ABCDEFGHIJKLMNOPQRSTUVWXYZ
1
(an example) Service Maturity Model from OpsLevelLearn More
2
What is a Service Maturity Model? A framework for building services that adhere to your best practices, without giving up developer velocity. Check out our launch blog to learn more.Blog
3
The horizontal axis across the top of the rubric contains Service Levels. A service reaches Silver only when it passes all of it's checks in that level. In OpsLevel, the names & number of levels in your rubric are configurable. Generally, lower levels (e.g. Bronze) should be basic, low investment tasks OR mission critical tasks that are worthy of stopping product development work.
Service Maturity Docs
4
The vertical axis running down the left hand side contains categories. Categories are configurable in OpsLevel and allow you to organize checks into whichever functional domains your org prefers.
Request an OpsLevel demo
5
Each cell in the rubric is a individual check. Checks can evaluate services on any service attribute that's tracked in or submitted to OpsLevel. By default Checks apply to all services, but can be scoped to only apply to relevant services with filters, as indicated by the italicized text below. Service Tiers are a very common filter, but any sevice attribute can be used.
Jump to blank rubric
6
7
→ → → CHECK COMPLEXITY INCREASING → → →
8
Guidelines for checks levelsBronze checks:
- Simple, quick-wins (often ownership related)
- Obvious, mission critical activities (often security-related)
Silver checks:
- Standardization, consistency, & baselines - Can we actually measure/track a service's status and performance? Are services using the correct versions of supported/preferred libraries, tooling, etc?
Gold checks:
- Continuous improvement & goal setting - do we see positive trends in key metrics? Are we setting & meeting goals and objectives?
- Bar Raisers - are we operating as efficiently as reasonably possible? Are we de-risking our activities via automation? Are we prepared for worst-case/outlier events?
9
10
BronzeSilverGold
11
12
13
Service OwnershipHas Owner Defined
Language Version >= #.#.#Cloud Cost Optimization Analysis
14
Has Linked Repository
15
Has Service Tier Defined
16
Has Service Language Defined
17
Has README file in Repo
18
19
SecurityIs the Service internet-facing?
Container/Artifact Repository Vulnerability Scans Enabled
- Internet Facing = YES
Container/Artifact Repository Scans Return No Critical Vulns
- Internet Facing = YES
20
Does the Service handle PII?
Library Vulnerability Scans Enabled
- Internet Facing = YES
Library Scans Return No Critical Vulns
- Internet Facing = YES
21
No Secrets Stored in CodeAutomatic Key Rotation
22
No HTTP connections allowed
23
Only Using Standard Subnets
24
25
ReliabilityIncident Mgmt Tool: PagerDuty
- Tier 3 Services+
Service Level Indicators Defined
- Tier 2 Services+
Service Level Objectives Defined
- Tier 2 Services+
26
Has Chaos Engineering Tool Configured
- Tier 2 Services+
Disaster Recovery Plan
- Tier 2 Services+
27
Gameday run in last 90 days
- Tier 1 Services
28
Gameday run in last 365 days
- Tier 2+3 Services
29
Graceful Degradation/Failure Patterns
- Tier 2 Services+
30
Canary Deployments
31
32
ObservabilityAPM Tool: New Relic
- Tier 2 Services+
33
Metrics Tool: Datadog
- Tier 2 Services+
34
Logs Tool: NOT Splunk
- Tier 3 Services+
35
Error Tracking Tool: Sentry
- Tier 2 Services+
- Audience = External
36
37
38
ScalabilityDefine & Deploy Infra as CodeUsing Kubernetes in Prod
- Tier 2 Services+
Load Testing Passed
- Tier 1 Services
39
40
41
QualityStatic Code Analysis enabled
- Tier 3 Services+
Code Maintainability Rating > X
42
Test Coverage Rating > Y
43
44
45
46
47
Ready to scale up your Service Maturity Model with the integrations and automations in OpsLevel?Request a live demo here
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100