How It Works

You will always know
what's happening.

No black-box development. No monthly status calls. No surprises at handover. Here is the exact process every WizQuest engagement follows — from the first call to shipped software.

Daily async standups Live sprint board Weekly live demos Named accountable lead Your IP from day one AI never touches production
The Process

Five phases.
One commitment.

The same process applies to every service line. Tailored to the work — never different on the fundamentals.

01
Day Zero
The Discovery Call. 30 minutes. No slides. No pitch.

We ask three questions: What are you building? What is the real constraint stopping you? What does success look like in 90 days? You leave knowing whether we are the right fit. We tell you within 24 hours.

What you get
  • Go/no-go within 24 hours
  • Scoping agenda if we proceed
  • No obligation
02
Days One to Two
A written scope you sign before any code is written.

We run a structured 48-hour scoping session. The output is a four-page plain-English scope document both sides agree on before sprint one begins.

Scope document covers
  • What is in scope
  • What is explicitly out
  • Architecture approach
  • Phased timeline + fixed price
03
Days Three to Five
You meet your engineer before sprint one starts.

We select specific engineers — not a generic "our team." You meet the named technical lead. Repositories, environment access, and communication channels are set up before the first sprint.

Set up before sprint one
  • Named technical lead confirmed by you
  • Repo access in your accounts
  • Shared channel + live sprint board
04
Ongoing — Two-Week Sprints
Daily updates. Weekly demos. Five internal checkpoints before you see anything.

Before any work reaches you or production, it passes five internal checkpoints:

1Sprint start: Acceptance criteria written by humans before AI generates a line of code.
2Mid-sprint: Architecture review if scope or approach shifts.
3Pre-merge: Every PR reviewed against acceptance criteria by the tech lead.
4Pre-production: Security scan and named engineer sign-off before any deployment.
5End of sprint: Technical lead reviews all output against original acceptance criteria before the demo.
Always visible to you
  • Daily standup notes
  • Live sprint board
  • Weekly live demos
  • Budget burn tracker
  • AI security audit log
05
End of Engagement
A clean exit or a clean continuation.

At the close of each phase, you decide. Take the code and continue internally — everything documented, fully yours. Or start Phase 2 with WizQuest. No exit fees. No lock-in.

On handover
  • Full IP transfer
  • Written Phase 2 roadmap
  • All credentials and docs in your accounts
  • Architecture Decision Record
Inside an AI Pod

What an ideal AI Pod looks like.

Every human role directs one or more AI agents through the pipeline. DevOps and Security are the human-only release gate — no AI agents, personal verification on every release.

The diagram cycles through the agile workflow automatically → active roles highlight as each phase runs
Project Manager
Human
directs
Reporting Agent
Task Tracking Agent
Scrum Master
Human
directs
Sprint Analytics Agent
Standup Summary Agent
Tech Lead
Human
directs
Code Gen Agent
Code Review Agent
Docs Agent
QA Lead
Human
directs
Test Case Agent
Regression Agent
Bug Report Agent
Release Gate
DevOps Engineer
Human Only
no AI agents
May use AI tools as instruments. Personally controls and verifies every deployment.
Security Auditor
Human Only
no AI agents
May use AI tools for scanning. Personally verifies every finding before sign-off.
Released
to Production

The commercial package determines whether roles are dedicated or combined — the ideal pod structure never changes.

Quality & Hallucination Control

AI generates fast.
Humans validate everything.

The critical failure mode of AI-generated code is not syntax errors — it is logic that looks correct but isn't.

Test-First Generation

Tests before code

Acceptance criteria and tests are written by humans before AI generates any code. If AI output does not pass the test suite, it does not advance to review.

Hallucination Control

Libraries and APIs are verified

AI suggestions for packages and APIs are checked against live documentation before use. Hallucinated package names are a known failure mode — we do not ship assumptions.

Security-Critical Paths

Auth and payments are hand-written

Authentication, payments, data access, and encryption are hand-written by senior engineers. These paths are never AI-generated.

Business Logic Review

Does it do what the business needs?

Senior engineers validate that AI-generated logic matches the commercial intent — not just the technical specification. The spec and the real need are often not the same thing.

End-of-Sprint Check

Demo against the original brief

Before every demo, the technical lead reviews all sprint output against the acceptance criteria written at sprint start. A genuine check — not a rubber stamp.

Human Oversight

A named engineer monitors every AI action

There is always a named senior engineer reviewing AI agent output before it advances. The oversight is not automated — it is a human decision on every review cycle.

Security Architecture

Security is not a phase.
It's the gate.

The Security Auditor is the last human before any production release. Here is what they verify — and what is built into every engagement from day one.

No client data in AI calls

Client data is never passed to any third-party AI API without explicit written consent. Staging uses synthetic data exclusively. Non-negotiable.

Secrets management from day one

Credentials and API keys are never stored in code. Secrets managers are mandatory from the first commit. A credential in a codebase is a blocker, not a warning.

OWASP Top 10 on every release

Every production deployment is validated against OWASP Top 10 by the Security Auditor. This is a gate — Security sign-off is required for every deployment.

Dependency audit at handover

Before any handover, every third-party library is reviewed for licence type, last update, and known CVEs. Flagged dependencies are resolved before handover.

Full audit trail, always

Every AI agent action is logged with timestamps and available to you. Every production deployment logged with reviewer name, time, and approval status.

Compliance validation per vertical

Security Auditors use AI-assisted tools for vulnerability scanning. Every finding is personally reviewed. Every compliance requirement manually verified before the gate opens.

Always Visible

Five things you can see
without asking.

Transparency is built into how every WizQuest engagement runs — not offered on request.

Live Sprint Board

Every task in real time — in progress, done, blocked. Visible at any moment.

Daily Standup Notes

Posted every morning. Completed, in progress, blocked. Written, not a meeting.

Weekly Live Demos

Every Friday: working software demonstrated live. The actual product, not a slide deck.

Budget Burn Tracker

Hours spent, cost incurred, runway remaining — updated in real time. Always before you ask.

AI Security Audit Log

Every agent action logged and available. Staging only, synthetic data only — verifiable anytime.

AI agent costs are included in your fixed price. Always.Zero line items

We manage token costs internally through model tier selection, context window management, and prompt caching. The budget tracker shows what matters to you: human-hour cost, sprint velocity, and delivery progress. You will never see a token line item.

Always True

Four things that never change.

These apply to every WizQuest engagement, from the first sprint to the last.

01

Your code. Your repos. From day one.

We work inside your repositories on your infrastructure from the first commit. Everything built is yours. No proprietary tools, no platform dependencies, no licence fees after the engagement ends.

02

A named human is accountable for the outcome.

Every engagement has a specific named senior engineer who owns the result. A person — not a team. The same person who runs your standup, presents at your demo, and answers when something breaks.

03

AI never touches your production data.

AI agents operate exclusively on staging environments with synthetic or anonymised data. No AI agent is ever given credentials to production systems. Verifiable through the audit log at any time.

04

No lock-in. Clean exit at any sprint boundary.

You can end any engagement at the close of a sprint. No exit fees. No IP transfer cost. No contractual minimum beyond the current sprint. You stay because the work is worth it.

Which Model Fits?

Same process. Different depth.

The five phases and all commitments apply to every service line. The difference is who leads, for how long, and what they are accountable for.

FDE

Forward Deployed Engineering

A senior engineer embeds inside your team for weeks or months. They own the technical delivery and the client relationship simultaneously — business fluency and technical depth in one person.

Learn about FDE
AI POD

Dedicated AI Pod

A full structured team executes a defined workstream with AI-assisted delivery and human-controlled release gates. Every role paired with agents. Every release gated by DevOps and Security.

Learn about AI Pods
Enterprise AI

Enterprise AI Implementation

Implementation of HubSpot AI, Intercom Fin, Glean, Moveworks — properly configured, tested against your real data, and actually adopted by your team. Not plug-and-play. Done right.

Learn about Enterprise AI

Start with 30 minutes.

No slides. No pitch. Just the three questions that tell us whether we are the right fit.

Book a Discovery Call
Response within 24 hours No obligation NDA on request First sprint in days