Chapter 4: The Engineering Fiefdom

Predators do not operate in a vacuum; they operate in the negative space created by incompetent management.

Grading Their Own Homework

The collapse of IT General Controls (ITGC) begins with technical illiteracy at the management layer. Because the manager (Alexandre) was incapable of validating technical reality—literally using a manual stopwatch for frontend performance testing in 2023 and fundamentally misunderstanding the Pull Request (PR) architecture—he surrendered total technical control to his favored subordinate (Daniel).

This surrender created the Engineering Fiefdom. Daniel utilized this vacuum to build a single-point-of-failure dictatorship. He stealth-merged bad code, broke architecture, and caused nightmarish regressions, directly bypassing SOX 404 peer-review mandates.

Weaponized Code Reviews & The Hijacking of "Done"

To hide this structural sabotage, the subordinate weaponized the PR process itself. He would relentlessly attack peer code, nitpicking trivialities to divert attention away from his own architectural damage.

More critically, he hijacked the very Definition of Done. He manipulated sprint planning by providing artificially high estimates, creating a buffer to hide his inefficiencies. Because management was technically blind, the Quality Engineering (QE) team and Product Owners were forced to capitulate to him. QE had to rely on his subjective explanation of what the code was supposed to do, rather than testing against objective architectural requirements.

By allowing a bad actor to dictate the estimates, write the code, and define the testing criteria—literally "grading his own homework"—the management layer systematically capitalized defective software, cementing the federal fraud.