You will always know
what's happening.
No black-box development. No monthly status calls. No surprises at handover. Here is the exact process every WizQuest engagement follows — from the first call to shipped software.
Five phases.
One commitment.
The same process applies to every service line. Tailored to the work — never different on the fundamentals.
We ask three questions: What are you building? What is the real constraint stopping you? What does success look like in 90 days? You leave knowing whether we are the right fit. We tell you within 24 hours.
- Go/no-go within 24 hours
- Scoping agenda if we proceed
- No obligation
We run a structured 48-hour scoping session. The output is a four-page plain-English scope document both sides agree on before sprint one begins.
- What is in scope
- What is explicitly out
- Architecture approach
- Phased timeline + fixed price
We select specific engineers — not a generic "our team." You meet the named technical lead. Repositories, environment access, and communication channels are set up before the first sprint.
- Named technical lead confirmed by you
- Repo access in your accounts
- Shared channel + live sprint board
Before any work reaches you or production, it passes five internal checkpoints:
- Daily standup notes
- Live sprint board
- Weekly live demos
- Budget burn tracker
- AI security audit log
At the close of each phase, you decide. Take the code and continue internally — everything documented, fully yours. Or start Phase 2 with WizQuest. No exit fees. No lock-in.
- Full IP transfer
- Written Phase 2 roadmap
- All credentials and docs in your accounts
- Architecture Decision Record
What an ideal AI Pod looks like.
Every human role directs one or more AI agents through the pipeline. DevOps and Security are the human-only release gate — no AI agents, personal verification on every release.
to Production
The commercial package determines whether roles are dedicated or combined — the ideal pod structure never changes.
AI generates fast.
Humans validate everything.
The critical failure mode of AI-generated code is not syntax errors — it is logic that looks correct but isn't.
Tests before code
Acceptance criteria and tests are written by humans before AI generates any code. If AI output does not pass the test suite, it does not advance to review.
Libraries and APIs are verified
AI suggestions for packages and APIs are checked against live documentation before use. Hallucinated package names are a known failure mode — we do not ship assumptions.
Auth and payments are hand-written
Authentication, payments, data access, and encryption are hand-written by senior engineers. These paths are never AI-generated.
Does it do what the business needs?
Senior engineers validate that AI-generated logic matches the commercial intent — not just the technical specification. The spec and the real need are often not the same thing.
Demo against the original brief
Before every demo, the technical lead reviews all sprint output against the acceptance criteria written at sprint start. A genuine check — not a rubber stamp.
A named engineer monitors every AI action
There is always a named senior engineer reviewing AI agent output before it advances. The oversight is not automated — it is a human decision on every review cycle.
Security is not a phase.
It's the gate.
The Security Auditor is the last human before any production release. Here is what they verify — and what is built into every engagement from day one.
No client data in AI calls
Client data is never passed to any third-party AI API without explicit written consent. Staging uses synthetic data exclusively. Non-negotiable.
Secrets management from day one
Credentials and API keys are never stored in code. Secrets managers are mandatory from the first commit. A credential in a codebase is a blocker, not a warning.
OWASP Top 10 on every release
Every production deployment is validated against OWASP Top 10 by the Security Auditor. This is a gate — Security sign-off is required for every deployment.
Dependency audit at handover
Before any handover, every third-party library is reviewed for licence type, last update, and known CVEs. Flagged dependencies are resolved before handover.
Full audit trail, always
Every AI agent action is logged with timestamps and available to you. Every production deployment logged with reviewer name, time, and approval status.
Compliance validation per vertical
Security Auditors use AI-assisted tools for vulnerability scanning. Every finding is personally reviewed. Every compliance requirement manually verified before the gate opens.
Five things you can see
without asking.
Transparency is built into how every WizQuest engagement runs — not offered on request.
Live Sprint Board
Every task in real time — in progress, done, blocked. Visible at any moment.
Daily Standup Notes
Posted every morning. Completed, in progress, blocked. Written, not a meeting.
Weekly Live Demos
Every Friday: working software demonstrated live. The actual product, not a slide deck.
Budget Burn Tracker
Hours spent, cost incurred, runway remaining — updated in real time. Always before you ask.
AI Security Audit Log
Every agent action logged and available. Staging only, synthetic data only — verifiable anytime.
AI agent costs are included in your fixed price. Always.Zero line items
We manage token costs internally through model tier selection, context window management, and prompt caching. The budget tracker shows what matters to you: human-hour cost, sprint velocity, and delivery progress. You will never see a token line item.
Four things that never change.
These apply to every WizQuest engagement, from the first sprint to the last.
Your code. Your repos. From day one.
We work inside your repositories on your infrastructure from the first commit. Everything built is yours. No proprietary tools, no platform dependencies, no licence fees after the engagement ends.
A named human is accountable for the outcome.
Every engagement has a specific named senior engineer who owns the result. A person — not a team. The same person who runs your standup, presents at your demo, and answers when something breaks.
AI never touches your production data.
AI agents operate exclusively on staging environments with synthetic or anonymised data. No AI agent is ever given credentials to production systems. Verifiable through the audit log at any time.
No lock-in. Clean exit at any sprint boundary.
You can end any engagement at the close of a sprint. No exit fees. No IP transfer cost. No contractual minimum beyond the current sprint. You stay because the work is worth it.
Same process. Different depth.
The five phases and all commitments apply to every service line. The difference is who leads, for how long, and what they are accountable for.
Forward Deployed Engineering
A senior engineer embeds inside your team for weeks or months. They own the technical delivery and the client relationship simultaneously — business fluency and technical depth in one person.
Learn about FDEDedicated AI Pod
A full structured team executes a defined workstream with AI-assisted delivery and human-controlled release gates. Every role paired with agents. Every release gated by DevOps and Security.
Learn about AI PodsEnterprise AI Implementation
Implementation of HubSpot AI, Intercom Fin, Glean, Moveworks — properly configured, tested against your real data, and actually adopted by your team. Not plug-and-play. Done right.
Learn about Enterprise AIStart with 30 minutes.
No slides. No pitch. Just the three questions that tell us whether we are the right fit.
Book a Discovery Call