Deploy-readiness checklist.
Use this page to separate what is ready for a controlled accounting-firm conversation from what must be hardened before production use inside a firm.
What can be shown.
- Image-led public discovery page and guided intake agent.
- Sidecar notes for pressure point, systems, approver, and 30-day outcome.
- Source-aware workflow context with visible IRS, DOL, QuickBooks, Xero, FASB, AICPA, and PCAOB links.
- Partner Launch Kit, partner brief, 30-day proposal, security page, and source page.
- Protected admin cockpit for saved intakes, packets, reports, audit events, and pilot requests.
- Playwright walkthrough and smoke tests in the GitHub repo.
What must happen before firm rollout.
- Replace Vercel demo storage with durable Postgres or approved firm datastore.
- Add SSO/OIDC/SAML, role-based access, named-user audit logs, and retention/deletion policies.
- Run vendor/security/privacy review before connecting to firm systems.
- Move source retrieval into reviewed chunks with source freshness, reviewer status, and citation controls.
- Define backup, restore, monitoring, and incident-response runbooks for the production environment.
- Keep client files, tax IDs, bank data, payroll registers, tax returns, audit evidence, and private financial statements outside discovery.
What to approve first.
- One workflow pressure point and the operational owner.
- Approved systems that are source of truth.
- Support output type: routing, summary, checklist, status packet, or reviewer notes.
- Human approval point before client-facing output.
- 30-day proof metric and stop/revise/continue decision rule.
Where the repo stands.
- GitHub remains the source of truth for the public app and docs.
- Vercel is the current public demo host at ledgerpilot-ai.vercel.app.
- VPS service copy and NAS backup path are documented for the next durable rollout.
- Cloudflare proxy remains a temporary edge route until the canonical domain is ready.