We should include reports for each software, its versions as well as different BB versions
Clarify requirements
How do we want to add this functionality to the current testing web app GovStack testing ? And should we do it?
We should have two menu items
One for compliance form - with reports and button to check compliance
The second one for API testing purposes(the current website purpose)
Authentication
Authentication for GovStack team
One role for “approver” for all reviewers
Providers: Send email with custom link so the user can edit the compliance form once he starts the compliance form + later link to Jira ticket
Email would be required in the first step
Statuses - do we need more statuses for reviewers? What statuses exactly do we need?
Draft
In review
Published
Rejected
Compliance Form
Either Requirement or Interface Compliance needs to be filled in (deployment is not counted)
Date - how should we indicate different evaluation dates in the software?
Compliance Level - should we add tooltips to explain what each compliance level means?
Saving draft (can be accessed again to finish submitting) - what flow of saving?
Identify any potential gaps
What happens if a person submits a form knowing that it does not fulfill a compliance level. Do we still show it? What do we call that state? "Not passed"?
It would be “Rejected” state after approver rejects it.
What happens if a person submits an empty form? I suggest status "n/a"
N/A will be for compliance level for a compliance part that was not submitted.