Skip to content

docs(gouvernance): T-205 audit coherence transverse amont->aval#178

Merged
antonyblain merged 1 commit intodevelopfrom
feature/p5-tache-205-audit-coherence-transverse
Apr 20, 2026
Merged

docs(gouvernance): T-205 audit coherence transverse amont->aval#178
antonyblain merged 1 commit intodevelopfrom
feature/p5-tache-205-audit-coherence-transverse

Conversation

@antonyblain
Copy link
Copy Markdown
Owner

@antonyblain antonyblain commented Apr 20, 2026

Audit exhaustif tracabilite CdC v1.1 -> SFD v1.2 -> DAT v1.5 -> code -> tests. 170 IDs cross-references (modules, UC, NFR, CA, risques, ADR, ISO, RGPD). Ratios : Conforme 55% / Partiel 35% / A arbitrer 5% / Gap critique 5%. 4 bloquants MEP v1 identifies : T-197 BUG desactivation module + T-191/192/193 levees formelles reserves DPO (code Terminé mais verif DPO absente). 3 arbitrages pendants + 5 nouvelles taches recommandees au BACKLOG. Voir §10 verdict + §10.5 recommandations.

@antonyblain
docs(gouvernance): T-205 audit coherence transverse amont->aval
a9167ad 
Audit exhaustif de la tracabilite descendante depuis les documents fondateurs
(CdC v1.1, SFD v1.2, DAT v1.5, AIPD M7 v1.3) jusqu'au code source et aux tests.

**170 IDs cross-references** :
- 7 modules v1 (M2/3/5/6/7/9/17)
- 15 use cases (UC-01 a UC-15, 6 P0 + 9 P1/P2)
- 38 NFR (ENF-PBD/PERF/ACC/SEC/I18N/COMPAT)
- 69 criteres d'acceptation (CdC 43 + SFD 26)
- 33 risques actifs (RISQUES.md)
- 2 ADR + 5 decisions securite + 8 arbitrages post-mortem
- 13 controles ISO 27001 + 10 traitements RGPD

**Ratios tracabilite** : Conforme 55% / Partiel 35% / A arbitrer 5% / Gap critique 5%

**4 bloquants MEP v1 identifies** :
1. BUG T-197 (bouton radio desactivation module) — CA-GLOBAL-02 + RGPD Art. 7.3
2. T-191 levee formelle reserve DPO R-074-01 (T-158 Terminé, verif DPO absente)
3. T-192 levee formelle reserve DPO R-074-02 (T-159 Terminé, verif DPO absente)
4. T-193 levee formelle reserve DPO R-074-03 (T-160 Terminé, verif DPO absente)

**2 prerequis Commanditaire** :
- T-068 recette manuelle UC-01 Google+Microsoft non terminee (matrice providers vide)
- R-018 validation frais CWS 5 USD pour distribution

**3 arbitrages pendants** :
- ARB-01/T-175 tests E2E UC-01 a UC-05 : Should vs Must pour MEP v1
- INC-01 debounce M9 150ms (SFD) vs 300ms (DAT) incoherence documentaire
- ARB-04 CodeQL observe-only -> seuil bloquant : date non definie

**5 nouvelles taches recommandees au BACKLOG** :
- T-NEW-01 tests unitaires export-handler.ts (ENF-PBD-09)
- T-NEW-02 alignement debounce M9 SFD/DAT
- T-NEW-03 nettoyage RISQUES.md R-ADR-01/02 references obsoletes
- T-NEW-04 decision version WCAG cible (2.1 vs 2.2)
- T-NEW-05 mention pending_* intents dans politique confidentialite

**Couverture par pilier** :
- RGPD : 7/10 traitements conformes, 2 en verification formelle (T-191/192/193 bloquants)
- Securite ISO 27001 : 6/13 conformes, 5 partiels (logging, incident mgmt, SAST seuil)
- A11y WCAG : pages statiques 100%, UI dynamiques 80% (10 Should/Could residuels)
- Risques : 18/33 resolus, 9 acceptables, 3 bloquants MEP + 1 distribution

Livrable : docs/gouvernance/audit-coherence-transverse-v1.0.md (~550L).

Ref: demande Commanditaire 2026-04-20 "revue complete de coherence"
@antonyblain antonyblain enabled auto-merge (squash) April 20, 2026 20:23
@antonyblain antonyblain merged commit 362063b into develop Apr 20, 2026
6 checks passed
@antonyblain antonyblain deleted the feature/p5-tache-205-audit-coherence-transverse branch April 20, 2026 20:26
@antonyblain antonyblain mentioned this pull request Apr 20, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@antonyblain