CODITECT
Business Orchestration Layer · AI Harness · QMS Platform
Home Sign out

When addressing one of the three deficiencies fails

ITIL takes over: the failure is recorded, triaged, remediated - and closure requires evidence.

When a test fails, an alert fires, or a violation is detected, an ITIL incident opens automatically. Triage runs agentically. Remediation flows through the standard pipeline (selection, execution, recorded outcome). Closure requires evidence - the failing test now passes, the alert no longer fires.

The problem - in Mark Walker's words
"We and every other software company in the world are outstripping our ability to test what we're building."

Why now: the velocity of agentic coding has decoupled from the velocity of testing, auditing, and validation - the knowledge and proof that AI agents did what they were tasked to perform, i.e. testing, in this case. An AI agent can produce more code in a day than a team used to write in a sprint. The test, audit, and compliance layers did not get faster at the same rate. The gap is structural and widens with every model release.

Three deficiencies - in every company today - that no software addresses:

  • determining which tests need to run for a particular release
  • checking whether they ran
  • recording the outcome

Mark Walker, nue.io - meeting transcript [00:46:36]

ITIL is what happens when addressing one of the three deficiencies fails. The incident is opened automatically, remediated agentically, and closed with evidence.

ITIL is what happens when addressing one of the three deficiencies fails

When a selected test fails, when an execution times out, when a recorded outcome flags an anomaly, an ITIL incident opens automatically. Severity is classified, owner is assigned, the timeline starts.

Detection sources today: CI failures, dependency vulnerabilities, and standards violations - each opens an ITIL incident automatically per ADR-335. Runtime-alert routing, audit-trail anomaly detection, model-drift, and regulatory-update feeds are part of the OBSERVE phase of the Universal Quality Development Harness per ADR-320.

Triage and remediation are agentic

An agent reads the related code, the failing test output, the recent changes, and proposes a remediation. The remediation is dispatched as a normal CODITECT task with the same review gates that apply to ordinary feature work.

The triage agent is foundation-model-agnostic. The same incident workflow runs whether the model is Anthropic, Gemini, Codex, Kimi, or a local open-source model. The model used is recorded per decision.

Closure requires evidence, not assertion

An incident closes only when evidence proves the failure no longer occurs: the failing test passes, the alert no longer fires, the violation is resolved. Each closure step is signed and timestamped against the incident ID.

The same record satisfies the regulatory clauses for incident management - 21 CFR Part 11, NYDFS Part 500 72-hour reporting, EU AI Act Article 61 post-market monitoring - by construction.

Integrated, not bolted on

Incidents live in the same database as tasks, code changes, tests, and audit records. There is no separate service-management tool to keep in sync. Every related artifact is one query away.

The full timeline (detection, triage, remediation, verification, closure) is a single immutable record per incident, queryable directly by auditors and regulators.