Perform Fracture Analysis & derive insights from it.
    • Perform joint troubleshooting with clients.
    • Share fortnightly KPI ppt with L3
  • L3
    • Review data insights & issues shared by L2.
    • Manage client relationships.
    • Capture customer VOC/pain points during different stages in a project life cycle ( onboarding) via surveys, reviews,etc.
    • Review KPI shared by L2.
    • Make sure client expectations are set and protocols and processes are adhered.