Celestial Mode: Day

MFid vs SLOs, DORA, ISO 25010

Where the prior art catches the gap. Where MFid catches what they miss.

The honest comparison

MFid is not the only measurement framework in this category, and it would be malpractice to pretend otherwise. There are three serious incumbents:

  • Google SRE — SLI / SLO / Error Budget. The industry-standard vocabulary for “did the system meet its published target?” at fine granularity.
  • DORA Four Keys. Deployment frequency, lead time, change failure rate, mean time to restore. The de facto KPIs for software delivery.
  • ISO/IEC 25010:2023. Nine product-quality characteristics (functional suitability, performance efficiency, compatibility, interaction capability, reliability, security, maintainability, flexibility, safety) with a published international standard.

If a CTO already runs SLOs + DORA + ISO 25010 audits, they should ask what MFid adds. Here is the honest answer, with a worked scenario.

What each framework actually measures

Framework Scope Output Audience
SLO / Error Budget Per-service; software you operate Burn rate vs. target; release/freeze decisions SREs, on-call engineers
DORA Four Keys Delivery pipeline of an engineering org Four KPIs benchmarked against industry quartiles Engineering leadership
ISO/IEC 25010 Product quality of software systems Audit report against nine characteristics Procurement, certifiers
MFid Hardware + vendors + processes + software, on one scale Single composite score; spec-vs-actual deltas filed as findings CIO/CTO/board; procurement; the buyer

Worked scenario — a regional bank closes Q3

Hypothetical scenario, common pattern. A 1,200-person regional bank, mixed cloud + on-prem, three core vendors and two managed-service providers.

What SLOs catch

The internal mobile banking service has an availability SLO of 99.9% measured at the load balancer. In Q3 the SLO budget was 73% consumed. The SRE team correctly throttled release velocity in week 10 because burn rate exceeded 2× target. SLOs caught the symptom inside the service.

What DORA catches

The deployment frequency dropped from 6/week to 2/week starting week 9. Lead time for changes doubled. MTTR for the mobile service rose 40%. DORA showed leadership that delivery throughput had degraded. DORA caught the consequence in the engineering org.

What ISO 25010 catches (at audit time)

The annual ISO 25010 audit (Q4) noted reliability degradation and a maintainability concern in the integration layer. Audit recommended remediation. ISO 25010 caught the artifact in retrospect.

What MFid catches that none of the above did

The MFid Q3 scorecard published the following:

  • Core banking vendor SLA: 99.95% contracted, 99.74% delivered. MFidvendor = 0.79. This is upstream of the internal SLO. The mobile service was being asked to absorb an external vendor’s SLA breach with no contractual recourse documented.
  • ISP bandwidth at branch network: 1 Gbps contracted, 710 Mbps measured at peak. MFidnet = 0.71. Contract clause 4.2 triggered — credit owed but never claimed in three prior quarters.
  • Helpdesk process: 4-hour response SLA, 6.2-hour observed average. MFidprocess = 0.65. Audit flagged staffing gap at peak hours.
  • SDCorp’s own service: 60-minute promised response, 42-minute observed. MFidSDC = 0.91. Published to the same scorecard.
  • Aggregate stack MFid: 0.79, Tier-1 over 81% of subsystems.

What this catches that SLOs/DORA/ISO 25010 do not:

  1. The vendor breach upstream of the SLO. SLOs measure your own service against your own target. They do not measure your vendor’s contract against your vendor’s delivery. MFid does — on the same scorecard, in the same units.
  2. The ISP shortfall in the same units as the vendor SLA breach. No SLO portfolio scores a 710 Mbps WAN circuit on the same scale as a 99.7% cloud SLA. MFid does.
  3. The auditor’s own performance against the auditor’s own claim. SDC’s 0.91 is published next to the vendor’s 0.79. If we drop, the client sees it before we explain it.
  4. One number for the board. An SLO portfolio + DORA dashboard + ISO 25010 report is three artifacts in three vocabularies. The MFid aggregate (0.79) is one number a board can trend. The detail is one click below.

Where MFid is redundant — and we should say so

  • Inside a service you operate, SLOs are better. They are higher-resolution, real-time, and the on-call team already speaks the language. We use SLO portfolios as inputs to D and O, not replacements for them. If a client already runs SLOs well, we map them into MFid; we do not re-invent them.
  • For delivery-pipeline health, DORA is better. The Four Keys are the right instrument for engineering-org throughput. MFid does not measure deployment frequency. We cite DORA in the audit if relevant.
  • For product-quality certification, ISO 25010 is the standard. If the client needs a certifiable artifact for procurement or compliance, ISO 25010 is the deliverable. MFid is the operating dashboard between certifications.

What MFid is for

Composite reporting, across categories the incumbents do not span (hardware + vendors + processes + software), with an explicit adversarial framing (we are scoring their claim, not our aspiration), in one number a non-engineering audience can trend. That is the niche. We do not claim more, and we will not pretend the prior art does not exist.

Want MFid run alongside your existing instrumentation?

We will read your SLO portfolio, your DORA dashboard, and your last ISO audit before we touch your stack. Then we will tell you the number on top.

Request an Investigation
Celestial Mode: Day