Playbook for agency implementers

Your main question is usually: "How do I standardize governance without flattening client-specific realities?"

Read first

• Patterns library
• Examples
• Decision matrix
• Source precedence

Your risk model

You care most about:

• repeatability;
• rollback safety;
• cross-client consistency;
• human handoff;
• avoiding over-generalized defaults.

Do

• define bundles by site type and risk profile;
• keep review checkpoints before publication;
• document what a preset means in agency language;
• preserve site-specific overrides.

Don’t

• deploy one preset to every site;
• hide complexity from clients if it affects real policy trade-offs;
• confuse convenience with correctness.