Owner: Approvers depend on tier (framework.md §10.1):
| Risk tier | Approvers |
|---|---|
| Low | CoE Lead |
| Medium | CoE Lead + Department Head |
| High | CoE Lead + Department Head + Security + Legal |
Input: Triage complete. Sub-steps:
- Convene the right approver(s) for the tier.
- Review intake + triage + value-vs-risk score.
- Make one of three decisions: Approve / Defer / Reject.
- Define the success KPI for the agent (what specifically will it move — cycle time, accuracy, cost, etc.) and the target.
- Define the retirement criteria at the same time as approval (
framework.md§11.2): under what conditions would we retire this agent? Write them down now, while everyone agrees. - Identify the agent owner (usually the Department Champion) and the agent builder (could be the Champion, the CoE, or an external).
- Update the registry:
Status = Approved, approver names + date, KPI, retirement criteria.
Output / gate criteria: Registry shows Approved status, named owner, named builder, KPI, retirement criteria.
Decision branches:
- Reject → document the reason; communicate back to the requester; close.
- Defer → put on the backlog with a re-review date.
- Approve → go to Step 5.
Skip-this-step risk: Agents get built that no one is willing to own, or with no defined success metric, so you can never prove they worked.