THE METHOD

Five practices. One method.

Curate, Refine, Architect, Fortify, Test. 25 sub-practices. A 125-question maturity scorecard. The structured way engineering orgs make AI-native development repeatable, governable, and measurable.

CURATE.REFINE.ARCHITECT.FORTIFY.TEST.
5 PRACTICES /25 SUB-PRACTICES /125 QUESTIONS /0–100 SCORE
THE DEPENDENCY CHAIN

The order is non-negotiable.

Each practice depends on the one before it.

C
Without Curate, nothing downstream works.
R
Without Refine, AI output is unpredictable.
A
Without Architect, enforcement is impossible.
F
Without Fortify, velocity becomes liability.
T
Without Test, governance becomes theatre.
C
PRACTICE 01 / 05
Curate
CORE QUESTION

Does your org curate the context it feeds AI agents?

Curate the context AI agents consume.
COVERS
Codebase intelligenceAGENTS.md / CLAUDE.md fileslayered contextgovernancedev-tool integration
MATURITY PATH · 0 → 100
01
The Ad-Hoc Org
02
The Individual Champions
03
The Emerging Framework
04
The Structured Org
05
The AI-Native Org
R
PRACTICE 02 / 05
Refine
CORE QUESTION

Do teams refine specs before AI generates code?

Refine specs before AI generates code.
COVERS
Spec completenesspredicate-form acceptance criteriaAI-augmented edge-case generationspec-first workflowrequirement traceability
MATURITY PATH · 0 → 100
01
The Vibe Coders
02
The Ticket Followers
03
The Emerging Specifiers
04
The Structured Specifiers
05
The Spec-Driven Org
A
PRACTICE 03 / 05
Architect
CORE QUESTION

Does AI architect within your governed patterns — or invent new ones every prompt?

Architect within governed patterns.
COVERS
Pattern librariesADRsmulti-agent code reviewagentic CI/CDsystem topology awarenessarchitecture evolution
MATURITY PATH · 0 → 100
01
The Wild West
02
The Tribal Architects
03
The Documented Architects
04
The Governed Architecture
05
The Architecture-Native Org
F
PRACTICE 04 / 05
Fortify
CORE QUESTION

Do you fortify against AI-introduced risk — security, supply chain, compliance?

Fortify against AI-introduced risk.
COVERS
SAST/DAST/SCA at AI velocityAIBOMsslopsquat defenseISO 42001 / EU AI Act compliance automationAI-powered vulnerability remediation
MATURITY PATH · 0 → 100
01
The Blind Shippers
02
The Manual Checkers
03
The Partial Scanners
04
The Defense-Hardened Org
05
The Security-Native Org
T
PRACTICE 05 / 05
Test
CORE QUESTION

Do you test before AI ships?

Test before AI ships.
COVERS
AI-generated test coveragemutation testingblocking quality gates calibrated for AI velocitydeployment quality measurementfeedback loops
MATURITY PATH · 0 → 100
01
The Hopers
02
The Spot Checkers
03
The Partial Coverers
04
The Quality-Gated Org
05
The Test-Native Org
HOW IT'S MEASURED
5PRACTICES ×5SUB-PRACTICES ×5QUESTIONS =125

Every question scores 0–100, averaged up to sub-practice, practice, and overall. The Free Scorecard covers Curate (25 questions). The Paid Scorecard covers all five.

Find your archetype.
Start with Curate.

25 questions. 5 minutes. Free.