How to Answer the 9 Questions

Don't guess. Inspect your system. Answer based on evidence.

How to Answer:

YES → You can verify this with logs / system behavior
PARTIAL → Exists but incomplete or inconsistent
NO → No evidence or not enforced

1. Replayability

Where to check:
Decision logs, input/output snapshots, stored metadata

Test:
Take one past decision → try to reproduce it exactly

YES → Same input produces same decision exactly

NO → You cannot fully reconstruct the decision

2. Determinism

Where to check:
Model behavior, randomness, time-based inputs

Test:
Run same input multiple times

YES → Output is identical every time

NO → Output changes across runs

3. Ownership

Where to check:
System design, service responsibility, team ownership

Test:
Ask: Who is accountable for this decision?

YES → Clear owner exists

NO → Responsibility unclear

4. Authority Boundaries

Where to check:
Permission checks, role validation

Test:
Can system act without explicit permission?

YES → Action blocked without permission

NO → System assumes authority

5. Failure Safety

Where to check:
Error handling, rollback logic

Test:
Force a failure mid-process

YES → System returns to safe state

NO → Partial or corrupted state remains

6. Idempotency

Where to check:
API design, request handling

Test:
Send same request multiple times

YES → Only one execution happens

NO → Duplicate actions occur

7. State Validity

Where to check:
Input validation, timestamps, completeness checks

Test:
Remove or delay key input data

YES → System blocks decision

NO → System still proceeds

8. Authority Validity

Where to check:
Access control at execution time

Test:
Try executing with expired/invalid permission

YES → System blocks action

NO → System allows action

9. State Continuity

Where to check:
Data lineage, audit trails

Test:
Trace decision back to original source

YES → Full trace exists

NO → Missing or broken lineage

If you cannot verify it → it is NOT a YES.