Ops

Are we ready for Pre-Production?

Useful for

Startup playbookProduction readinessGovernanceOperations

Introduction

Before moving from Pilot to Production, the company needs a pre-production governance stance. This is the point where the business has to decide what promises it is prepared to make, who is allowed to make changes, who can accept risk, and what evidence must exist before the production environment is created.

This is not about creating bureaucracy for its own sake. It is about preventing a Pilot environment from becoming Production by accident.

Why this stage matters

Pre-Production is where the organisation stops relying on memory and starts proving that the platform can be recreated, secured, changed and recovered deliberately. The system may still be small, but the operating model needs to become more disciplined.

This gate exists because a successful Pilot creates pressure to move quickly. Without a deliberate Pre-Production stance, teams often take Pilot infrastructure, add customers and call it Production.

The decision

The team is ready for Pre-Production when the platform, access model, release process, incident process and infrastructure approach can support real customer promises.

Infrastructure

Pre-Production infrastructure is where the platform starts to look like something the business can operate. The Pilot may have proved value, but Pre-Production has to prove that access, networking, deployment and recreation are controlled deliberately.

This is the stage where the company should start locking down the platform. Private endpoints, governed firewall access, VPN access and a single public entry point should become explicit decisions rather than later clean-up work.

DevOps

Pre-Production DevOps is about making change controlled without making a small team ineffective. Startups may not have enough engineers for strict separation of duties, so the approval model needs to be pragmatic. The barrier should exist, the action should be traceable and self-approval should be an explicit temporary stance when it is used.

The goal is to make releases, database changes and quality expectations visible before the company starts making Production promises.

Incident management

Pre-Production is the right time to define incident management because the team is close enough to Production for the process to matter, but not yet under the pressure of a live customer incident. The company needs a way to respond, recover and learn without relying on memory.

The incident coordinator role is important. The coordinator should manage the response, capture communications and bring in the right people. They should not be buried in the technical response, because coordination is the control point that makes the post-mortem useful.

Governance

Pre-Production governance is where the company starts preparing evidence for customers, not just internal confidence. The platform, delivery process and data position should be explainable enough to support onboarding, security questions and early procurement conversations.

This is also where software supply chain controls become more important. A startup can stay pragmatic, but it needs to know what dependencies, containers and delivery tools it is relying on.

Related guidance

Container platform decisions Device and endpoint governance Testing and release quality Agentic software delivery governance Pilot to Production data migration Incident management Contracts and support promises Software supply chain Customer trust pack Data protection assurance Policies and procedures

Summary

The company should be able to recreate, secure, change and recover the platform deliberately before it starts making Production promises.

How Brokenhouse helps

Turn this into a practical plan.

I help technology teams turn this guidance into decisions, implementation plans, governance evidence and production-ready operating models.

Talk through your situation

Next guidance

Related decisions to work through

View playbook

Ops

Startup playbook: from POC to Production

This is a CTO playbook for augmenting the agentic SDLC with the company work that sits around the software. Most startup writing focuses on building the product. This playbook focuses on the identity, governance, data protection, delivery, cloud and operational decisions that allow a small SaaS company to move from idea to production without creating avoidable risk.

Ops

Is the company ready?

The first few months of a software business are not just about building the product. They are about creating the conditions that allow the product to be built, deployed, governed and supported without the company tripping over its own foundations.

Ops

Can we start the POC?

Before starting the POC, there is a small amount of governance that should be put in place. This is not about slowing the team down or pretending to be an enterprise. It is about creating enough shape that the first few months do not become a mess of forgotten passwords, inconsistent names, unclear decisions and accidental access.