Skip to content
pm-skills

Stakeholder Briefings: Workbench Blueprints SSO + Approval-Gates PRD

Scenario

Section titled “Scenario”

Rachel V. (PM, Blueprints) has a locked Blueprints v1 PRD covering required-section enforcement, native role-based approval gates, SAML SSO provisioning, and Yjs real-time co-editing. The same spec has to reach Karen L.’s engineering team, Tomás G.’s design team, Leo M. in Data, the legal/compliance reviewer, and Sandra C. (Head of Product) before the GA go/no-go review, each with a different decision to make. Rather than rewrite the PRD five times, Rachel runs foundation-stakeholder-briefings against it. The skill proposes Engineering, UX/Design, Data/BI, and Executive for a spec; Rachel adds Legal because SSO provisioning, audit logs, and approval governance carry data-handling obligations.

Source Notes:

  • Workbench is fictional.
  • All metrics [fictional].

Prompt

Section titled “Prompt”
/foundation-stakeholder-briefings @blueprints-prd.md


Source: Blueprints v1 PRD (locked, v1.0). Reusable document templates with
required-section enforcement + native role-based approval gates, SAML SSO
provisioning, and Yjs CRDT real-time co-editing. Target users: enterprise ops
managers (creators), department heads (approvers), IT security leads (admin).


Baselines [fictional]: 60% of enterprise projects lack an approved kickoff doc
at handoff; median time-to-approved is 4.0 days; 38% of Blueprints reach
approval with >=1 empty section. Targets: time-to-approved <=2.5 days,
empty-section rate <=10%, enterprise accounts 500 -> 650 in 12 months.


Decided: Yjs CRDTs per ADR-012; approval state lives in the relational DB, not
the CRDT doc. Open risk: SAML SSO certification could slip past the GA date.


Audiences: take the spec proposal, and add Legal for the SSO provisioning +
audit-log + approval-governance surface. GA go/no-go is owned by Sandra C.
(Head of Product). Named stakeholders: Karen L. (Eng Lead), Tomás G. (Design
Lead), Leo M. (Data Analyst), Mei-Lin T. (Enterprise Sales Lead).

Output

Section titled “Output”
# Stakeholder briefings: Blueprints v1 (SSO + approval gates)


## Master document


**What and why**


- M1: Blueprints v1 turns Workbench documents into governed templates - required sections plus native role-based approval gates - so enterprise teams stop handing off work on incomplete, unapproved docs.
- M2: The problem it solves is concrete: 60% of enterprise projects lack an approved kickoff doc at handoff [fictional], and 38% of Blueprints reach approval with at least one empty section [fictional].
- M3: It is also the security-and-governance unlock for enterprise sales: SAML SSO, audit logs, and role-based access are bundled into v1 to open the 500-to-650-account growth corridor [fictional].


**Decisions**


- M4: Required-section enforcement gates the submit button: a Blueprint cannot be sent for approval until every required section has content.
- M5: Approval gates are role-based (sequential or parallel), and approval state is stored in the relational database, not in the Yjs CRDT document, to keep structured workflow data out of the co-editing layer (ADR-012).
- M6: Real-time co-editing runs on Yjs CRDTs with a target merge latency of 50ms or less at up to 20 concurrent editors [fictional]; conflict resolution is automatic.
- M7: Enterprise security ships in v1, not as a fast-follow: SAML SSO (SP- and IdP-initiated), audit logging of all Blueprint lifecycle events, and a five-role access model.


**Status**


- M8: Engineering build is roughly 60% complete [fictional]; the sending pipeline, template gallery, and required-section gating are done, analytics instrumentation and SSO certification are not.
- M13: Success is measured against two targets: median time-to-approved down from 4.0 days to 2.5 days or less [fictional], and empty-section rate down from 38% to 10% or less [fictional]; both targets are unmeasurable until analytics instrumentation lands.
- M14: Measuring success requires lifecycle event instrumentation (blueprint_created, section_completed, submitted, approved, rejected, published) and a dashboard covering empty-section rate, time-to-approved, and approval-cycle count, in place before beta exits.


**Risks and open questions**


- M9: SAML SSO certification is the top schedule risk: if it slips, GA either ships without SSO or moves, because the enterprise pipeline depends on it; the fallback is a roughly two-week fast-follow once certification lands.
- M10: Required sections may push authors to enter placeholder text to clear the gate ("skip-and-submit"); the A/B test and approval-gate review are the planned guards.
- M15: Distinguishing real completeness from gamed completeness needs a detection signal: a heuristic that flags required sections cleared with trivial content (single character, "n/a", repeated whitespace), or a reported empty-section rate could mask gaming.


**Asks**


- M11: GA go/no-go decision, owned by Sandra C. (Head of Product), at the GA review.


**Timeline**


- M12: Closed beta running now on 80 accounts [fictional]; required-vs-optional-sections A/B test next; GA target April 2026.


## Briefings


--- BEGIN: Engineering ---


**Draws on:** M4, M5, M6, M8, M9
**Primary ask:** Confirm SAML SSO certification has a committed completion date inside the GA window, or declare the no-SSO fallback now.


**Required-section gating is built; SSO certification is the schedule risk that needs an owner**


**What this means for Engineering**


The functional core is in good shape. Required-section enforcement gates the submit button until every required section has content (M4), and the build is roughly 60% complete [fictional] with the pipeline, template gallery, and gating done. Two decisions keep the architecture clean: approval state lives in the relational DB rather than the Yjs document, so structured workflow data never touches the CRDT layer (M5), and co-editing targets 50ms or less merge latency at up to 20 concurrent editors [fictional] with automatic conflict resolution (M6).


The open item that drives sequencing is not co-editing, it is SAML SSO certification (M9). It is the top schedule risk: if certification slips, GA either ships without SSO or moves. Engineering needs to either commit a certification completion date inside the GA window or surface the no-SSO fallback now, while there is still time to plan a two-week fast-follow rather than discover the gap at the go/no-go review.


--- END ---


--- BEGIN: UX/Design ---


**Draws on:** M2, M4, M10
**Primary ask:** Design the required-section flow so it drives completeness without inviting placeholder text, and validate it before the A/B test.


**Required sections must feel like guidance, not a paywall - or authors will game them**


**What this means for UX/Design**


The whole governance promise rests on one interaction: an author cannot submit a Blueprint for approval until every required section has content (M4). That gate is the lever that addresses the real problem - 38% of Blueprints reach approval with an empty section today [fictional] - but it also creates the failure mode we most have to design against.


The risk is skip-and-submit (M10): if the gate feels like a wall, authors will type "n/a" or a single character to clear it, and we will have moved the incompleteness from "empty" to "garbage" without improving the document. The design job is to make each required section feel like a prompt that helps the author finish, with inline guidance on what good looks like, not a blocker they route around. This needs to be validated before the required-vs-optional A/B test, because the experiment measures completion behavior and a gameable flow would confound the result.


--- END ---


--- BEGIN: Data/BI ---


**Draws on:** M2, M8, M10, M13, M14, M15
**Primary ask:** Stand up the lifecycle dashboard and skip-and-submit detection before beta exits, so v1 ships measurable.


**Analytics is the open build item; without it we cannot prove the governance bet or catch gaming**


**What this means for the Data team**


The success measures for Blueprints v1 are completeness and speed: empty-section rate down from 38% to 10% or less [fictional], and time-to-approved down from 4.0 days to 2.5 days or less [fictional]. Analytics instrumentation is the one PRD item not yet built (M8), which means right now none of those targets are measurable.


We need lifecycle event instrumentation (blueprint_created, section_completed, submitted, approved, rejected, published) and a dashboard covering empty-section rate, time-to-approved, and approval-cycle count, in place before beta exits. We also need a specific signal for the skip-and-submit risk (M10): a heuristic that flags required sections cleared with trivial content (single character, "n/a", repeated whitespace), so we can tell the difference between real completeness and gamed completeness. Without that detection, a "10% empty-section rate" could be hiding gaming, and the A/B result would not mean what we think it means.


--- END ---


--- BEGIN: Legal ---


**Draws on:** M5, M7, M11
**Primary ask:** Sign off on the SSO attribute handling, audit-log retention, and approval-record model before the GA go/no-go review.


**SSO provisioning, audit logs, and approval records are the data-handling surface that needs a compliance pass**


**What this means for Legal**


Blueprints v1 ships enterprise security in the release itself, not as a later add-on (M7): SAML SSO provisioning that reads identity attributes from the customer's IdP, audit logging of every Blueprint lifecycle event, and a role-based access model. Each of those is a data-handling surface. SSO means we ingest and map identity attributes; audit logs mean we retain a record of who did what and when; role-based approval means the approval record is itself governance evidence a customer may need to produce.


One design choice is relevant to your review: approval state is stored in the relational database rather than in the co-editing document (M5), which means the approval record is structured, queryable, and exportable rather than buried in an opaque CRDT blob. We need your sign-off on the SSO attribute handling, the audit-log retention period, and the approval-record model before the go/no-go decision (M11), because GA cannot proceed to a "go" without it. Please confirm the bar is met or flag the specific gaps.


--- END ---


--- BEGIN: Executive ---


**Draws on:** M1, M3, M9, M11, M12


**Primary ask:** Approve GA go/no-go at the review, and decide the SSO-slip contingency (ship without SSO vs. hold GA).


**Blueprints v1 is the enterprise-governance unlock, on track for April GA, with one risk to decide**


**What this means for the Executive sponsor**


Blueprints v1 turns Workbench docs into governed templates with required sections and approval gates (M1), and it bundles the enterprise security suite - SSO, audit logs, role-based access - that opens the 500-to-650-account growth corridor [fictional] (M3). Build is on track for an April GA, with closed beta running now on 80 accounts [fictional] (M12).


There is one decision only you can make. SAML SSO certification is the top schedule risk (M9): if it slips past the GA date, the choice is to ship GA without SSO and fast-follow, or hold GA until certification lands. The first option ships value sooner but to a thinner enterprise story; the second protects the security narrative but moves the date. Decision needed from you at the go/no-go review (M11): approve GA, and pick the SSO-slip contingency so the team is not improvising it on launch week.


--- END ---


---


## Translations applied (internal)


- "SAML SSO certification" kept precise for Engineering and Legal; rendered as "the enterprise security suite that opens the growth corridor" for the Executive (audience: Executive).
- "approval state stored in the relational DB, not the Yjs CRDT document" kept as the architecture decision for Engineering; reframed for Legal as "the approval record is structured, queryable, and exportable rather than an opaque blob" so the compliance value is legible (audience: Legal).
- "skip-and-submit" kept as the design failure-mode term for UX; rendered for Data as "gamed completeness vs. real completeness" to make it a measurement requirement (audience: Data/BI).
- "empty-section rate 38% -> <=10%" kept as the working metric for Data and UX; folded into "the governance bet" framing for Data and "addresses the real problem" for UX.


**Flagged but kept** (may need review):


- "required-section enforcement" - kept across Engineering, UX, and Data blocks; for the Executive it is summarized as "governed templates" rather than the mechanism, on the assumption the sponsor cares about the outcome, not the gate behavior. Confirm that lands.


## Sources and References


- Source artifact: blueprints-prd.md [fictional]
- **Generated:** 2026-06-20T15:10:00Z | **Skill version:** 1.0.0 | **Audiences:** Engineering, UX/Design, Data/BI, Legal, Executive | **Input quality:** high (locked PRD with scope, quantified baselines, decisions, named risks, and a named decision-maker)
- **Invariant self-check:** 5 briefings; all Draws-on IDs resolve to M1-M15; one Primary ask each; master reviewed as audience-neutral.