Own the path, not every application.
The role owns the enterprise path for delivering AI: architecture, shared capability, trust, decisions, adoption, and evidence. Product teams still own the domain application and business outcome.
Define and operationalize the foundational AI architecture that lets teams build, govern, deploy, and operate identity-bound AI solutions safely and repeatedly.
Direction
01Turn uncertainty into explicit options, trade-offs, recommendations, and architecture decisions.
Foundation
02Identify common AI concerns and shape them into reusable platform capabilities.
Trust
03Translate identity, security, legal, risk, evaluation, and provenance into implementable controls.
Adoption
04Create paved roads, examples, and operating contracts that let teams move independently.
Foundational AI is a platform capability.
The architect establishes clear boundaries between reusable platform responsibilities and domain-specific application responsibilities.
SDKs, templates, IDE and MCP integrations, documentation, golden paths.
Quality gates, traces, metrics, cost, feedback, audit events.
Risk tiers, model allowlists, human approval, provenance, retention.
Delegated identity, entitlements, tool permissions, service identities.
MCP registry, orchestration, tool contracts, action boundaries.
Ingestion, hybrid search, GraphRAG, lineage, source attribution.
Abstraction, routing, fallback, quotas, provider policy, cost attribution.
Cloud, APIs, CI/CD, secrets, networking, catalogs, operations.
Platform owns the repeatable burden
- Shared contracts and lifecycle.
- Common controls and production defaults.
- Reusable evaluation and telemetry.
- Platform reliability and support.
- Discovery, documentation, and onboarding.
Application teams own the domain
- Customer problem and product outcome.
- Domain prompts and evaluation criteria.
- Application code, UX, and integrations.
- Application SLOs and on-call.
- Adoption and business-value realization.
Switch modes intentionally.
The architect creates leverage by knowing when to define, enable, productize, or intervene—and when to exit.
Define direction
Target states, boundaries, trade-offs, interfaces, NFRs, and decisions.
- Exit when the decision is implementable.
- Do not become a permanent approval gate.
Transfer capability
Coach a team through a first implementation or unfamiliar technical risk.
- Pair, demonstrate, observe, transfer.
- Exit when the team can repeat it.
Convert repetition
Turn recurring needs into APIs, SDKs, templates, policies, or services.
- Prioritize by consumer friction.
- Measure adoption and avoided effort.
Resolve systemic risk
Enter deeply when architecture, security, or production uncertainty blocks delivery.
- Remove the systemic uncertainty.
- Return delivery ownership afterward.
Soft skills are the architecture control plane.
They create clarity, trust, movement, and durable capability across teams without formal authority.
Diagnostic curiosity
Separate the request from the actual problem, constraint, and measurable outcome.
Translation across altitude
Hold the facts constant while changing the abstraction for engineering, risk, and executives.
Decision leadership
Move with bounded assumptions and match decision rigor to consequence.
Influence without authority
Build coalitions around evidence, trade-offs, and useful mechanisms.
Constructive dissent
Challenge the decision without threatening the people involved.
Ownership with boundaries
Own the outcome within authority without absorbing every missing role.
Product empathy
Treat developers and consuming teams as customers of the platform.
Intellectual humility
Make a clear recommendation while showing where the evidence is weakest.
Composure
Communicate bad news, pressure, and uncertainty without transmitting panic.
Exceptional means the organization improves around you.
The highest level is not more personal activity. It is compounding decision quality, reuse, trust, and team independence.
Architecture succeeds through an explicit role system.
Each partner owns a distinct part of the outcome. Collaboration should connect the roles, not erase their boundaries.
Manager / platform leader
Creates organizational authority and capacity.
Senior Solutions Architect
Creates technical clarity and cross-system coherence.
Platform engineering
Turns accepted architecture into supported capability.
Product / business owner
Owns customer value and prioritization.
Security, identity, legal, risk
Define and approve control requirements.
Consuming engineering team
Builds and operates the domain solution.
Protect the role from becoming organizational glue.
The architect bridges gaps long enough to expose, shape, and route them. Permanent absorption hides the underlying ownership problem.
Not the default product owner
You may shape use cases and measures. Product still owns customer priority and value realization.
Not the engineering manager
You may identify capacity risk. Management assigns people, resolves priorities, and manages performance.
Not the permanent implementation team
You may build the spike or reference. Engineering hardens, ships, operates, and maintains the service.
Not the risk acceptance authority
You explain the risk and design controls. The designated authority accepts or rejects residual risk.
Not an architecture gatekeeper
The objective is safe autonomy through standards, evidence, and paved roads—not centralized permission for every decision.
Not the recurring incident hero
Repeated rescue is a signal to create ownership, observability, automation, or a platform mechanism.
Require decisions from the roles that hold authority.
You can require your manager to make the organizational contract explicit. You can require engineering to provide implementation and operational evidence.
| Decision or deliverable | Architect | Manager / product | Engineering | Control functions |
|---|---|---|---|---|
| Role charter and priorities | Advise on impact | Decide and rank | Supply capacity evidence | Contribute constraints |
| Target architecture | Drive / decide when delegated | Approve investment implications | Validate feasibility | Validate controls |
| Delivery commitment | Review dependencies | Commit priority and capacity | Estimate and deliver | State review timing |
| Production readiness | Define cross-platform criteria | Accept launch implications | Produce evidence and operate | Approve required controls |
| Risk exception | Explain and recommend | Own business consequence | Implement compensating controls | Approve or reject |
| Application business value | Connect architecture to outcome | Own outcome and adoption | Supply technical measures | Contribute risk measures |
Manager decisions you can require
- Written mandate and role boundaries.
- Top outcomes in ranked order.
- Success measures and expected hands-on depth.
- Decision rights: decide, recommend, drive, contribute.
- Named engineering owner and capacity.
- Escalation path and default when a decision is late.
- Which work stops when new work enters.
Engineering evidence you can require
- Implementation plan, estimates, dependencies, and risk.
- Architecture conformance or a documented exception.
- Tests, evaluation, and security verification.
- SLOs, dashboards, alerts, runbooks, rollback, and on-call.
- Production telemetry and completion evidence.
- Named service owner and maintenance plan.
Convert friction into a decision object.
Do not report frustration. Report the observable state, consequence, recommendation, owner, and date.
Nobody from engineering is taking ownership.
The architecture is ready. No engineering owner or capacity is assigned, so the milestone is uncommitted. I recommend Team X because it owns the adjacent service. The ownership decision is needed Friday.
The priorities keep changing.
Three requests were added. Capacity supports two active outcomes. I recommend retaining identity-bound tool access and model routing, and moving the assistant use case to backlog. Please confirm the ordering.
Engineering ignored the design.
The implementation uses a shared privileged identity rather than delegated user identity. That creates a conformance gap. Engineering should align the implementation or submit a risk exception with an approver.
I am doing everyone else’s work.
I completed the reference implementation to remove feasibility risk. Production hardening, CI/CD, support, and service ownership now require an assigned engineering team. I will remain engaged for architecture review and escalations.
Bridge the gap, but make the gap visible. Help close it, but do not silently become its permanent owner.
Before the break. At the break. After the break.
Use a lightweight decision lifecycle to detect uncertainty early, control production breaks, and convert learning into durable architecture, delivery work, and conformance.
Shape uncertainty while options are still cheap.
Detect irreversible choices, new trust boundaries, cross-team impact, unclear ownership, weak evidence, and production assumptions before implementation hardens them.
- Open an RFD while the problem and solution space are fluid.
- Use an RFC before platform services, public contracts, material AI capabilities, vendor commitments, or costly migrations.
- Name one driver, one approver, a risk tier, and a decision date.
- Require goals, non-goals, alternatives, evidence, rollout, and rollback.
- Run pre-mortems, threat models, evaluation baselines, and readiness reviews.
Contain first. Preserve evidence second. Avoid redesign by adrenaline.
During an incident or failed delivery, separate immediate containment from architectural judgment. Capture enough context to reconstruct what actually happened.
- Assign incident command, technical lead, communications, and scribe roles.
- Record timeline, user impact, traces, decisions, workarounds, and unresolved risk.
- Use temporary exceptions with owner, expiry, compensating control, and rollback.
- Do not convert the incident channel into an unreviewed architecture forum.
- Tag suspected ADR/RFC assumptions that may have been invalidated.
Change the system, not only the incident ticket.
Decide whether the break exposed an implementation defect, missing control, invalid assumption, architecture decision, platform gap, or ownership gap.
- Publish a learning review with systemic cause and decision implications.
- Create or supersede the ADR when the accepted architecture changes.
- Update the RFC when scope, assumptions, risk, or rollout strategy changes.
- Create delivery actions, ORR gates, conformance rules, tests, and owner dates.
- Carry ADR IDs into code, service catalogs, API specs, policies, dashboards, and runbooks.
Use the artifact that answers the current question.
Request for Discussion
Is this problem worth developing, and what should be learned before committing?
Request for Comments
Should the organization adopt this substantial proposal?
Architecture Decision Record
What was decided, why, under which guardrails, and what triggers reconsideration?
System Design
How does the accepted architecture work now?
Operational Readiness Review
Can this system be safely operated, supported, recovered, and audited?
Learning Review
What assumption, control, mechanism, or ownership model failed?
Scale the ceremony to consequence.
Minimum RFC decision package
- Decision requested—not merely “feedback wanted.”
- Status, driver, approver, risk tier, deadline, affected systems.
- Current state, goals, non-goals, drivers, and constraints.
- Proposed architecture and interfaces.
- Alternatives and trade-offs.
- Security, data, operations, evaluation evidence.
- Migration, rollout, rollback, and feedback disposition.
Minimum ADR record
- Context and decision drivers.
- Options considered.
- Explicit decision statement.
- Rationale and consequences.
- Guardrails and conformance rules.
- Validation evidence.
- Review and supersession triggers.
- Linked implementation and follow-up actions.
Anti-pattern: AI evidence laundering
A polished demonstration is presented as proof. Require representative datasets, baselines, thresholds, reproducible model and prompt versions, and explicit failure analysis.
Anti-pattern: unbounded conditional approval
Major concerns become an informal backlog. Every condition needs an owner, due date, tracking item, evidence requirement, and explicit blocking designation.
Anti-pattern: document by committee
Many authors flatten the narrative into contradictions. One driver owns the proposal. Contributors comment, supply evidence, or propose explicit edits.
Anti-pattern: Confluence–code divergence
The decision cannot be found from the implementation. Carry ADR IDs into repositories, service catalogs, API specifications, policies, runtime metadata, dashboards, and runbooks.
Documentation informs. Mechanisms enforce.
Use tools to reduce missing information, time-box review, preserve provenance, verify conformance, and make the safer path the easier path.
Confluence templates + approvals
Standardize RFC/ADR metadata, required sections, review states, approvers, due dates, and approval history.
- Use pages—not ephemeral chat—as the review record.
- Generate decision registers with page properties and labels.
- Require one accountable approver.
Jira workflows and issue forms
Turn decisions and conditions into owned delivery work instead of leaving them inside comments.
- Required owner, due date, risk tier, evidence, and blocking state.
- Workflow gates for review, approval, implementation, readiness, and validation.
- Automated stale-decision and expired-waiver reports.
Architecture-as-code
Keep diagrams, contracts, and decisions close enough to implementation that drift is visible.
- Mermaid, Structurizr, PlantUML, OpenAPI, AsyncAPI.
- Repository-owned design and ADR folders.
- PR previews and diff review for diagrams and contracts.
Evaluation harnesses
Replace demo confidence with repeatable evidence for models, retrieval, agents, and safety.
- Golden datasets and task rubrics.
- Prompt and model version capture.
- Regression thresholds and release gates.
- Representative failure scenarios.
OpenTelemetry correlation
Preserve end-to-end evidence across gateway, retrieval, model, policy, and tool execution.
- Trace and span IDs in logs.
- Model, prompt, tool, policy, and ADR identifiers as safe attributes.
- Privacy-aware sampling and redaction.
Incident command + evidence capture
Use a structured incident channel, timeline, owner roles, and temporary exception record.
- Containment, impact, decision, and rollback timestamps.
- Link the affected service, ADR, RFC, release, and dashboards.
- Separate facts, hypotheses, and decisions.
Feature flags and kill switches
Make AI autonomy, model routes, tools, and risky capabilities independently disableable.
- Read-only fallback.
- Provider or model isolation.
- Tool-level deny switches.
- Progressive exposure and rollback.
Backstage catalog + TechDocs
Make current ownership, documentation, ADRs, APIs, SLOs, dashboards, and runbooks discoverable from the service.
- ADR and RFC annotations.
- System, component, API, and owner relationships.
- Docs stored with code and published through the catalog.
Policy as code
Convert accepted guardrails into testable rules for configuration, IaC, deployment, and runtime authorization.
- OPA / Rego and Conftest in CI.
- Model allowlists, region restrictions, required metadata.
- Waiver IDs and expiry enforcement.
Architecture conformance tests
Turn high-value ADR guardrails into executable checks.
- Dependency and layering tests.
- API linting and compatibility checks.
- Identity, network, and data-policy assertions.
- Required status checks before merge.
Required PR checks
Require the evidence linked to the decision before code can merge.
- ADR or RFC reference when architectural paths change.
- Evaluation, policy, security, and compatibility checks.
- CODEOWNERS for affected domains.
- Rulesets and protected branches.
Decision health dashboards
Measure whether the process is improving delivery or becoming ceremony.
- Time to decision and review latency.
- Accepted RFCs without delivery links.
- Released systems without ORR evidence.
- Expired waivers and stale ADRs.
- Repeated incidents tied to the same guardrail.
Choose the mechanism that removes recurrence.
Teams disagree on problem or scope.
One driver, bounded questions, approver, deadline.
The same architecture argument returns.
Preserve rationale, guardrails, and supersession triggers.
Code no longer reflects the accepted architecture.
Architecture tests, policy as code, contract linting, required status.
Ownership, SLO, rollback, or capacity is missing.
Evidence-based readiness before release or graduation.
The same failure mode returns.
Change the decision, default, test, or shared service.
Every team needs synchronous interpretation.
Template, SDK, examples, ownership, and self-service documentation.
Run a small, visible operating cadence.
The role becomes credible through repeated behaviors: clear priorities, decision flow, engineering evidence, consumer feedback, and learning conversion.
Priority and dependency review
Confirm the top outcomes, new requests, displaced work, owner gaps, and decisions due this week.
Architecture office hours
Use bounded enablement for novel problems. Route substantial proposals into the RFC lifecycle.
Decision and evidence review
Resolve material feedback, validate evaluation evidence, and take decision-ready questions to approvers.
Engineering conformance
Review implementation evidence, exceptions, operational readiness, and platform capability gaps.
Learning and leverage
Convert repeated questions, incidents, and manual reviews into templates, tests, policies, SDKs, or roadmap proposals.
Weekly questions
- What decision is blocked, and who is the approver?
- What new request displaces existing work?
- What architecture assumption has weak evidence?
- What does engineering need to prove this week?
- What repeated friction should become a platform capability?
- What exception is approaching expiry?
Quarterly health review
- Platform adoption and avoided engineering effort.
- Time from idea to decision to production.
- RFC review latency and unresolved ambiguity.
- ADRs without linked conformance or delivery.
- Incidents that invalidated architecture assumptions.
- Areas still dependent on architect heroics.
Measure leverage, not visible activity.
Use the assessment as a conversation starter. The highest score is not the objective; explicit gaps and next mechanisms are.
Start by making owners, decision rights, and the first high-impact RFC explicit.
Research and operating-model provenance.
This guide synthesizes the role research and the DecisionOS RFC/ADR research. Linked material is used for role patterns, decision lifecycle, approvals, docs-as-code, policy enforcement, architecture testing, and observability.
Decision records and review systems
Workflow and enforcement tools
AI risk, readiness, and platform practice
Artifact metadata
Artifact: Core Platform AI Role Guide
Version: 2.0.2
Reviewed: July 18, 2026
Method: Primary-source research synthesis, prior DecisionOS research, user-directed role framing, and mobile-first implementation.