SERVICE_READINESS — billing-service

Pre-launch readiness checklist. Service ships only when every item is ✅. Owner sign-offs at the bottom.

1. Functional readiness

#	Item	Status
1.1	Folio open / charge / payment / refund / close happy paths green in E2E	☐
1.2	Multi-currency folio close passes property-based suite	☐
1.3	Cash drawer open / receipts / initiate-close / close (online) E2E green	☐
1.4	Two-staff sign-off cryptographic enforcement verified end-to-end	☐
1.5	Variance-over-threshold flow blocks next session and routes to acknowledge	☐
1.6	RTL Arabic invoice template + bilingual numerals visually approved	☐
1.7	Government / corporate / agent / Sharia templates rendered and approved	☐
1.8	Subscription cycle end-to-end green for at least 3 plans	☐
1.9	Dunning state machine green: current → grace → past_due → suspended → reactivated	☐
1.10	Reservation event integration (confirmed, checked-in, checked-out, cancelled) green	☐
1.11	Payment-gateway event integration (captured, refunded) green	☐
1.12	Tenant-created event provisions per-tenant schema and initializes subscription	☐

2. Non-functional

#	Item	Status
2.1	Folio mutation p95 ≤ 350 ms in load test	☐
2.2	Invoice generation p95 ≤ 2 s in load test	☐
2.3	Cash drawer close p95 ≤ 5 s in load test	☐
2.4	Outbox lag p99 ≤ 30 s under sustained load	☐
2.5	Cloud Run min replicas configured: api 3, drainer 2	☐
2.6	Cloud SQL HA + cross-region replica + PITR 7d configured and tested	☐
2.7	Per-tenant schema migrator job runs cleanly on 100 fixture tenants	☐

3. Security & compliance

#	Item	Status
3.1	PCI SAQ A self-assessment completed and reviewed	☐
3.2	DLP scan passes (no PAN-shaped strings in repo, logs sample, outbox sample)	☐
3.3	Schema-per-tenant + RLS verified by cross-tenant attack test	☐
3.4	Step-up token verification + nonce single-use confirmed	☐
3.5	mTLS in VPC verified for all service-to-service calls	☐
3.6	Secrets only via Secret Manager + Workload Identity (no env-baked)	☐
3.7	Audit retention 7 years configured in audit-service for billing topics	☐
3.8	DSAR / offboarding rehearsal: schema archive + 90-day drop verified	☐
3.9	Sharia-compliant tenant invariants verified in domain tests + E2E	☐

4. Observability

#	Item	Status
4.1	Tracing on all entrypoints; sampling rules deployed	☐
4.2	Logs emit mandatory fields; PII redaction tested	☐
4.3	All metrics in OBSERVABILITY §4 emitted in staging	☐
4.4	All dashboards in OBSERVABILITY §5 created	☐
4.5	All alerts in OBSERVABILITY §6 wired to PagerDuty / Slack	☐
4.6	Synthetic monitor running and alerting on failure	☐

5. Operational

#	Item	Status
5.1	On-call rotation defined (billing-on-call PagerDuty schedule)	☐
5.2	Runbook reviewed by all on-call engineers	☐
5.3	Disaster-recovery drill executed with documented RPO/RTO	☐
5.4	Cloud Build pipeline green on main; canary auto-rollback validated	☐
5.5	Cost guardrails set in FinOps dashboard	☐

6. Documentation

#	Item	Status
6.1	All 17 service docs (this bundle) reviewed and merged	☐
6.2	docs/03-microservices/billing-service.md reviewed and merged	☐
6.3	OpenAPI published and consumed by BFF stubs	☐
6.4	Event schemas published in the schema registry	☐
6.5	New ID prefixes (fpm_, frd_, cnt_, set_, cdr_, cds_, dcr_, sub_, sin_, sil_, usg_, pln_, cnl_, ln_) added to NAMING.md	☐
6.6	New error codes registered in ERROR_CODES.md (BILLING domain extensions)	☐

7. Tenant readiness

#	Item	Status
7.1	Tax rules seeded for all GA jurisdictions (AF, PK, SA, AE, TJ, IR)	☐
7.2	Default plans (STARTER_PER_ROOM, PRO_PER_ROOM, ENTERPRISE_FLAT) registered	☐
7.3	Invoice template per customer class published per market	☐
7.4	Cash drawer variance default thresholds set per currency	☐
7.5	Sharia-compliant flag UI verified in tenant admin	☐

8. Sign-offs

Owner	Role	Sign-off
	Service owner (Engineering)	☐
	Domain owner (Finance)	☐
	Security	☐
	SRE	☐
	Compliance	☐
	Product	☐

9. Cross-references

• All bundle docs: see SERVICE_OVERVIEW header bar.
• Risk register: SERVICE_RISK_REGISTER.