{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://github.com/welkaim/ea-codex/schemas/v1/delegation-policy.json", "title": "DelegationPolicy", "description": "Authority model that defines how architectural decisions are delegated between humans and agents. A DelegationPolicy declares a set of named levels (typically L1 through L4, but the schema does not hardcode a specific number), what each level means, who holds authority at each level, what role agents may play, and what evidence each level requires. Referenced by AgentContract.spec.intent.delegationLevel and by DesignAuthorityBody. Without this kind, delegation lives as an enum value in AgentContract with no shared definition of what the levels mean. Introduced in Chapter 4.", "type": "object", "required": ["apiVersion", "kind", "metadata", "spec"], "properties": { "apiVersion": { "$ref": "_common.json#/$defs/apiVersion" }, "kind": { "type": "string", "const": "DelegationPolicy" }, "metadata": { "$ref": "_common.json#/$defs/metadata" }, "spec": { "type": "object", "required": ["scope", "levels"], "properties": { "scope": { "type": "object", "description": "Where this delegation policy applies. An enterprise typically has one global policy and may add domain-specific policies for regulated areas.", "required": ["appliesTo"], "properties": { "appliesTo": { "type": "string", "enum": ["enterprise", "domain", "capability"], "description": "Reach of the policy. 'enterprise' is the default global policy; 'domain' restricts to a named domain; 'capability' restricts to a named capability." }, "domain": { "type": "string", "description": "Required when appliesTo is 'domain'." }, "capabilityRefs": { "type": "array", "items": { "type": "string" }, "description": "Required when appliesTo is 'capability'. Free-text references resolved in the EA platform's capability map." } }, "additionalProperties": true }, "levels": { "type": "array", "minItems": 1, "description": "Ordered list of delegation tiers. By convention the first level is the most constrained (most automated, least human involvement) and the last is the most reserved (no agent involvement permitted). The L1-L4 convention used in Chapter 4 is the recommended default but the schema accepts any number of named levels.", "items": { "type": "object", "required": ["level", "description", "humanRole", "agentRole", "evidenceRequired"], "properties": { "level": { "type": "string", "description": "Level identifier. By convention 'L1', 'L2', 'L3', 'L4' for the four-tier model, but free-text to allow enterprises with different conventions (e.g. 'tier-1', 'reserved')." }, "title": { "type": "string", "description": "Optional human-readable label (e.g. 'L1-automated', 'L4-reserved')." }, "description": { "type": "string", "minLength": 20, "description": "What kind of decision belongs at this level and why." }, "examples": { "type": "array", "items": { "type": "string" }, "description": "Concrete examples of decisions that belong at this level. Examples are normative: an enterprise auditing its delegation can ask whether the right decisions are at the right level by comparing actual cases against these examples." }, "agentRole": { "type": "string", "enum": [ "execute-and-report", "assess-and-recommend", "flag-and-brief", "advisory-only", "none" ], "description": "What the agent is permitted to do at this level. 'execute-and-report' means the agent acts and reports; 'assess-and-recommend' means the agent produces a finding for human approval; 'flag-and-brief' means the agent surfaces the decision for human resolution and prepares a briefing; 'advisory-only' means the agent may comment but cannot recommend; 'none' means no agent participation permitted." }, "humanRole": { "type": "string", "description": "What humans do at this level. Examples: 'review-on-failure-only', 'domain-architect-approval', 'design-authority-board-resolution', 'named-authority-only'." }, "evidenceRequired": { "type": "string", "description": "What evidence must be captured for a decision at this level. Examples: 'audit-log-of-evaluation', 'agent-finding plus architect-sign-off', 'decision-record with rationale and dissent', 'board-minutes with accountability record'." }, "namedAuthorities": { "type": "array", "items": { "type": "string" }, "description": "Optional list of named human authorities required at this level. Typically populated for the most reserved levels (e.g. ChiefArchitect, HeadOfQuality, ChiefDataOfficer)." } }, "additionalProperties": true } }, "escalationRules": { "type": "array", "description": "Conditions that force escalation from a lower to a higher level regardless of where the agent initially classified the request. Used to prevent agents from under-classifying high-stakes decisions.", "items": { "type": "object", "required": ["condition", "escalateTo"], "properties": { "condition": { "type": "string", "description": "Free-text condition (e.g. 'change affects validated GxP system', 'new jurisdiction introduced', 'cross-domain data authority change')." }, "escalateTo": { "type": "string", "description": "Level identifier (must match a 'level' value in 'levels')." } }, "additionalProperties": true } } }, "additionalProperties": true } }, "additionalProperties": false }