Critical Projects

How are critical projects defined?

These projects aren’t considered a function of OKRs (e.g., ambitious) but are considered critical because they

  • must be accomplished fully within a specific time frame; and
  • require cross-functional collaboration; and
  • address immediate-term risks within security or GitLab

Critical Projects must use the label sec-okr::p0.

SMART and not an OKR

In essence, SMART goals are about setting clear, achievable objectives, while OKRs focus on setting ambitious goals to drive performance and align efforts across an organization.

A SMART goal is a framework for setting clear, attainable objectives, characterized by the acronym SMART, which stands for Specific, Measurable, Achievable, Relevant, and Time-bound:

Specific: The goal is well-defined and clear to anyone who has a basic knowledge of the project. Measurable: The goal has criteria for measuring progress and completion, making it easy to track success. Achievable: The goal is realistic and attainable, not something too far out of reach. Relevant: The goal matters to the business or individual, aligning with broader objectives. Time-bound: The goal has a deadline or defined timeframe, giving it a sense of urgency and a timeline for completion.

Relationship to Security OKRs

  • Work toward these objectives takes a higher priority over OKRs
  • The more critical projects we assume, the fewer OKRs we should have. It should be considered acceptable to have a quarter with one or zero OKRs due to critical project load.
  • Expected critical projects are identified during the OKR planning process between functional leaders.
  • It’s possible for there to be zero critical projects in a given quarter.
  • It’s possible for an unexpected and critical project to appear mid-quarter outside of the OKR planning cycle. Functional leaders should recalibrate relevant KR expectations accordingly, and within the relevant OKR issues.
Last modified June 27, 2024: Fix various vale errors (46417d02)