Io0001

Resources

Tools

A public shelf of things I reuse in client work and on LinkedIn: short checklists you can apply today, pointers to deeper topic guides, and the stack I reach for when delivery, platforms, or compliance need to move together.

No paywall—copy and adapt. If you want fuller templates or a workshop built around them, get in touch.

Public checklists & prompts

Lightweight artefacts you can run in a meeting or doc—before you buy tooling or hire.

Platform / cloud review — pre-flight

Ask these before committing to a migration or “big refactor” programme.

  • What workloads are truly business-critical vs nice-to-migrate?
  • Where is data allowed to live (region, residency, subprocessors)?
  • What is the monthly cost of not changing (risk, toil, opportunity)?
  • Who can approve production changes—and is that the same team doing the work?
  • What’s the smallest shippable slice we can put in production in 30 days?

Related: Cloud & platform modernization.

Incident retro — week one prompts

Use after a meaningful incident when you’re tightening practice, not assigning blame.

  • Did we detect it before customers—and how could we detect faster next time?
  • Was the severity / comms cadence right for stakeholders?
  • What change or dependency made recovery harder than it should be?
  • Which follow-up is a tracked action with an owner and date?
  • What do we deliberately not fix yet—and why?

Related: DevOps, SRE & reliability.

Event Storming — room prep

Before you order sticky notes, align on outcomes so the workshop produces decisions—not decoration.

  • Who must be in the room (domain expert, product, tech lead)—and who is optional?
  • What decision or scope boundary are we trying to clarify in this session?
  • What system or process slice is in vs out of the board?
  • Do we have a facilitator who can park rabbit holes without shutting down experts?
  • How will we capture outcomes (photos, Miro export, written summary) the same day?
  • What’s the single next step if we find a contested hotspot?

Related: Domain modelling, DDD & Event Storming · service detail.

ISO-27001 — technical readiness (starter questions)

Sanity-check whether engineering can support certification without freezing the roadmap.

  • Inventory: do we know which systems store personal or sensitive data?
  • Access: how are production rights granted, reviewed, and revoked?
  • Change: can we show who changed what, when, and with what approval?
  • Logging: can we reconstruct a security-relevant timeline for an incident?
  • Vendors: which subprocessors touch data—and when were they last reviewed?
  • Backup & recovery: when did we last test restore for critical systems?

Related: ISO-27001 & information security · service detail.

Templates & deeper packs

Longer artefacts (workshop decks, RACI variants, assessment spreadsheets) I customise per client—contact me if you want something tailored.

Engineering leadership charter

Scope, cadence, and decision rights for fractional or interim leadership—aligned to your exec team.

Request via contact

Migration steering pack

Milestone view, risk register hooks, and stakeholder comms rhythm for cloud / platform programmes.

Request via contact

Incident programme scaffold

Roles, severity guide outline, and retro template set for teams levelling up IR.

Request via contact

DDD / Event Storming readout pack

Legend sheet, bounded-context sketch template, and exec one-pager structure after a storming session.

Request via contact

Want this tailored to your org?

Bring your context on the contact page—checklists become useful when they match your stage, stack, and risk profile.

Contact How we work

We use cookies to enhance your experience. By continuing to visit this site you agree to our use of cookies. Learn more