High-volume workflow with clear staff-time, consistency, and service-speed upside.
AOT / formsflow.ai client pilot planner
SLED360 Governed AI Pilot Planner
Assess a public-service workflow, compare candidates across a portfolio, decide what to pilot first, and export the value case, operating controls, data readiness checks, adoption plan, and delivery backlog a real organization needs.
Next recommended action
Narrow the scope
Reduce to one intake path and one writeback path. Review governance gates and data readiness before chartering.
Step 2 · Assessment
Fit, risk, and controls
Plan as an approval-gated intake-to-action workflow with deterministic routing, cited retrieval, and logged recommendations.
Feasible after narrowing scope, reducing tool calls, or staging integrations.
Risk is manageable with logged actions, source citations, and owner review.
Treat as sensitive public-sector case data with privacy review before launch.
Focus view
Executive
Value case, platform fit, stakeholder walkthrough, and decision brief.
Compare and rank
Candidate portfolio
Next step: Narrow to one intake path and one writeback path, then charter the pilot.
Next step: Narrow to one intake path and one writeback path, then charter the pilot.
Next step: Narrow to one intake path and one writeback path, then charter the pilot.
Next step: Run a discovery sprint first: lock the owner, policy sources, and action boundaries before any build.
Boardroom brief
Executive decision dossier
Plan as an approval-gated intake-to-action workflow with deterministic routing, cited retrieval, and logged recommendations.
Evidence review required: Run a 60-minute evidence review with privacy, policy, integration, reviewer, and delivery owners before enabling real-case shadow mode.
Grant eligibility triage has enough monthly volume to measure reviewer capacity, quality, and adoption quickly.
$82,000/year modeled single-workflow value, $9,500 during the 6-week pilot window, and $984,000/year if reused across a 12x service-line pattern.
Directional economics; prove reviewer acceptance before scaling. Golden-case replay is 80% pass (4/5) with 1 evidence gaps and 0 blockers.
Top evidence
- Narrow first readiness at Program operations lead ownership boundary.
- 135 modeled reviewer-hours/month redirected after acceptance is proven.
- 80% golden-case replay coverage across complete, missing-fact, policy-conflict, sensitive-action, and duplicate-writeback cases.
- 4 launch evidence requests and 0 blocking controls surfaced before pilot.
Next meeting agenda
- Confirm the accountable business owner and workflow boundary.
- Review launch-gate evidence requests and assign dates.
- Walk the golden-case replay failures or evidence gaps.
- Approve the next decision record or explicitly narrow the pilot scope.
Decision deadline: End of discovery workshop
Business case
Executive buyer cockpit
Directional economics; prove reviewer acceptance before scaling.
Modeled value during the pilot itself, before any scale decision.
$984,000 modeled annual portfolio value.
Start in shadow mode, gate every writeback, then reuse the pattern across SLED360 service lines.
Value drivers
- Reviewer time redirected from repetitive completeness checks and routing.
- Lower rework through required-fact validation and deterministic rules.
- Faster service response through approved drafts and cleaner escalation queues.
- Reusable intake, rule, retrieval, and audit patterns across similar service lines.
Buyer-safe caveats
- Value is modeled from workflow inputs, not a production guarantee.
- Do not count savings until reviewers accept outputs in shadow mode.
- Sensitive-service value must include privacy, security, training, and operating costs.
$6,400 pilot-window value.
49% capture, 9 min/case. Use for skeptical sponsor review: lower acceptance and less time redirected per case.$9,500 pilot-window value.
65% capture, 10 min/case. Current modeled case using the visible assumptions.$13,200 pilot-window value.
75% capture, 12 min/case. Use only after shadow-mode evidence shows higher reviewer acceptance and reusable routing.Measurement plan
Benefits realization scorecard
Baseline: 208 candidate reviewer-hours/month modeled from current volume and complexity.
Target: 135 reviewer-hours/month redirected after accepted assists are proven.
Instrument: Reviewer cockpit records accepted, edited, rejected, and manually handled cases with minutes/case.Owner: Program operations lead. Use: Primary evidence for whether the annual value case is credible.Baseline: No AI-assisted baseline; measure current manual decision outcomes during week 1 shadow setup.
Target: >=55% accepted or lightly edited
Instrument: Reviewer feedback taxonomy captures accept, light edit, major edit, reject, and escalation reasons.Owner: Reviewer lead. Use: Scale only if reviewer trust is high enough to avoid hidden rework.Baseline: Manual reviewers rely on implicit policy knowledge; citation completeness is not yet instrumented.
Target: 100% of recommendations include source IDs, policy version, and rule path.
Instrument: Retrieval logs and rule-table fixtures join every draft to citations and DMN-style route.Owner: Policy owner + AOT AI architect. Use: No launch if uncited or unruled recommendations reach reviewers.Baseline: Existing process may not link intake facts, source evidence, rule version, approval, and final action.
Target: >=98% of pilot actions carry intake ID, citation IDs, rule version, approver ID, and audit ID.
Instrument: Audit dashboard checks required fields for every draft, approval, writeback, and exception.Owner: Technical owner. Use: Required for privacy/security approval and repeatable handoff.Baseline: $9,500 modeled over 6 weeks before operating costs.
Target: Show measured value, support load, privacy effort, and training time before scale decision.
Instrument: Benefits tracker combines reviewer-hours redirected, loaded hourly cost, adoption, and support incidents.Owner: Executive sponsor. Use: Used in scale, narrow, or stop decision memo.AOT / SLED360 alignment
Platform fit
Intake is treated as the workflow entry point, not a generic chatbot.
The control plane separates intake, orchestration, grounding, review, action, and measurement.
Routing and blocked actions are deterministic before any synthesis layer is considered.
8 integrations are scoped as replaceable modules, not hard-coded dependencies.
Every sensitive action requires a human gate, audit record, and rollback path.
Architecture
Control plane
Applicant / staff
Required facts, progressive validation, consent text, and file checks before routing.Workflow service
Every state transition is explicit, replayable, and visible to reviewers.AI service layer
Every recommendation must cite source IDs and policy passages.Program operations lead
Human owner approves recommendation, exception, or escalation.Integration service
No sensitive external action without approval and audit record.Product operations
Track outcomes without exposing raw personal data in aggregate reporting.Roles and state
Agentic operating model
formsflow.ai schema adapter, validateIntake
Can only write validation status and missing-fact reasons.retrievePolicyContext, citation scorer, freshness checker
Can read approved sources; cannot invent source text or finalize recommendations.applyDecisionRules, DMN rule version
Can move cases between queues; cannot approve benefit, permit, enforcement, or procurement outcomes.template library, citation inspector, reviewer feedback capture
Draft-only until a named reviewer accepts, edits, or rejects.grantsflow adapter, writeBackApprovedAction
Requires approver identity, approved payload, audit ID, and retry envelope.evaluation harness, audit analytics, drift report
Can recommend rollback or narrowing; cannot change production rules without owner sign-off.LLM governance
Model and hosting strategy
Allowed: Find approved policy, form, rule, and case guidance passages for reviewer inspection.
Blocked: No eligibility, enforcement, permit, grant, or procurement decision from retrieval alone.
Boundary: Redacted tenant index with private source namespaces and no cross-agency prompt context.Fallback: Route to policy owner when citation coverage, freshness, or source conflict checks fail.Gate: Golden cases must prove cited support, missing-source detection, and conflict surfacing.Owner: AI architect + policy ownerAllowed: Draft summaries, staff notes, missing-information requests, and reviewer-facing rationale.
Blocked: No final decision, denial, external notice, payment, enforcement, or system-of-record mutation.
Boundary: Only validated facts, redacted personal data, citations, and rule results enter the prompt.Fallback: Switch to template-only drafting and manual reviewer composition if model quality drops.Gate: Reviewer acceptance, citation faithfulness, and unsafe-instruction refusal must meet pilot thresholds.Owner: AI architect + service ownerAllowed: Route complete, incomplete, exception, escalation, and approval-required cases.
Blocked: No prompt-generated rule changes or hidden eligibility logic.
Boundary: Versioned rule inputs, route outputs, owner approvals, and fixture results are persisted.Fallback: Send ambiguous cases to owner review with the matched rule version and missing facts.Gate: Rule fixtures must pass for complete, incomplete, conflicting, and high-risk scenarios.Owner: Program operations leadAllowed: Execute writebacks, notifications, and lifecycle updates after named human approval.
Blocked: No autonomous writeback, duplicate mutation, silent retry, or unlogged external action.
Boundary: Service account, approver ID, approved payload, audit correlation ID, and idempotency key.Fallback: Hold in exception queue and require manual completion if adapter, auth, or audit proof fails.Gate: Contract tests must pass duplicate writeback, rollback, timeout, and audit-correlation cases.Owner: Integration owner + reviewer leadAllowed: Track acceptance, cycle time, rework, exceptions, drift, and benefits realization.
Blocked: No raw personal-data analytics export or unapproved model-behavior expansion.
Boundary: Redacted event stream with aggregate dashboards and restricted audit drill-through.Fallback: Freeze expansion, run manual sample review, and narrow the workflow until evidence recovers.Gate: Launch gate requires audit completeness, drift checks, benefit metrics, and owner sign-off.Owner: Product operations + privacy ownerKnowledge
RAG source map
Normalize applicant/request data into a workflow-ready case record.
Schema validation, required-field checks, file constraints, and audit timestamp.Ground recommendations in current service rules, eligibility criteria, and exceptions.
Cited retrieval only; no uncited final recommendation.Route complete, incomplete, exception, and escalation cases deterministically.
Versioned rules with owner sign-off and test fixtures.Generate reviewer-ready summaries, missing-information requests, and next-step drafts.
Template variables filled from validated facts only.Constrain what the agent can read, retain, summarize, or send externally.
Least-privilege source access and redaction in logs.Track throughput, backlog, exception patterns, and service-level performance.
Aggregate metrics only; no raw personal data in dashboard exports.Function calls
Tool action plan
formsflow.ai schema adapter
Automated validation; exception queue for missing facts.BPMN state machine
State changes are logged and visible to reviewer groups.RAG retriever with source citations
Reviewer sees cited passages before accepting any recommendation.DMN decision table
Business owner approves rule version before pilot.Template-first recommendation builder
Human owner approves before writeback or external message.grantsflow lifecycle function call
Approval-gated writeback.Append-only audit log
Audit record includes actor, source IDs, rule version, recommendation, approval, and timestamp.Agent architecture
State and memory model
Submission facts, queue status, missing fields, attachments, and owner assignments.
Program retention policy with privacy approval. Every state transition is append-only and replayable.Reviewer edits, applicant message drafts, and clarification notes.
Stored as case notes only after reviewer approval. Draft text does not become official communication until approved.Source IDs, passages, policy versions, confidence bands, and conflicts.
Persist citations and source versions, not arbitrary model context. Block recommendations without sufficient citation coverage.DMN/rule-table version, route, approvals required, and blocked actions.
Versioned with owner sign-off and fixture results. Business rules change through release control, not prompt edits.Tool inputs, output status, idempotency keys, retries, and external references.
Audit retention with redacted payload views for monitoring. Writeback requires approver identity and an audit correlation ID.Enterprise controls
Cloud landing zone
Per-agency configuration, source namespace, role groups, and workflow package.
Deployment manifest shows isolated environment variables, indexes, and access groups.OIDC/SAML SSO, reviewer RBAC, least-privilege service accounts.
Access-control matrix maps every tool action to a role and approval.Structured logs, traces, error queues, evaluation metrics, and privacy-safe dashboards.
Every recommendation links intake, citations, rule version, tool call, approval, and outcome.Managed secrets, encryption at rest/in transit, redacted logs, and no raw personal-data analytics export.
Security checklist covers keys, retention, source access, and monitoring fields.CI tests, rule fixtures, contract tests, feature flags, rollback plan, and environment promotion.
A build cannot promote if golden cases, tool contracts, or blocked-action checks fail.Region-scoped storage and deployment options for public cloud, private cloud, or on-prem hosting.
Architecture decision record documents residency, backup, recovery, and support model.DMN-style routing
Decision rules
Return to applicant or staff queue for completion
Reviewer approves missing-information message.Escalate to subject-matter owner
Business owner resolves source of truth before action.Reviewer cockpit
Named reviewer approves exact action.Approval-gated writeback queue
Reviewer confirms before any system-of-record update.Function calling
Tool contracts
Input: formId, submissionId, schemaVersion, requiredFacts
Output: valid | missingFacts[] | invalidFields[]
Do not route; send to exception queue with field-level reason.Input: caseType, jurisdiction, facts, policyVersion
Output: citations[], conflicts[], confidenceBand
Block recommendation when citation coverage is insufficient.Input: facts, citations, ruleVersion
Output: route, requiredApprovals[], blockedActions[]
Escalate to owner when rule version is missing or ambiguous.Input: caseId, approvedAction, approverId, auditId
Output: writebackStatus, externalReference
Retry safely; preserve approval record; never duplicate external messages.API readiness
Integration manifest
Payload: formId, submissionId, schemaVersion, requiredFacts, uploadedDocumentRefs
Auth: Read-only intake scope; no writeback permission.
Idempotency: submissionId + schemaVersion
Audit: submissionId; schemaVersion; validationResult; missingFacts; timestampTimeout: 2s validation budget; queue exception on timeout.Evidence: Schema fixture suite covers complete, incomplete, invalid, and edge-case submissions.Payload: caseType, jurisdiction, validatedFacts, policyVersion, sourceNamespace
Auth: Policy-index read scope; source namespace isolated per client.
Idempotency: caseId + policyVersion + sourceNamespace
Audit: caseId; policyVersion; sourceIds; citationCoverage; conflictsTimeout: 6s retrieval budget; block recommendation when citations are incomplete.Evidence: Citation coverage report and source freshness check attached to golden-case replay.Payload: validatedFacts, citationIds, ruleVersion, requestedAction
Auth: Rule execution is read-only; rule publishing requires business-owner sign-off.
Idempotency: caseId + ruleVersion + requestedAction
Audit: caseId; ruleVersion; route; requiredApprovals; blockedActionsTimeout: 1s rule execution budget; escalate on missing or ambiguous rule version.Evidence: Rule fixtures pass complete, missing-fact, conflict, sensitive-action, and duplicate-writeback cases.Payload: caseId, approvedAction, approverId, auditId, idempotencyKey
Auth: Reviewer RBAC from SSO claims; service account scoped per operation.
Idempotency: auditId + approvedAction + caseId
Audit: caseId; approvedAction; approverId; auditId; externalReference; writebackStatusTimeout: 8s writeback budget; retry with same idempotency key and route failures to exception queue.Evidence: Duplicate-submission, rollback, retry, and unauthorized-writeback tests pass before week 3.RFP-grade answers
Procurement readiness
Start with Grant eligibility triage as one measurable service workflow, not a broad AI platform rollout.
Workflow candidate brief, success metrics, and 30-day implementation backlog.Least-privilege access, redacted logs, explicit retention, and approval-gated sensitive actions.
Risk register, cloud controls, blocked actions, and privacy approval gate.Modular adapters for forms, BPMN/DMN, case systems, identity, notifications, and analytics.
Tool contracts, integration matrix, and system-of-record writeback boundary.Rules first, cited retrieval, model outputs treated as drafts, and evaluation before expansion.
Evaluation harness, audit log, reviewer cockpit, and no-autonomous-sensitive-decision rule.Human-centered intake and reviewer cockpit with clear ownership and staff experience focus.
QA checklist includes accessibility pass and reviewer adoption measurement.Standard exports, runbooks, signed owner controls, and no lock-in to a single model provider.
Pilot export package and practice handoff plan.Decision contract
Pilot charter
Approve a limited pilot with one reviewer group and one case-system writeback path.
Sponsor confirms the workflow is worth a measured pilot.Run redacted golden cases and live shadow cases without production writeback.
Expand only if reviewers trust citations, routing, and draft quality.Enable approved writebacks with idempotency, audit IDs, retries, and rollback.
Continue if operational risk stays inside agreed thresholds.Compare value, quality, risk, adoption, and support burden against baseline.
Scale to adjacent service lines, narrow scope, or stop with lessons captured.Go / no-go decision
Pilot launch gate
The workflow can move toward launch review after owners attach the requested evidence and high-risk actions stay approval-gated.
Run a 60-minute evidence review with privacy, policy, integration, reviewer, and delivery owners before enabling real-case shadow mode.
Blocking controls
- None.
Evidence requests
Data classification, retention, redaction, analytics export rules, and access matrix.
Privacy approval required before shadow mode touches real cases.Golden cases, citation coverage report, source freshness cadence, and conflict handling.
No reviewer recommendation without citation coverage.Tool contracts, idempotency keys, retry envelope, audit IDs, and rollback drill.
No writeback until duplicate-action and rollback tests pass.Runbook, ownership RACI, incident path, support cadence, and scale/stop decision memo.
No scale decision until business and technical owners can operate without the build team.Go conditions
- Named business owner signs workflow scope, success metrics, and blocked actions.
- Golden-case evaluation passes for complete, incomplete, conflicting, and high-risk examples.
- Reviewer cockpit shows citations, rule version, approval identity, and edit-reason capture.
- Audit log links intake facts, retrieval evidence, rule path, approval, and final action.
- Operational readiness is at least 75% control coverage; current coverage is 50%.
No-go conditions
- Any missing accountable owner, workflow scope, or baseline volume.
- Any uncited recommendation reaching a reviewer.
- Any external notification, denial, enforcement, benefit-impacting action, or writeback without named human approval.
- Any raw personal-data export to analytics or monitoring.
- Any failed duplicate-writeback, rollback, or audit-correlation test.
Launch evidence
Production readiness controls
Strong candidate, but governance evidence must be collected before launch.
0 blockers · 4 evidence gapsNamed workflow, accountable owner, signed success metrics, and blocked-action list.
Owner: Program operations lead. Gate: No pilot charter without a named owner and workflow scope.Data classification, retention, redaction, analytics export rules, and access matrix.
Owner: Privacy / security owner. Gate: Privacy approval required before shadow mode touches real cases.Current throughput, reviewer effort, rework rate, and escalation baseline.
Owner: Program operations lead. Gate: Do not claim value until baseline and shadow-mode acceptance exist.Golden cases, citation coverage report, source freshness cadence, and conflict handling.
Owner: Policy owner + AI architect. Gate: No reviewer recommendation without citation coverage.Reviewer queue, exact-message approval, override path, and edit-reason capture.
Owner: Reviewer lead. Gate: AI drafts only; named humans approve external actions.Tool contracts, idempotency keys, retry envelope, audit IDs, and rollback drill.
Owner: Integration engineer. Gate: No writeback until duplicate-action and rollback tests pass.Acceptance rate, edit rate, escalation reasons, audit completeness, and weekly review cadence.
Owner: Product operations. Gate: Expansion blocked until quality and adoption metrics pass agreed thresholds.Runbook, ownership RACI, incident path, support cadence, and scale/stop decision memo.
Owner: Delivery lead. Gate: No scale decision until business and technical owners can operate without the build team.Before pilot
Data readiness
Who owns the intake facts, policy sources, and system-of-record updates?
Program operations lead must sign the workflow brief and source-of-truth map. Next: Name data stewards for intake schema, policy content, and case writeback.Are required facts structured enough for validation and deterministic routing?
formsflow.ai intake is selected, so required fields can be packaged as form/schema controls. Next: Create a redacted fixture set with complete, incomplete, conflicting, and edge cases.Can reviewers verify which policy version supported each recommendation?
The RAG source map requires citation IDs, policy versions, conflicts, and freshness checks. Next: Assign a policy owner and source refresh cadence before shadow mode.What can be stored, summarized, logged, retained, or exported?
High-sensitivity workflow requires privacy review, redacted logs, and blocked autonomous decisions. Next: Approve retention, redaction, and analytics aggregation rules.Are APIs, service accounts, retry rules, and rollback paths ready?
8 scoped integrations need role mapping and contract tests. Next: Document idempotency keys, failure modes, and owner escalation path for every write action.Can the organization compare pilot outcomes against the current process?
Value modeling is directional until intake-to-review time, rework, acceptance, and escalation baselines exist. Next: Capture two weeks of baseline throughput and reviewer effort before enabling writeback.After launch
Operating runbook
Review exception queue, blocked actions, and any failed tool calls.
Exception triage logReview accepted, edited, and rejected recommendations with reason codes.
Reviewer quality reportConfirm policy source freshness, citation failures, and rule-table changes.
Policy and DMN release noteReview tool contracts, latency, retries, access permissions, and audit completeness.
Operations health reportDecide whether to expand, narrow, pause, or retire the pilot based on evidence.
Scale/stop decision memoGovernance
Approval gates
- Business owner approves workflow scope, success metrics, and blocked actions.
- Privacy owner approves data minimization, retention, and redaction rules.
- Identity owner approves role mapping, SSO claims, and reviewer access groups.
- Technical owner approves API permissions, idempotency, retries, and failure modes.
- Reviewer approves every external notification or case writeback.
Evaluation
QA checklist
- Golden-set evaluation for retrieval accuracy and answer grounding.
- Tool-call contract tests for every API action.
- DMN-style rule table tests for eligibility, completeness, and escalation routing.
- Prompt/context regression cases for policy conflicts and missing data.
- Accessibility pass for form intake and reviewer cockpit.
- Audit-log review with business owner before handoff.
Evidence
Audit log
- Demo case loaded with approval-gated writeback.
- Policy knowledge base marked as required source.
- Privacy review gate added for high-sensitivity case data.
Owners
Release handoff
- Business owner: Program operations lead.
- Define success metrics: cycle time, rework rate, reviewer acceptance, and escalation rate.
- Ship with feature flag, redacted seed cases, and rollback plan.
- Document allowed actions, blocked actions, and escalation paths.
Boundaries
Blocked actions
- No uncited eligibility, permit, procurement, compliance, or case recommendation.
- No external notification until a reviewer approves the exact message.
- No raw personal-data export to analytics or monitoring.
- No system-of-record writeback without approver identity and audit ID.
- No autonomous decision, denial, enforcement, or benefit-impacting action.
Measurement
Success metrics
- Median intake-to-review time.
- Reviewer acceptance and edit rate for drafted recommendations.
- Escalation rate by missing fact, policy ambiguity, and integration failure.
- Retrieval citation coverage for every generated recommendation.
- Rule-table pass rate across golden test cases.
- Audit completeness for approvals, writebacks, and messages.
- Approved-message delivery and correction rate.
Adversarial controls
AI safety threat model
Applicant or staff-provided text attempts to override reviewer instructions, bypass citations, or force an external action.
Mitigation: Treat all intake and retrieved text as untrusted data; enforce system-owned tool policies, citation gates, and approval tokens outside the prompt.Owner: AOT AI architect. Verify: Golden cases include hostile instructions; recommendations remain cited drafts and tool calls stay policy-gated.Needs evidenceOutdated source material or conflicting policies produce a plausible but wrong recommendation.
Mitigation: Source freshness cadence, conflict detection, policy owner sign-off, and block-on-missing-citation behavior.Owner: Policy owner. Verify: Citation coverage report shows source version, freshness date, conflict handling, and failed-case links.Needs evidenceAutomation performs a denial, enforcement action, notification, or case update without named human approval.
Mitigation: Reviewer cockpit, approver identity, audit ID, blocked autonomous sensitive actions, and duplicate-writeback tests.Owner: Integration owner + reviewer lead. Verify: Tool contract tests prove writeBackApprovedAction fails without approverId and auditId.Needs evidenceRaw personal data or sensitive case facts leak into dashboards, monitoring, prompt traces, or export packages.
Mitigation: Redacted logs, aggregate analytics only, retention rules, field allowlists, and no raw personal-data analytics export.Owner: Privacy / security owner. Verify: Access matrix and redaction sample prove dashboards and exports exclude raw sensitive fields.Needs evidenceA user or service account gets broader reviewer, policy, or writeback permissions than intended.
Mitigation: Least-privilege RBAC, SSO claims mapping, service-account scoping, and release review for every tool permission.Owner: Identity owner + technical owner. Verify: Role-to-action matrix maps each tool call to allowed groups and rejects unauthorized paths.Needs evidencePolicy changes, reviewer behavior, model updates, or case mix shift after the pilot starts.
Mitigation: Weekly golden-case replay, acceptance/edit-rate monitoring, source freshness review, and scale-gate decision records.Owner: Product operations. Verify: Operating runbook shows weekly replay cadence and scale/stop memo compares current metrics to baseline.Needs evidenceDeterministic evaluation
Golden-case replay
Golden-case replay is structurally defined; attach the requested evidence before live-case shadow mode.
All required facts are present and current policy passages support the recommendation.
Expected: Reviewer cockpit. Actual: Reviewer cockpit. Gate: Named reviewer approves exact action.- Required-fact validation passes.
- Policy knowledge base is selected for citation coverage.
The intake arrives without one or more required facts needed for a reviewer-safe recommendation.
Expected: Return to applicant or staff queue for completion. Actual: Return to applicant or staff queue for completion. Gate: Reviewer approves missing-information message.- validateIntake returns missingFacts[].
- Business owner exists for completion-message ownership.
Two policy sources disagree or the source freshness check detects stale guidance.
Expected: Escalate to subject-matter owner. Actual: Escalate to subject-matter owner. Gate: Business owner resolves source of truth before action.- retrievePolicyContext returns conflicts[].
- Owner exists for source-of-truth escalation.
A case includes personal data, enforcement risk, denial risk, or any external action.
Expected: Reviewer cockpit. Actual: Reviewer cockpit. Gate: Named reviewer approves exact action.- No autonomous sensitive decision is allowed.
- Privacy review evidence is required before real-case replay.
A reviewer-approved action is submitted twice because of retry, latency, or user refresh.
Expected: Approval-gated writeback queue. Actual: Approval-gated writeback queue. Gate: Approver identity and audit ID are present before any external action.- writeBackApprovedAction requires approverId and auditId.
- A case-system adapter is selected for idempotency testing.
QA evidence
Evaluation harness
Run golden cases against policy index and verify cited passages support each recommendation.
No uncited recommendation reaches reviewer cockpit. Evidence: Citation coverage report with failed cases linked to source gaps.Replay complete, incomplete, conflicting, and high-risk cases through DMN-style rules.
Every case lands in the expected queue with required approvals. Evidence: Rule-table fixture results and versioned owner sign-off.Run contract tests for validation, retrieval, rule application, and writeback actions.
No duplicate writebacks; retries preserve idempotency and audit IDs. Evidence: Tool-call test log and failure-mode runbook.Shadow-mode reviewers accept, edit, or reject drafted recommendations.
Track acceptance and edit reasons before enabling writeback. Evidence: Reviewer feedback dashboard and exception taxonomy.Verify redaction, retention, least-privilege roles, and high-risk blocked actions.
No unauthorized source access or raw personal-data analytics export. Evidence: Access-control matrix and privacy review checklist.Delivery controls
Risk register
Cited retrieval, source freshness checks, and block-on-missing-citation rule.
Owner: AI architect + policy ownerReviewer approval token required before notification or writeback.
Owner: Workflow ownerIdempotency key, retry envelope, and exception queue.
Owner: Integration engineerShadow mode, edit-reason capture, and weekly quality review.
Owner: Program operations leadRedacted logs, least-privilege source access, and retention policy.
Owner: Privacy / security ownerRollout
Pilot launch sequence
One workflow, one owner, one intake path, one reviewer group.
The pilot measures service improvement without broad platform risk.Agent drafts recommendations beside the current workflow.
Reviewer compares AI-assisted output against existing decisions.Approved actions can write back to the case system.
Audit log links intake facts, citations, rule version, approval, and final action.Runbook, evaluation set, owner dashboard, and rollback path.
Business and technical owners can operate it without the builder present.Critical path
Delivery command center
Map intake schema, policy sources, queue states, and blocked actions.
Owner: Business owner + AI architectDepends on: Signed pilot authorization; Named business owner and policy ownerGate: Run a 60-minute evidence review with privacy, policy, integration, reviewer, and delivery owners before enabling real-case shadow mode.Signed workflow brief and redacted golden-case set.Build validation, retrieval, rule table, and reviewer cockpit pilot surface.
Owner: Delivery engineers + AI architectDepends on: Week 1 golden-case set; Policy source access grantedGate: Proceed only after golden-case replay and reviewer shadow evidence are available.Contract tests pass and reviewers can compare shadow outputs.Connect approval-gated export or case-system adapter.
Owner: Integration engineer + system ownerDepends on: Week 2 contract tests green; Service accounts and API permissions approvedGate: Do not enable writeback until tool contracts, idempotency, rollback, and audit evidence pass.Writeback tests prove idempotency, audit IDs, and rollback handling.Run pilot review, tune rules, document handoff, and prepare scaling plan.
Owner: Program owner + delivery leadDepends on: Week 3 writeback verified; Two weeks of shadow-mode metrics collectedGate: Scale, narrow, or stop only after benefits scorecard and golden-case replay are reviewed.Owner dashboard and evaluation pack show whether to expand, pause, or narrow.30-day delivery plan
Implementation backlog
Map intake schema, policy sources, queue states, and blocked actions.
Acceptance criteria
- Workflow brief signed by the accountable business owner.
- Required intake facts and validation rules documented per field.
- Redacted golden-case set covers complete, incomplete, conflicting, and edge cases.
- Blocked-action list and approval gates reviewed with privacy/security.
Depends on: Signed pilot authorization; Named business owner and policy owner
Risk if skipped: The pilot is built on unverified assumptions; rework lands in week 3 when real cases break the schema.
Proof of done: Signed workflow brief and redacted golden-case set.Build validation, retrieval, rule table, and reviewer cockpit pilot surface.
Acceptance criteria
- validateIntake, retrievePolicyContext, and applyDecisionRules pass contract tests.
- Every drafted recommendation carries citation IDs and a rule version.
- Reviewer cockpit shows side-by-side shadow output against the current process.
- Golden cases run green in CI before any reviewer session.
Depends on: Week 1 golden-case set; Policy source access granted
Risk if skipped: Reviewers see ungrounded drafts, trust collapses in the first session, and adoption never recovers.
Proof of done: Contract tests pass and reviewers can compare shadow outputs.Connect approval-gated export or case-system adapter.
Acceptance criteria
- writeBackApprovedAction requires approver identity and audit correlation ID.
- Duplicate-submission test produces exactly one external action.
- Failure path lands in the exception queue with a field-level reason.
- Rollback runbook executed once end-to-end in a non-production environment.
Depends on: Week 2 contract tests green; Service accounts and API permissions approved
Risk if skipped: Unsafe writeback: duplicate or unauditable updates to the system of record, which ends public-sector pilots permanently.
Proof of done: Writeback tests prove idempotency, audit IDs, and rollback handling.Run pilot review, tune rules, document handoff, and prepare scaling plan.
Acceptance criteria
- Reviewer acceptance, edit, and escalation rates reported against baseline.
- Rule-table changes versioned with owner sign-off.
- Operating runbook handed to business and technical owners.
- Scale/stop recommendation written with evidence, not anecdotes.
Depends on: Week 3 writeback verified; Two weeks of shadow-mode metrics collected
Risk if skipped: The pilot ends without a decision; momentum and sponsor confidence are lost and the work cannot be reused.
Proof of done: Owner dashboard and evaluation pack show whether to expand, pause, or narrow.Adoption path
Stakeholder buying map
Is this worth a funded pilot?
Executive value case, pilot charter, and scale roadmap.Can staff operate this safely?
Reviewer cockpit, blocked actions, workflow brief, and success metrics.Can sensitive data be protected?
Cloud controls, access matrix, retention policy, and redacted audit logs.Can systems be updated without brittle automation?
Tool contracts, idempotency plan, retry envelope, and rollback path.Can this be bought, piloted, and exited cleanly?
Procurement readiness checklist, export package, and handoff runbook.Sign-offs
Decision records
Executive sponsor signs: Pilot authorization memo
Workflow scope, value case, named owner, launch gate, and pilot charter. Due: End of discovery workshop.Privacy / security owner signs: Shadow-mode release note
Golden-case replay, redacted sample set, access matrix, and source freshness cadence. Due: Before any real case enters the reviewer cockpit.Technical owner signs: Writeback readiness record
Tool contracts, duplicate-writeback drill, rollback path, audit ID, and approver identity. Due: Before week 3 integration test.Reviewer lead signs: Reviewer adoption sign-off
Reviewer queue, training plan, edit-reason capture, exception taxonomy, and weekly quality cadence. Due: Before shadow-mode kickoff.Executive sponsor signs: Scale-or-stop decision memo
Baseline comparison, acceptance rate, edit rate, escalation rate, audit completeness, value realization, and support burden. Due: End of pilot window.RACI
Accountability matrix
Responsible: Program operations lead
Consulted: Reviewer lead; AOT AI architect
Informed: Privacy / security owner; Delivery lead
Signed workflow brief, baseline metrics, and value assumptions. Trigger: Required before pilot authorization.Responsible: Policy owner
Consulted: AOT AI architect; Reviewer lead
Informed: Executive sponsor
Source map, freshness cadence, golden-case replay, and rule-table fixtures. Trigger: Required before shadow-mode recommendations.Responsible: Privacy / security owner
Consulted: Integration owner; AOT AI architect
Informed: Program operations lead; Executive sponsor
Access matrix, retention rule, redaction policy, and audit sample. Trigger: Required before real-case shadow mode.Responsible: Integration owner
Consulted: AOT delivery engineer; System owner
Informed: Program operations lead; Reviewer lead
Contract tests, idempotency proof, rollback drill, and exception queue. Trigger: Required before approval-gated writeback.Responsible: Reviewer lead
Consulted: Change lead; AOT delivery lead
Informed: Executive sponsor; Privacy / security owner
Training plan, edit-reason taxonomy, acceptance metrics, and weekly quality review. Trigger: Required before scale-or-stop decision.Reusable operating model
Scale maturity roadmap
Draft-only recommendations beside the current process.
Proves grounding, reviewer trust, and rule coverage without production risk.Reviewer-approved messages and writebacks for a bounded service path.
Turns the planner into a measurable operating workflow.Reuse intake, rules, retrieval, and audit patterns across benefits and grants workflows.
Creates a repeatable AOT delivery package instead of a one-off build.Reusable templates, tests, runbooks, and delivery controls across SLED360 programs.
Becomes internal IP for faster sales discovery, pilots, and production delivery.Change enablement
Adoption plan
Reviewers accept or edit useful drafts without losing final decision authority.
Owner can explain why the pilot should scale, narrow, pause, or stop.
Sensitive data controls are approved before live writeback.
System owners can operate failures without the pilot team in the room.
Sponsor funds the next stage based on evidence, not AI novelty.
Client alignment
Stakeholder walkthrough
Grant eligibility triage anchors the session in a concrete workflow instead of a generic AI idea.
Scores, blocked actions, and readiness stage update from controlled workflow inputs.
Control plane, decision rules, tool contracts, and audit evidence stay visible to delivery teams.
Use the modeled annual value and 12x reusable service-line path with caveats.
Security posture, procurement readiness, privacy gates, evaluation harness, and runbook are generated.
Pilot charter, maturity roadmap, export package, and implementation backlog create the next action.
Artifact readiness
Evidence locker
The pilot ask, value case, launch posture, evidence, owner actions, and next meeting are decision-ready.
Audience: Executive sponsor. Owner: AOT AI architect + executive sponsor.Source: ExecutiveA named owner, workflow boundary, target outcome, volume, and value assumptions exist.
Audience: Program owner. Owner: Program operations lead.Source: Intake + value assumptionsComplete, missing-fact, policy-conflict, sensitive-action, and duplicate-writeback cases have expected routes and gates.
Audience: Reviewer lead + AI architect. Owner: AOT AI architect.Source: GovernancePrompt injection, stale retrieval, unauthorized writeback, privacy leakage, identity escalation, and evaluation drift have controls.
Audience: Privacy, security, and technical owners. Owner: Privacy / security owner.Source: GovernanceGo/no-go conditions, blockers, evidence requests, and next release action are visible before launch.
Audience: Sponsor + delivery lead. Owner: Delivery lead.Source: GovernancePilot value will be judged against baseline, target, instrumentation, owner, and decision use.
Audience: Sponsor + program owner. Owner: Executive sponsor.Source: ExecutiveThe 30-day critical path has phase windows, dependencies, launch gates, risk signals, and proof of done.
Audience: Delivery lead + integration owner. Owner: Delivery lead.Source: DeliveryEvery major pilot decision has an owner, required evidence, approval artifact, and timing.
Audience: All pilot owners. Owner: AOT delivery lead.Source: DeliveryClient handoff
Pilot export package
- Workflow candidate brief
- Executive value case with conservative assumptions
- Intake schema and required-fact checklist
- Data readiness and source ownership checklist
- BPMN-style state map
- DMN-style decision table
- Agent topology and state/memory boundaries
- RAG source map and freshness policy
- Tool/function contract sheet
- Cloud/security control checklist
- Procurement readiness response pack
- Reviewer cockpit acceptance criteria
- Adoption plan and reviewer training outline
- Operating runbook with daily, weekly, and scale-gate cadences
- Golden evaluation cases
- Risk register and blocked-action list
- Owner handoff pack for Program operations lead
Decision brief
Executive memo
- Grant eligibility triage is a narrow first candidate for an approval-gated public-service AI workflow.
- The first pilot should use benefits and grants cases, Program operations lead, and a reviewer cockpit before any writeback is enabled.
- Modeled opportunity: redirect roughly 135 reviewer-hours per month and $82,000 per year after acceptance is proven; this is an assumption, not a production claim.
- The architecture aligns with formsflow.ai/SLED360 patterns: form intake, BPMN/DMN-style workflow and rules, modular case-system integration, analytics, and AI that assists rather than approves.
- The commercial angle is reuse: a 12x service-line pattern could make this a repeatable AOT accelerator, not a bespoke one-off.
- Executive takeaway: this is not an AI demo. It is a governed delivery pattern that a public-sector organization can pilot without losing control.
Step 5 · Client artifact
Pilot decision summary
The Markdown pack is the client-ready pilot pack (summary, scores, assumptions, data readiness, governance, runbook, adoption, charter, backlog, checklist). The JSON pack is the full machine-readable assessment. Share links and workspace JSON preserve the current workflow, assumptions, active view, and portfolio sort. Everything is generated in your browser; nothing is uploaded or stored.
Workflow: Grant eligibility triage Owner: Program operations lead Outcome: Reduce manual triage time while preserving accountable benefit decisions. Pilot mode: Reviewer cockpit with approval-gated writeback Readiness: Narrow first (62) Decision ask: Approve a bounded governed AI pilot with one workflow, one owner, one reviewer group, and explicit launch gates. Recommendation: Plan as an approval-gated intake-to-action workflow with deterministic routing, cited retrieval, and logged recommendations. Launch posture: Evidence review required: Run a 60-minute evidence review with privacy, policy, integration, reviewer, and delivery owners before enabling real-case shadow mode. Executive confidence: Directional economics; prove reviewer acceptance before scaling. Golden-case replay is 80% pass (4/5) with 1 evidence gaps and 0 blockers. Modeled opportunity: 135 reviewer-hours/month redirected after acceptance is proven Commercial case: $82,000 annual single-workflow value; $9,500 modeled over the 6-week pilot window; $984,000 modeled 12x service-line pattern Value assumptions: $92/hr loaded reviewer cost, 65% accepted assist rate, 10 min/case Scores: value 100, feasibility 44, risk 62, data 84 Agent roles: Intake analyst, Policy grounding agent, Workflow router, Reviewer copilot, Integration executor, Evaluation sentinel Data readiness: Source ownership, Schema quality, Policy freshness, Privacy classification, Integration access, Baseline metrics Operating cadence: Daily Program operations lead; Weekly Reviewer lead; Biweekly Policy owner; Monthly Technical owner; Scale gate Executive sponsor Blocked actions: No uncited eligibility, permit, procurement, compliance, or case recommendation.; No external notification until a reviewer approves the exact message.; No raw personal-data export to analytics or monitoring.; No system-of-record writeback without approver identity and audit ID.; No autonomous decision, denial, enforcement, or benefit-impacting action. Pilot package: Workflow candidate brief; Executive value case with conservative assumptions; Intake schema and required-fact checklist; Data readiness and source ownership checklist; BPMN-style state map; DMN-style decision table; Agent topology and state/memory boundaries; RAG source map and freshness policy; Tool/function contract sheet; Cloud/security control checklist; Procurement readiness response pack; Reviewer cockpit acceptance criteria; Adoption plan and reviewer training outline; Operating runbook with daily, weekly, and scale-gate cadences; Golden evaluation cases; Risk register and blocked-action list; Owner handoff pack for Program operations lead
Ready for pilot brief.