Framework family position

AI Capability Playbook

This package is part of a coordinated family, not a standalone artifact. Start with the relationship map, use the shared core for common primitives, then read each applied package at the right altitude.

Shared FoundationsCommon vocabulary, evidence states, source authority, non-inference, readiness, governance, eval, capacity, and sustainment primitives.

DoctrineAI Capability Discipline teaches the general mental model for governed AI capability formation.

Team Operating ModelMLL WESS applies the discipline to preflight, Jira, contractor effort, capacity, and service-stack commitments.

Reference ImplementationEnterprise Architecture Review Assistant shows how the discipline becomes a governed assistant blueprint.

Team operating model

Relationship to AI Capability Discipline

This package applies the shared doctrine to scarce team capacity, preflight, contractor effort, Jira epics, service-stack change, and operationalized capability. It is the practical commitment model for when ideas become team obligations.

Start: Playbook Map AI Capability Discipline Reference: Enterprise Architecture Review Assistant

MLL Workstation Engineering Services (MLL WESS) Development Commitment and Build-Readiness Framework

Controlled Development Commitment, Capacity Governance, Copilot Governance Alignment, Manual Preflight Harness, Agent Boundary, Repo-Seed, and Build-Readiness Public-site edition v0.5 with historical handoff notes

Status: Public-site edition v0.5. Historical handoff baseline v0.4.2 is preserved for package-history traceability with company Copilot governance alignment and manual preflight harness.
Source baseline: v0.3.3 showpiece package, v0.2.1 team adaptation, Enterprise Architecture pattern, and Master Context Canvas v0.3.
Primary purpose: protect fast experimentation while governing the point where ideas ask for scarce team capacity, contractor effort, Jira epics, service-stack change, recurring use, governance routing, or durable support.

Historical front-door reframing

This is not an intake process for ideas. It is a commitment model for scarce team capacity.

Experimentation stays lightweight. Preflight starts when work asks for shared capacity, contractor effort, Jira epics, service-stack change, recurring use, governance routing, or durable support.

Sandbox freely

Personal or local exploration, mock-data prototypes, prompt tests, and learning stay default-allowed.

Feasibility-check quickly

Use a short timebox to answer one specific unknown before committing more capacity.

Preflight on commitment

Apply preflight when work becomes a team, contractor, Jira, service-stack, governance, or support commitment.

Operationalize responsibly

Operationalized means owner, value, support model, sustainment, governance path, and stop condition.

Not 31 gates

The numbered sections are a reference manual, not a sequence of approval gates. The operating model is simple: sandbox freely, feasibility-check quickly, preflight when capacity or operational commitment is requested, and operationalize only with owner, value, support, and stop condition.

Executive boundary

This framework is not intended to reduce engineering autonomy. It separates experimentation from capacity commitment.

Engineers, lifecycle leads, operations leads, and technical owners should continue to propose ideas, explore improvements, challenge assumptions, and shape solutions. The change is that shared team capacity, contractor effort, Jira epics, service-stack changes, durable tooling, automation, agents, and operational dependencies require clearer entry criteria before they consume meaningful time or become part of how the service runs.

Jira is not approval. Silence is not approval. Developer enthusiasm is not priority. Useful is not operationalized.

Executive thesis

The core operating principle is direct:

Experiment freely. Productize deliberately.

A prototype can start from curiosity. A time-boxed feasibility check can answer one specific unknown. A preflight-approved proof starts only after the work is shown to be worth limited team capacity. An operationalized capability requires ownership, value, sustainment, support model, governance routing, and a decision record.

The adapted operating model preserves the EA package pattern: define the decision brain before building the interface or backlog. For MLL WESS, the "brain" is not architecture review policy. It is development investment discipline: value, capacity, ownership, governance routing, sustainment, stop conditions, and backlog-entry readiness.

1. Problem we are solving

MLL WESS is a small, capacity-constrained team. Development ideas, automations, tools, agents, dashboards, and workflow improvements can emerge quickly, especially as AI and Copilot-style tools make prototyping easier.

The risk is not that people experiment. The risk is that experiments quietly become team obligations, service-stack dependencies, contractor work, Jira epics, or recurring operational tools without a clear value case, owner, support model, or alignment to management priorities.

Current risk pattern

Risk	Why it matters
Useful but misaligned work	A tool can help someone and still displace higher-priority OPEX, support, lifecycle, or reliability work.
Hidden capacity consumption	Employee time, contractor time, product-owner effort, and sustainment are often treated as free when they are not.
Backlog pollution	Well-written Jira stories can represent work that should not consume team capacity.
Shadow operationalization	A prototype can become relied upon before anyone agrees to own it.
Tool staleness	Agents, dashboards, and scripts can become stale when models, source data, policies, or workflows change.
Unclear authority	A tool can sound authoritative without being validated, supported, or official.
Governance late discovery	ISRM, TQ, privacy, platform, or service-owner triggers may be found after build work has already started.

The business problem is not a lack of ideas. The business problem is choosing which ideas deserve scarce capacity and preventing unapproved work from becoming operational debt.

2. Team context and capacity reality

MLL WESS operates with approximately three FTE including the service owner, plus a global contractor pool split across operations and project work. The team carries ongoing lifecycle and operational obligations while facing cost pressure and management expectations to drive efficiency.

Internal build does not mean free

Internal build must account for:

employee product-owner time
employee technical lead time
contractor development time
contractor support or maintenance time
operations support time
documentation and handoff time
governance and administrative time
recurring sustainment time
dependency time from Information Security Risk Management (ISRM), Enterprise Technical Quality (TQ), privacy, platform, architecture, or service owners

If work consumes 30% of a person’s time, it is cost, whether the person is an employee or a contractor. Accounting may hide it. Reality does not.

3. Management priority lens

The team is under cost pressure. Development investment should be evaluated against current management priorities, and value should be classified before it is judged. Common triggers include support load, reliability, security, compliance, lifecycle obligations, and funded commitments.

Value classification

Value class	Default treatment in this model
Direct savings	Strongest when it lands in the accountable operating budget.
Indirect savings	Useful when the financial path is credible but not yet booked.
Avoided cost	Valid when the counterfactual cost, renewal, incident, or lifecycle obligation is real and time-bounded.
Risk reduction	Valid when operational, security, compliance, or audit exposure is evidenced and the decision owner agrees it matters now.
Capacity release	Useful when released time is tied to named work or support demand.
Quality or rework reduction	Valid when defect load, rework, or service drag is measurable.
Cross-workstream value	Valid when the benefit lands outside the local team only if a benefiting owner and sponsor accept it.

Useful work is not automatically priority work.

All value classes matter, but not equally in every business climate. When the immediate decision context is an OPEX reduction mandate, direct savings from an accountable operational budget may be the only class that materially changes the decision.

Work that benefits another team, site, business area, or external P&L may still be valuable, but it requires a sponsor, benefit owner, leadership alignment, or explicit priority decision.

Owner roles

Decision owner: decides whether the work clears the current line.
Budget owner: owns the operating budget, contractor spend, or capacity being affected.
Benefiting owner: receives the service, cost, risk, or quality benefit if the claim is true.
Evidence owner: owns the numbers, baseline, or operational proof behind the claim.

Outcome Acceptance Line

The Outcome Acceptance Line is the current threshold for approved work. A proposal can have real value and still sit below the line. If it is below the line, the right action is usually sandbox, time-boxed feasibility, explicit leadership exception, parking, or rejection.

4. Cultural framing: autonomy with alignment

This framework is not intended to remove autonomy. It clarifies where autonomy applies and where alignment is required.

Autonomy remains strongest inside approved work

Engineers shape implementation options.
Operations and lifecycle leads identify constraints and risks.
Technical leads shape build approach.
Agent Jester or equivalent tooling may refine approved work into clear Jira stories and acceptance criteria.
Responsible sandbox experimentation remains allowed.

Alignment is required before work becomes a team commitment

no Jira epic or sustained development effort without preflight or approved exception
no contractor capacity assigned to non-sandbox development or new solution work without capacity visibility and approval
no service-stack or operational dependency without ownership and support assumptions
no governance-sensitive work without appropriate routing
no durable capability without named owner, value statement, support model, and stop or retirement condition

Consensus is preferred. When consensus is not possible, final priority and capacity decisions must align to accountable service ownership and management direction.

Decision-rights principle

Engineers and technical leads may recommend, shape, and execute approved work. They do not unilaterally approve portfolio priority, contractor capacity consumption, service-stack promotion, operationalization, sustainment commitment, governance-sensitive routing decisions, durable capability ownership, or work that consumes shared team capacity.

Development work, new solution work, new capability work, contractor-funded build activity, service-stack promotion, and operationalized capability decisions ultimately require approval from the MLL WESS team leader. Management-team service owners provide scope, feasibility, capacity, and operational input for their respective areas, but shared development capacity and new capability direction must remain aligned through the team-leader decision point.

5. Plain-English glossary

Term	Plain definition	What it is not
Sandbox	Personal or local experimentation that does not consume meaningful team capacity, touch sensitive data, create users, or create operational reliance.	Not a backdoor to build service-stack tooling.
Time-boxed feasibility check	A short approved investigation to answer one specific uncertainty before deciding whether more work is justified.	Not a mini-project, pilot, rollout, or unapproved build.
Preflight	A short required intake before meaningful work begins. It confirms problem, value, priority, capacity, ownership, risk, governance triggers, and sustainment assumptions.	Not waterfall. Not a full PRD. Not optional paperwork.
PRD-lite	A concise product definition for non-trivial work. It explains why the work matters, who benefits, what it costs, who owns it, what risks exist, and what done means.	Not a 40-page requirements document.
Preflight-approved proof	A limited build or test authorized by a completed preflight. It validates feasibility, value, risk, support assumptions, and path forward.	Not production. Not service-ready.
Operationalized capability	A tool, automation, agent, workflow, dashboard, integration, or service accepted into the team’s operating model.	Not “just something we built.”
Service stack	Any tooling, automation, workflow, agent, dashboard, integration, or process the team relies on to deliver, manage, monitor, support, or improve the service.	Not personal productivity tooling.
Meaningful development capacity	Any work consuming notable employee or contractor time, especially beyond a small time-boxed feasibility check.	Not “free time.” Contractor time and employee time both count.
Operational dependency	Something people rely on to do work, make decisions, reduce manual effort, run a service, manage a workflow, or support an operational outcome.	Not just a demo.
Sustainment	The ongoing work to keep something accurate, supported, secure, useful, documented, aligned to reality, and lifecycle-managed.	Not optional cleanup after launch.
Benefit owner	The person, team, or function that receives the value or savings.	Not always the team doing the work.
Capacity owner	The person accountable for approving use of employee, contractor, or operational support capacity.	Not the developer who wants to build it.
Preflight record ID	The traceable reference showing the work passed intake or has an approved exception.	Not a Jira ticket pretending to be approval.
Exception	A documented, time-bound decision to bypass or defer a normal gate.	Not silence. Not “nobody said no.”
Remediation record	Documentation created when work started without proper preflight.	Not retroactive approval.

6. Lane model

6.1 Lane 1: Sandbox

Purpose: allow low-risk exploration without unnecessary friction.

Allowed work:

personal experimentation
local prototypes
prompt exploration
rough proof using mock data
learning or investigation with no shared dependency

Constraints:

no sensitive or restricted data
no production dependency
no service-stack reliance
no contractor assignment unless approved
no recurring team use
no user rollout
no Jira epic unless promoted

6.2 Lane 2: Time-Boxed Feasibility Check

Purpose: answer one specific uncertainty before deciding whether a preflight-approved proof is justified.

Default timebox: 4 to 16 hours unless explicitly approved.

Allowed work:

narrow investigation
throwaway prototype
feasibility test
connector check
data viability check
parsing or automation trigger check

Constraints:

one question
named owner
timebox
no rollout
no implied sustainment
no production dependency
no user expectation
no scope creep into build

6.3 Lane 3: Preflight-Approved Proof

Purpose: validate whether a limited build is worth continued investment.

Required before entry:

preflight record
PRD-lite or equivalent
value/TCO note
capacity estimate
governance routing check
stop condition
proof plan

Not allowed:

production use
service-stack promotion
open-ended development
recurring dependency without operationalization gate

6.4 Lane 4: Operationalized Capability

Purpose: accept a tool, automation, agent, dashboard, workflow, or service into the team’s operating model.

Required before entry:

named owner
support model
sustainment model
documentation
runbook or support guide
lifecycle and change expectations
monitoring or health check where appropriate
retirement criteria
governance approvals where triggered

7. Preflight-required triggers

Preflight is required if any of the following apply:

more than 8 hours of employee or contractor effort
any Jira epic
any contractor development assignment for development or new solution work
any recurring team use
any service-stack impact
any endpoint workflow impact
any authentication, access, or permission dependency
any automation that changes or influences service operations
any reporting used for decisions
any source-system integration
any ISRM, TQ, privacy, platform, architecture, or service-owner trigger
any work expected to persist beyond 30 days
any work intended for users outside the builder
any work presented as a management deliverable
any work that creates an operational dependency

Jira epic rule

Any Jira epic for non-sandbox work requires one of:

preflight record ID
approved exception
explicit classification as a time-boxed feasibility check

Contractor capacity rule

No contractor development assignment for non-sandbox development or new solution work without preflight approval or explicit exception.

8. Approval model

Decision	Approval expectation
Personal sandbox	Engineer discretion within guardrails.
Time-boxed feasibility check	Manager or service owner awareness/approval.
Preflight-approved proof	MLL WESS team leader for development or new capability work, with management-team service owner input for respective scope.
Contractor assignment	Capacity owner / management approval, with MLL WESS team-leader approval for development or new solution work.
Jira epic	Preflight ID, approved exception, or explicit feasibility-check classification.
Service-stack promotion	MLL WESS team-leader approval plus relevant service owner input.
Operationalized capability	MLL WESS team-leader approval plus sustainment approval and relevant service owner input.
Governance-triggered work	Required owner routing before build or promotion.

Preferred authority language:

Final priority and capacity decisions must align to the accountable service ownership and management direction.

9. Enforcement model

Start with a 30-day soft gate.

During soft gate:

apply the framework to new work
inventory existing work
classify Agent Jester and other internal tools
test the handoff from preflight to Agent Jester
tune templates and schemas
allow reasonable exceptions if documented

After 30 days, move to a hard gate for:

Jira epics
contractor capacity
service-stack work
operationalized capabilities
governance-triggered work

10. Governance routing

Route before build or promotion if the work touches the following areas.

Information Security Risk Management (ISRM)

security
identity
privileged access
secrets
endpoint protection
network exposure
vulnerability risk
logging
access controls
security monitoring

Enterprise Technical Quality (TQ)

quality
GxP
validation
regulated process impact
audit posture
technical quality expectations

Privacy / legal / data governance

PII
PHI
personal data
retention
access controls
sensitive operational data
data-sharing boundary

Platform / architecture

enterprise platforms
authentication
Copilot Studio
Azure/AWS
APIs
integrations
source-system dependency
architecture standards

Service owner / operations

endpoint workflows
backup
patching
lockdown
support process
operational reporting
run-state monitoring
service-stack dependencies

Management / capacity approval

budget impact
capacity impact
contractor consumption
priority tradeoff
external benefit or sponsor dependency

11. Capacity accounting

Every preflight must estimate:

product-owner/admin time
technical lead time
employee development time
contractor development time
contractor support or maintenance time
operations/support time
documentation and handoff time
governance/admin time
sustainment time
dependency review time

Capacity estimate should include:

total expected hours
expected duration
recurring monthly or quarterly burden
employee versus contractor split
named or placeholder resource type
whether work displaces existing operational or project commitments

Rules:

Contractor capacity is not free.
Employee capacity is not free.
Product-owner time is not free.
Sustainment time is not free.

12. Sustainment classes

Sustainment class	Meaning
Disposable	Can be deleted without operational consequence.
Best-effort	Useful but not formally supported. Users must understand limitations.
Team-supported	Named owner, documentation, and break/fix expectation exist.
Service-supported	Runbook, support path, monitoring/health check, lifecycle, change process, and recurring sustainment exist.
High-control	Formal governance, auditability, validation, retention, TQ/ISRM/privacy routing, or regulated process controls apply.

13. Anti-loophole controls

No developer assignment, Jira epic, backlog commitment, or sustained contractor effort without a preflight record or approved exception.
No service-stack work without owner and support assumptions.
No recurring operational use without sustainment classification.
No greater-good work above management priorities unless explicitly sponsored or approved.
No contractor capacity treated as free capacity.
No Jira story polish as a substitute for product/value discipline.
No “we are just experimenting” claim after users, integrations, recurring usage, or service dependencies exist.
No promotion from experiment to team utility or operational capability without a decision record.
Silence is not approval.
Jira is not approval.
Developer enthusiasm is not priority.
Retroactive preflight is remediation, not approval.

14. Exception and remediation model

Exceptions

Exceptions must be documented and time-bound.

Exception record must include:

requestor
reason
gate being bypassed or deferred
duration
risk accepted
approving person
expiration date
required follow-up

No permanent exception without owner, rationale, and review date.

Remediation

If work starts without proper preflight, create a remediation record.

A remediation record must capture:

what was started
who started it
why it started
current state
capacity already consumed
systems/data/workflows touched
users or dependencies created
risk introduced
documentation gaps
sustainment gaps
decision needed

Possible remediation decisions:

stop
quarantine
formalize
convert to sandbox
convert to time-boxed feasibility check
require preflight before further work
operationalize with support plan
retire

A remediation record is not retroactive approval.

15. Stop and retirement criteria

Every preflight-approved proof and operationalized capability must define stop or retirement criteria.

Examples:

no measurable adoption
no measurable value
support burden exceeds value
owner cannot sustain it
contractor dependency is too high
data/source becomes stale
management priority changes
replacement capability exists
run cost exceeds expected benefit
governance risk exceeds value
service owner withdraws support
benefit owner does not sponsor continuation

16. Portfolio review cadence

Establish a lightweight monthly review at first.

Review should track:

active sandbox items promoted for attention
active time-boxed feasibility checks
active preflights
active preflight-approved proofs
operationalized capabilities
contractor capacity consumed
employee capacity consumed
value delivered
blocked items
parked items
retired items
exceptions
remediation records
Jester handoff records
internal tool inventory status

Goal: maintain visibility without creating bureaucracy.

17. Internal agent and tool dogfooding requirement

Internal agents, tools, automations, dashboards, and service helpers are not exempt from this framework.

Core rule:

We must apply the same proportional rigor to our own internally developed tools that we expect other work to satisfy.

Useful does not mean operationalized. Liked does not mean trusted. Built does not mean approved. In use does not mean supported. Jira-ready does not mean investment-ready.

Internal tool status states

State	Meaning
Useful	People like it or get value from it.
Trusted	Output has been tested, reviewed, and bounded.
Operationalized	It has an owner, support model, docs, change process, and sustainment.
Authoritative	Its output can be relied on as part of the official operating model.

These states must not be collapsed.

Existing internal tool inventory

For each internal tool, agent, dashboard, automation, or script, capture:

name
purpose
creator
current users
current usage level
owner
support model
sustainment class
data/systems touched
governance triggers
limitations
known risks
last reviewed date
status: sandbox, useful but unofficial, preflight-required, approved proof, operationalized, retire/quarantine

Existing tools and agents receive an amnesty-style review. The goal is not blame. The goal is to decide what remains sandbox, what should be formalized, what needs support, what should be retired, and what should be quarantined.

18. Agent Jester finding and boundary

Agent Jester was assessed against the proposed framework.

Key finding:

Agent Jester is valuable but downstream.

Jester appears to be a structured ideation-to-backlog and story-quality assistant. It helps approved work become clear, testable, developer-ready backlog.

Jester does not currently provide full upstream investment governance. It does not validate:

management-priority alignment
value/TCO rigor
direct OPEX classification
employee/contractor capacity accounting
product-owner/admin effort accounting
governance routing
ISRM trigger detection
TQ trigger detection
privacy/legal/data governance trigger detection
platform/architecture trigger detection
service-owner routing
operational-readiness gating
sustainment ownership
benefit-owner mapping
stop conditions
anti-loophole controls
shadow-development prevention
service-stack promotion gates

Boundary statement

Jester answers:

Can this be built clearly?

The WESS Preflight Assistant answers:

Should this be built at all, how far should it go, who owns it, what value does it create, what capacity does it consume, and what risks or governance triggers apply?

Initial Jester classification

Until proven otherwise, Agent Jester should be classified as:

Useful but unofficial; preflight-required if continued, expanded, or treated as a team operating tool.

19. Agent architecture

Idea / request / experiment
  -> Sandbox or time-boxed feasibility check
  -> WESS Preflight and Build-Readiness Assistant
  -> Approved, rejected, parked, remediated, or returned for clarification
  -> If approved for backlog
  -> Agent Jester
  -> Jira epic / stories / acceptance criteria / engineering handoff

WESS Preflight Assistant responsibilities

intake
lane assignment
value classification
management-priority alignment
capacity accounting
ownership check
governance routing
sustainment class
stop condition
decision record
exception/remediation handling
Jester handoff payload

Agent Jester responsibilities

backlog shaping
Jira story readiness
acceptance criteria
functional requirement structure
developer-ready decomposition
testability checks
story-quality feedback

Agent Jester must not imply value approval, funding approval, management-priority approval, capacity approval, service-stack readiness, sustainment readiness, governance clearance, or operational readiness.

20. Agent Jester handoff contract

Agent Jester should accept structured handoff from the WESS Preflight Assistant.

Minimum handoff fields:

preflight record ID
approval status
lane
problem statement
value classification
benefit owner
capacity owner
product owner
technical owner
estimated employee hours
estimated contractor hours
estimated sustainment hours
systems/data scope
governance triggers
constraints
stop conditions
backlog-shaping scope
explicit instruction not to exceed approved scope

Agent Jester should require a preflight record ID or explicit exception for non-sandbox Jira epic generation.

Agent Jester should state:

This item may be structurally ready for backlog, but Agent Jester does not validate value, funding, approval, capacity, governance clearance, sustainment, or operational readiness.

21. Repo-seed principle

The adapted framework includes a repo-bootstrap / repo-seed package. This is not left to Agent Jester.

The repo seed defines:

human-readable artifacts
machine-readable schemas
catalogs
templates
fixture scenarios
expected outputs
validation checks
agent instructions
Jester handoff contracts
decision record formats
internal tool inventory and classification model

The upstream assistant owns the preflight/build-readiness schemas. Agent Jester consumes approved handoff payloads and produces backlog/story artifacts.

22. Proposed repo-seed artifact map

Root documents

Artifact	Purpose
README.md	Repo orientation and reading path.
PRODUCT_BRIEF.md	Product purpose, audience, problem, and value.
OPERATING_MODEL.md	End-to-end operating model.
GLOSSARY.md	Plain-English terminology.
LANE_MODEL.md	Sandbox, feasibility check, proof, operationalized capability.
DECISION_RIGHTS.md	Autonomy, alignment, approval, and team-leader checkpoint.
PREFLIGHT_GUIDE.md	How to complete preflight.
VALUE_TCO_MODEL.md	Value and economics model.
CAPACITY_ACCOUNTING.md	Employee, contractor, support, and sustainment capacity.
GOVERNANCE_ROUTING.md	ISRM, TQ, privacy, platform, service-owner, management routing.
SUSTAINMENT_MODEL.md	Sustainment classes and support expectations.
AGENT_JESTER_INTEGRATION.md	Boundary and handoff contract.
INTERNAL_TOOL_DOGFOODING.md	Internal tool rules.
INTERNAL_TOOL_INVENTORY.md	Inventory model.
ANTI_LOOPHOLE_CONTROLS.md	Explicit anti-gaming rules.
EXCEPTION_MODEL.md	Exception structure.
REMEDIATION_MODEL.md	Retroactive/remediation handling.
RETIREMENT_MODEL.md	Stop and retirement rules.
PORTFOLIO_REVIEW.md	Review cadence and portfolio view.
MANAGEMENT_PRIORITY_ALIGNMENT.md	Priority and investment alignment.

Schemas

preflight-record.schema.json
value-tco.schema.json
capacity-model.schema.json
governance-routing.schema.json
lane-assignment.schema.json
decision-record.schema.json
exception-record.schema.json
remediation-record.schema.json
sustainment-class.schema.json
jester-handoff.schema.json
internal-tool-inventory.schema.json
internal-tool-status.schema.json

Catalogs

value-classification.catalog.json
lane.catalog.json
governance-trigger.catalog.json
sustainment-class.catalog.json
decision-right.catalog.json
approval-status.catalog.json
internal-tool-status.catalog.json

Templates

preflight-record.template.md
prd-lite.template.md
feasibility-check.template.md
decision-record.template.md
exception-record.template.md
remediation-record.template.md
jester-handoff.template.md
operationalization-checklist.template.md
internal-tool-inventory.template.md

Fixtures

Fixture set includes examples for:

sandbox-low-risk
feasibility-check-connector-risk
unsupported-pet-project
direct-opex-reduction
external-benefit-no-sponsor
contractor-capacity-hidden
isrm-trigger
tq-trigger
recurring-use-without-owner
jester-backlog-without-preflight
retroactive-approval-attempt
operationalized-without-sustainment
dashboard-used-for-decisions-without-source-owner
automation-touching-endpoint-workflow
greater-good-low-management-priority
agent-jester-useful-but-unofficial
internal-agent-without-owner
internal-dashboard-stale-source

23. Non-inference rules

The WESS Preflight Assistant must not infer:

management approval
funding approval
capacity approval
contractor availability
product ownership
sustainment ownership
ISRM clearance
TQ clearance
privacy clearance
platform approval
service owner approval
data classification
operational readiness
service-stack readiness
value realization
OPEX reduction
support-load reduction
governance exemption
Jira readiness
production readiness
internal tool official status
internal tool trustworthiness
internal tool operationalization

If evidence is missing, use:

not_evidenced
requires_confirmation
requires_approval
requires_routing
blocked
not_applicable

24. Output states

Recommended decision states:

sandbox_allowed
feasibility_check_allowed
preflight_incomplete
approved_for_proof
approved_for_jester_handoff
approved_for_operationalization
useful_but_unofficial
preflight_required
parked
rejected
requires_management_decision
requires_isrm_review
requires_tq_review
requires_privacy_review
requires_platform_review
requires_service_owner_review
remediation_required
retire
quarantine

25. Build-readiness gates

A work item is not ready for preflight-approved proof unless:

problem statement is clear
value classification is selected
management-priority alignment is stated
benefit owner is identified
capacity owner is identified
product owner is identified or explicitly unresolved
technical owner is identified or explicitly unresolved
employee and contractor capacity are estimated
governance triggers are assessed
sustainment class is selected
stop condition is defined
approval status is explicit

A work item is not ready for Jester handoff unless:

preflight record exists
approval status allows backlog shaping
lane is not sandbox-only
scope is bounded
owner is named
constraints are listed
Jester handoff payload is complete

A work item is not ready for operationalization unless:

owner is named
support model exists
sustainment class is team-supported, service-supported, or high-control
runbook/support note exists
monitoring or health check is defined where appropriate
governance reviews are complete or explicitly not triggered
retirement criteria exist
decision record is approved

An internal tool is not official unless:

inventoried
owner named
purpose documented
sustainment class selected
support model defined
limitations documented
governance triggers assessed
status approved
review date captured

26. Pilot scope

The first pilot covers both:

Agent Jester
The new WESS Preflight and Build-Readiness Assistant

Pilot intent:

validate the dogfooding rule
classify Agent Jester honestly
define Jester’s downstream boundary
prove the upstream preflight model before sending work to Jester
validate the handoff schema from preflight to backlog/story shaping
prevent the argument that “Jester already does this” when Jester’s own response showed it does not provide full upstream investment governance

Expected pilot outputs for Agent Jester:

internal tool inventory record
current status classification
owner/support/sustainment assessment
limitations statement
governance trigger check
Jester handoff boundary
decision: keep unofficial, approve proof, operationalize, remediate, or retire/quarantine

Expected pilot outputs for WESS Preflight Assistant:

preflight assistant product brief
preflight schema
value/TCO schema
capacity model schema
governance routing schema
jester-handoff schema
sample fixtures
expected outputs
validation checks
operating instructions

27. Company Copilot governance alignment

The AI Platform team’s Copilot Premium and Studio update strengthens this framework. It gives an enterprise platform view that independently supports the same escalation logic used here: governance increases as agents reach more users, integrate with more data, and move from individual use toward team, function/sector, or enterprise deployment.

The Copilot maturity roadmap described five layers:

Timing	Layer	Scope	Tools
2025	Web GenAI	227K users, individual	M365 Copilot Chat, Enterprise Intelligent Chat
Q1 2026	Work GenAI	130K users, individual	Microsoft 365 Copilot Premium
April 2026	Agents You Use	All Copilot Premium users, individual	M365 Agents, pre-built internal agents
July 2026	Agents You Build	All Copilot Premium users, individual / up to 5	Agent Builder, SharePoint Agents
Q3 2026	Agents You Request	Deployable to Copilot Premium users	Microsoft Copilot Studio, Azure AI Foundry, M365 Agent Toolkit

The higher the layer, the more governance is required. The top tier is where Copilot Studio, Azure AI Foundry, formal approval, enterprise support, and Copilot Service team publishing become relevant.

27.1 Copilot governance tier mapping

Company Copilot model	Platform expectation	WESS lane mapping	WESS interpretation
Individual use / Agents You Build	Agent Builder, no code, up to 5 users, self support, no approval, no SDLC	Sandbox or Time-Boxed Feasibility Check	Lightweight individual use is allowed within guardrails. It must not become a team dependency without preflight.
Team / Agents You Request	Agent Builder, low code, up to 100 users, team support, approval required, SDLC Lite, Copilot Service team publish/share	Preflight-Approved Proof	Team use requires preflight, support assumptions, approval, and structured handoff before backlog or rollout.
Function / Sector	Agent Builder / Copilot Studio, pro code, any users, enterprise support, approval required, SDLC Full	Operationalized Capability or High-Control capability	Requires formal approval, enterprise support, use-case data approval, full SDLC, and governance routing.
Enterprise	Copilot Studio / Azure AI Foundry, pro code, any users, enterprise support, approval required, SDLC Full	High-Control Operationalized Capability	Requires enterprise support, Copilot Service team publishing, use-case data approval, full SDLC, and formal governance.

27.2 Copilot-specific routing triggers

A work item must trigger Copilot governance routing when it involves any of the following:

Microsoft 365 Copilot agent intended for team use beyond the creator
Agent Builder agent shared beyond individual/sandbox use
SharePoint Agent used by a team or recurring process
Copilot Studio agent
Azure AI Foundry agent
M365 Agent Toolkit solution
agent-to-agent flow
enterprise connector
event-triggered or scheduled automated agent flow
publication to Teams, M365 Copilot, or other channels
use beyond five users
expected use by a team, function, sector, or enterprise population
use of data not already approved for the proposed Copilot tier
any Function/Sector or Enterprise use case

27.3 Data approval split

The Copilot update creates a useful data governance split:

Tier	Data posture
Individual / Team	Data approved for Copilot Premium may be acceptable, depending scope and controls.
Function / Sector	Data must be approved for the specific use case.
Enterprise	Data must be approved for the specific use case.

This aligns with the WESS framework principle that a model or agent must not infer data approval, privacy posture, ISRM clearance, TQ clearance, platform approval, or operational readiness.

27.4 SDLC expectations

Copilot scope	SDLC expectation	WESS package implication
Individual	SDLC not required by platform model	Keep in Sandbox or Time-Boxed Feasibility Check unless scope grows.
Team	SDLC Lite	Require preflight, owner, support assumption, value classification, and Jester handoff if backlog is needed.
Function / Sector	SDLC Full	Require operationalization gate, support model, governance routing, data approval, validation, and sustainment.
Enterprise	SDLC Full	Require high-control operationalization, enterprise routing, Copilot Service team publishing, and formal support expectations.

27.5 Effect on this framework

The platform team’s model does not replace this framework. It reinforces it.

This framework remains the WESS intake and build-readiness layer. The Copilot model becomes an enterprise platform alignment source that determines routing, approval depth, support expectations, and SDLC tier when work involves Copilot agents.

The practical rule is direct:

If an agent moves beyond individual use, the rigor increases. If it becomes Team, Function/Sector, or Enterprise scope, preflight, approval, support, data approval, and platform routing are no longer optional.

28. Manual preflight harness before agent build

The WESS Preflight and Build-Readiness Assistant does not need to exist before the framework can be used.

Until an assistant is approved and built, the HTML, Word, or Markdown package can be used as a manual review harness with a structured prompt. This lets the team apply the rigor immediately without creating another unsupported agent before the operating model is proven. Humanity can, in fact, read a document before automating it. Grim, but possible.

28.1 Manual harness use cases

Use the manual harness when:

a new development idea is proposed
someone wants to create a Jira epic
contractor capacity may be assigned
a tool or automation may become recurring
an agent may be shared beyond the creator
a dashboard or report may influence service decisions
a work item may trigger ISRM, TQ, privacy, platform, architecture, Copilot Service team, or service owner routing
an existing tool needs classification
Agent Jester is being used to shape backlog and the preflight status is unclear

28.2 Manual harness operating steps

Open the HTML reading path for this framework.
Attach or reference the HTML, Word, or Markdown package in the evaluation session.
Paste the proposed work item description.
Use the Manual Preflight Harness Prompt below.
Treat the output as a draft review, not approval.
Record open questions, missing evidence, governance triggers, and capacity assumptions.
Decide whether to approve sandbox use, allow a time-boxed feasibility check, complete preflight, route for review, send to Agent Jester, park, remediate, or reject.

28.3 Manual Preflight Harness Prompt

Use the attached MLL Workstation Engineering Services (MLL WESS) Development Commitment and Build-Readiness Framework HTML as the governing evaluation source.

Evaluate the proposed work item below as a manual preflight review. Do not infer missing approvals, ownership, funding, capacity, data classification, Information Security Risk Management (ISRM) clearance, Enterprise Technical Quality (TQ) clearance, privacy clearance, platform approval, Copilot Service team approval, operational readiness, or sustainment readiness.

Proposed work item:
[PASTE DESCRIPTION HERE]

Evaluate across these areas:

1. Lane assignment
- Sandbox
- Time-Boxed Feasibility Check
- Preflight-Approved Proof
- Operationalized Capability

2. Copilot / agent tier alignment, if applicable
- Individual use
- Team
- Function/Sector
- Enterprise
- Not applicable

3. Value classification
- Direct savings
- Indirect savings
- Avoided cost
- Risk reduction
- Capacity release
- Quality or rework reduction
- Cross-workstream value

4. Outcome Acceptance Line and owner roles
- Identify the decision owner, budget owner, benefiting owner, and evidence owner.
- State whether the current business climate is primarily weighting direct OPEX reduction, risk reduction, capacity release, or another class.
- Decide whether the item is above or below the Outcome Acceptance Line.
- If below the line, say whether the right path is sandbox, time-boxed feasibility, leadership exception, park, or reject.

5. Capacity accounting
Identify required employee time, contractor time, product-owner/admin time, operations support time, documentation time, governance review time, and sustainment effort. If unknown, mark as requires_confirmation.

6. Governance routing
Identify whether the work triggers ISRM, TQ, privacy/legal/data governance, platform/architecture, service owner/operations, Copilot Service team, or management/capacity review.

7. Data and system scope
Identify systems, data, users, integrations, authentication, endpoint workflows, reporting, source systems, or operational dependencies. If unknown, mark as not_evidenced or requires_confirmation.

8. Agent Jester handoff readiness
Decide whether this item is ready for Agent Jester backlog/story shaping. If not ready, list what preflight information is missing.

9. Operationalization risk
Identify whether this could become an unsupported operational dependency.

10. Stop conditions
Define what would cause this work to stop, be parked, be remediated, or be retired.

11. Recommendation
Return one of:
- sandbox_allowed
- feasibility_check_allowed
- preflight_incomplete
- approved_for_proof
- approved_for_jester_handoff
- requires_management_decision
- requires_isrm_review
- requires_tq_review
- requires_privacy_review
- requires_platform_review
- requires_copilot_service_team_review
- requires_service_owner_review
- remediation_required
- rejected
- parked

Output format:
- Executive summary
- Lane decision
- Value class, owners, and acceptance-line status
- Copilot governance tier, if applicable
- Required approvals/routing
- Missing evidence
- Capacity estimate
- Sustainment expectation
- Jester handoff status
- Recommendation
- Open questions

Important:
A structurally clear idea is not automatically approved work.
Jira is not approval.
Silence is not approval.
Developer enthusiasm is not priority.
Useful is not operationalized.

28.4 Manual harness boundary

The manual harness can support decision preparation. It cannot approve work on its own.

The output must not be treated as:

management approval
funding approval
contractor capacity approval
ISRM clearance
TQ clearance
privacy clearance
Copilot Service team approval
platform approval
service owner approval
operational readiness
sustainment readiness
Jira approval

The manual harness is a practical interim control. If the team later builds the WESS Preflight Assistant, the assistant should implement this same logic with schemas, decision records, validation checks, and Jester handoff output.

29. Validation strategy

The framework should not be trusted because the HTML looks tidy. It should be trusted only if the repo-seed assets validate.

Validation checks should include:

required file inventory
JSON parse checks
schema validity
catalog value consistency
fixture and expected-output alignment
no missing required Jester handoff fields
no governance trigger without routing state
no operationalization without sustainment class
no internal tool official status without owner/support/sustainment
no Jira handoff without preflight record ID or approved exception

30. Immediate next steps

Review this v0.4.2 package with the management team.
Confirm whether enforcement begins as a 30-day soft gate.
Inventory Agent Jester as the first internal tool candidate.
Create a preflight record for the WESS Preflight Assistant itself.
Test the Jester handoff schema with a sample approved work item.
Refine templates based on the first pilot.
Move to hard gate for Jira epics, contractor capacity, and service-stack work after the soft-gate period.

31. v0.4.2 go/no-go position

v0.4.2 is ready as a controlled team-framework handoff for discussion, pilot setup, and repo-seed evaluation.

It is not yet an enforced operating policy until the team-leader approval model, socialization plan, and soft-gate start date are confirmed.

It is not a replacement for technical judgment, engineering autonomy, or manager input. It is the front-door discipline that decides when work is ready to consume shared capacity and move downstream into Agent Jester, Jira, or engineering execution.

Appendix A. Source role map and package provenance

This package uses the v0.2.1 WESS development intake framework as the substantive source baseline and transforms it into a polished enterprise artifact family.

Source / asset class	Role in v0.4.2 package	Authority boundary
v0.2.1 comprehensive Markdown / HTML / DOCX	Primary source material for the framework narrative	Preserved and version-synchronized; v0.4.2 improves package shape and presentation
repo-bootstrap assets	Machine-actionable seed for future implementation, schema validation, fixtures, templates, and handoff contracts	Seed assets only; real operating decisions still require owner confirmation and governance approval
sources/context-canvas	Context source for the team-specific adaptation	Contextual source; use with management review before treating as current policy
Copilot Premium and Studio source note / source document	Platform-alignment input for Copilot tiers, routing, and SDLC implications	Platform input; validate against current enterprise platform owner guidance before enforcement
v0.4.2 leadership deck	Executive explanation layer	Narrative aid only; not a substitute for the full framework
v0.4.2 visual prompt deck	Portable renderer prompt pack	Prompt material only; generated images remain illustrative unless reviewed
Validation receipt and hashes	Package integrity and QA evidence	Confirms packaging/render checks, not business approval

Appendix B. Package operating boundary

v0.4.2 is suitable for:

management-team review;
controlled soft-gate preparation;
manual preflight harness rehearsal using approved data;
repo-seed evaluation;
Agent Jester handoff testing with sample approved work;
leadership alignment on decision rights, approval gates, and capacity governance.

v0.4.2 is not:

enforced operating policy by itself;
production workflow approval;
autonomous approval authority;
Copilot Service team approval;
ISRM, TQ, privacy, platform, or service-owner clearance;
evidence that any specific internal tool is approved, sustained, or operationalized;
authorization to bypass management priority decisions, Jira controls, or service-stack governance.

Package history

Change log and package history

Release history is preserved here for traceability without interrupting the main framework narrative.

Version	Release role	What changed	Authority posture
v0.2.1	Team-specific adaptation package	Company Copilot governance alignment, manual preflight harness, repo-seed posture, Agent Jester boundary, and build-readiness framework.	Archived baseline and provenance source.
v0.3.1	Showpiece transformation	Converted v0.2.1 into a polished artifact family: DOCX, comprehensive HTML blueprint, leadership HTML deck, visual prompt deck, README, validation receipt, and package bundle.	Archived package surface.
v0.3.2	Polish patch	Fixed leadership-deck Slide 1 overflow, added a full static DOCX table of contents, and added visible HTML package history.	Archived package surface.
v0.3.3	History-placement patch	Moved the change log out of the opening content flow and relocated it near the end of the blueprint.	Archived package surface.
v0.4.0	Commitment-model reframing release	Reframed the package from intake process to development commitment model; added explicit "not 31 gates" language, default-yes sandbox posture, preflight trigger clarity, and promotion-criteria wording.	Archived package surface. No pilot or production approval.
v0.4.2	Readability and frontmatter cleanup patch	Improved contrast for the not-31-gates panel, fixed code and prompt-block styling, compacted the DOCX table of contents, removed empty TOC cells, and moved detailed change content out of the opening flow.	Current active package surface. No governance posture change.