The Company follows a structured, platformisation-led delivery approach to execute customer engagements across its practices and geographies. While the exact steps may vary based on the engagement model (engineering teams, fixed-price projects and managed services), the Company’s business processes are generally designed to ensure predictable execution, quality assurance, information security and continuous reuse of internally developed components under the Platformisation Service Model (PSM).

1. Client Discovery and Scoping

The Company typically begins engagements through structured discovery to understand business objectives, user workflows, target outcomes, and the existing technology landscape. For regulated sectors (including healthcare), discovery also includes an initial review of applicable privacy, security and compliance considerations. The outputs generally include a high-level solution direction, indicative scope, timeline assumptions and resourcing approach.

2. Solution Design and Architecture

Based on agreed scope, the Company defines the target architecture, data flows, integration requirements, non-functional requirements (such as performance and availability) and security controls. Where AI/automation is involved, the design stage may include data readiness assessment, model approach selection, workflow orchestration design, and guardrails for safe and controlled automation.

The Company applies platformisation principles by identifying reusable components (“smartPods”), integration connectors and workflow patterns that can accelerate delivery.

3. Delivery Planning and Governance

The Company typically establishes an engagement governance model aligned to the client’s operating rhythm, including project plans, milestones, communication cadence, risk/issue management and reporting. A delivery leadership structure (such as engagement managers, solution architects and delivery managers) is set up to ensure coordination across engineering, quality assurance, security and domain teams.

4. Build, Engineering and Implementation

The Company executes development using modern engineering practices and iterative delivery. Delivery activities may include application development, cloud engineering, data engineering, integrations, automation workflows and platform engineering.

The Company endeavours to standardise build practices through coding standards, version control, documentation discipline and controlled release cycles. Under PSM, delivery teams also identify repeatable modules that can be modularised and reused across future engagements.

5. Quality Assurance, Testing and Validation

Quality control is embedded through test planning and execution, which may include functional testing, integration testing, regression testing, performance testing and security testing, as applicable to the engagement.

For AI-enabled solutions, validation may include dataset checks, output quality evaluation and workflow validation aligned to intended use. The Company works with customers to complete user acceptance testing and readiness checks prior to release.

6. Deployment, Transition and Go-Live Support

Deployments are typically executed through controlled environments (development, staging and production) with release management and monitoring practices. The Company supports go-live readiness through cutover planning, training (where applicable), documentation handover and stabilisation support.

Depending on the engagement, deployments may be performed on customer infrastructure, cloud environments or hybrid setups.

7. Managed Services and Ongoing Enhancements

For managed services engagements, the Company provides ongoing operational support, monitoring, incident management, issue resolution, upgrades and continuous enhancements based on agreed service levels and change management processes.

This phase may also include optimisation of performance, security hardening and implementation of new features as the customer’s needs evolve.

8. Knowledge Capture and Continuous Improvement under PSM

The Company conducts periodic internal reviews to capture learnings from delivery and to improve repeatability, speed and quality. Reusable modules, workflow wrappers, accelerators and engineering patterns identified during delivery are evaluated for inclusion into the smartPods library and broader platform assets under PSM.

This continuous improvement loop is intended to strengthen delivery predictability, reduce rework and support scalable execution across engagements.

The processes described above are indicative and may be adapted based on project scope, customer requirements, delivery model and regulatory context.

Delivery Model

The Company operates a hybrid global delivery model, combining offshore engineering scale with selective onsite and near-shore presence.

• Centralised delivery centres and AI Labs in India (Mohali, Nagpur and Dehradun).
• Client-facing, solution and governance teams in North America and APEM regions.
• Typical majority of services provided offshore, with minimal onsite delivery based on engagement complexity.

AI-Native Strategy: AI Labs and GCC Enablement

The Company is transitioning toward an AI-native operating model through two complementary structures:

AI Labs (Vertical Enablement)

• Domain-aligned AI Labs for Healthcare and Enterprise verticals.
• Development of domain-specific AI models, agentic workflows, explainable AI (XAI) and compliance-ready components.
• Continuous conversion of delivery experience into reusable IP, platforms and accelerators.

Global Capability Centres (GCC) (Horizontal Enablement)

• Centralised engineering, AI, data, cloud, security and platform teams.
• Horizontal enablement of DevSecOps, interoperability and compliance.
• Reuse and scaling of AI capabilities across regions and verticals.

This dual structure enables AI to function as a core operating layer across the organisation, supporting both services delivery and platform-led growth.

Quality Control

The Company was certified with CMMI Level 3 up to 2019. Thereafter, the Company follows CMMI Development Level 3 compliant processes along with ISO 27001 across its delivery operations and holds a valid ISO 27001 certification.

The Company is in the process of recertification of CMMI Level 3 for business development, expected to be obtained in this financial year. Subsequently, the Company plans to pursue CMMI Level 4 certification.

• Defined and documented SDLC processes.
• Embedded quality assurance and independent testing.
• Automated testing, secure code reviews and CI/CD pipelines.
• Delivery metrics covering schedule adherence, defect density and customer satisfaction.
• Periodic audits, management reviews and continuous process improvement initiatives.

Data Protection and Security

smartData implements data leak prevention (DLP) policies supported by security controls across the organisation. Network traffic is protected through enterprise-grade firewall solutions (including Fortinet).

Endpoints are secured with protection and antivirus tools (including Bitdefender). Data protection and access control policies are centrally enforced through Active Directory to support role-based and compliant data usage.

Key workloads and organisational data are hosted on AWS cloud infrastructure, leveraging AWS security, compliance and encryption standards to support availability and data integrity.

Research and Developments

Research and development continue to play a key role in advancing the Company’s platform-led and AI-driven initiatives. The Company undertakes focused R&D activities through its AI Labs and dedicated product engineering teams.

These efforts are primarily directed towards healthcare automation, enterprise orchestration, agent-based systems, interoperability, and regulatory compliance.

In accordance with Ind AS, eligible development costs are capitalised as intangible assets where future economic benefits are expected. Ongoing R&D investments support development activities relating to smartCareAI and smartAgenticAI, subject to successful development and commercialisation.