1. Purpose & Governance Principles
This document establishes the decision-making authority, escalation paths, and accountability structure for the Enrollment & Claims Platform Modernization program. It is distinct from the Project Management Plan: the PM Plan describes how the work will be executed; this document defines who has the authority to decide, and how disputes or exceptions are resolved when the plan needs to change.
Five principles guide this governance model:
2. Governance Structure
The program is governed through four bodies:
| Body | Composition | Function |
|---|---|---|
| Executive Sponsor | G. Whitfield, VP of Operations | Ultimate accountability for the program's business outcome; final authority on strategic direction and program continuation |
| Steering Committee | 8 members (see roster below) | Collective decision-making body for changes exceeding the Program Manager's delegated authority |
| PMO | S. Ryan, Director, PMO | Owns and maintains this governance framework; facilitates Change Control Board reviews; escalation point for governance process disputes |
| Program Manager | C. Tyrrell | Day-to-day execution authority within delegated limits defined in Section 3 |
Steering Committee Roster
| Name | Role | Voting |
|---|---|---|
| G. Whitfield | Executive Sponsor (VP of Operations) | Yes |
| A. Marchetti | CIO / VP of Information Technology | Yes |
| R. Castellano | VP, Underwriting | Yes |
| J. Boudreaux | VP, Claims Administration | Yes |
| S. Whitcombe | VP, Finance | Yes |
| N. Sharma | Chief Compliance Officer / General Counsel | Yes |
| S. Ryan | Director, PMO | Yes |
| C. Tyrrell | Program Manager (briefs the committee) | No |
For the full reporting-line structure, including matrixed/loaned resources shown with dotted-line relationships, see the companion Organizational Chart.
3. Roles, Responsibilities & Decision Rights
Every decision on this program falls into one of three authority tiers. This tiering is the same model applied consistently across the Change Control Log, RAIDD Log, and PM Plan §16 — this document is its authoritative definition.
| Tier | Authority | Decisions Covered |
|---|---|---|
| Tier 1 | Program Manager (informational only — no approval required) | Task-level schedule adjustments with no milestone impact; resource assignment within the approved team; scope clarifications that don't change deliverables |
| Tier 2 | Steering Committee | Any cost impact to the baseline; any schedule impact to a Steering-Committee-level milestone; scope changes affecting a deliverable; compliance-related process changes |
| Tier 3 | Executive Sponsor | Governance structure changes; program-level scope changes; cost baseline changes exceeding the contingency reserve; program continuation/cancellation decisions |
Key Role Responsibilities
| Role | Key Responsibilities |
|---|---|
| Program Manager | Day-to-day execution; Tier 1 decisions; prepares Tier 2/3 recommendations for approval; escalates per Section 4 |
| Solution Architect | Technical design authority within approved scope; escalates cross-track technical conflicts to the PM |
| Workstream Leads | Execution within their workstream; escalate cross-workstream conflicts and blockers to the PM |
| PMO Director | Maintains this framework; chairs Change Control Board sessions; arbitrates governance process disputes |
| Steering Committee | Reviews and decides Tier 2 items monthly (or ad hoc for urgent items); holds the PM accountable to the approved baseline |
| Executive Sponsor | Tier 3 decisions; removes organizational obstacles beyond the Steering Committee's authority |
3.1 Governance-Process RACI Matrix
This matrix covers governance-process activities only — approving changes, accepting risk, authorizing exceptions. It is deliberately narrower than, and complementary to, the deliverable sign-off RACI already defined in PM Plan §9.2 (Requirements Sign-off, Vendor Selection, UAT Sign-off, Go-Live Decision, etc.). The two matrices should never duplicate the same row — if an activity is already governed by PM Plan §9.2, it is intentionally not repeated here.
| Governance Activity | Responsible | Accountable | Consulted | Informed |
|---|---|---|---|---|
| Approve Tier 2 Change Request | PMO Director | Steering Committee | Program Manager, affected Workstream Leads | All Stakeholders |
| Approve Tier 3 Change Request | PMO Director | Executive Sponsor | Steering Committee | All Stakeholders |
| Accept High-Scored Risk (RAIDD ≥7) | Program Manager | Steering Committee | Risk Owner, PMO Director | Executive Sponsor |
| Authorize SOX Compliance Exception | Chief Compliance Officer | Executive Sponsor | Steering Committee | Program Manager |
| Approve Vendor SOW Change | Vendor/Procurement Manager | Steering Committee (cost impact) or PM (no cost impact) | PMO Director | Executive Sponsor |
| Quarterly Governance Framework Review | PMO Director | Steering Committee | Program Manager | Executive Sponsor |
Also available as its own page, alongside the PM Plan's deliverable sign-off RACI: RACI Matrix.
4. Escalation Process
Escalation is triggered automatically once a defined threshold is crossed — it is not left to individual judgment about whether something "feels" significant enough to raise.
| Trigger | Threshold | Escalates To | Timeframe |
|---|---|---|---|
| Cost variance | Draws down >50% of contingency reserve | Steering Committee (notification) | Next reporting cycle |
| Cost variance | Exceeds total contingency reserve | Steering Committee (approval required for supplemental funding) | 5 business days |
| Schedule slip | Any Steering-Committee-level milestone at risk | Steering Committee (notification) | 5 business days |
| Schedule slip | >10 business days against a milestone | Steering Committee (formal re-baseline approval) | 10 business days |
| Risk score | RAIDD score ≥7 (High/High) | Steering Committee (visibility + response plan approval) | Next reporting cycle |
| Compliance/regulatory concern | Any SOX control finding | Compliance Officer + Steering Committee | 2 business days |
Standard escalation path: Team Member → Workstream Lead → Program Manager → PMO Director / Steering Committee → Executive Sponsor. Issues unresolved at the PM level within 5 business days (2 business days for Critical/High-rated items) escalate automatically to the next tier — the originator does not need to justify why it's "worth" escalating.
5. Meeting Cadence & Reporting
| Cadence | Forum | Purpose |
|---|---|---|
| Weekly | PM + Workstream Leads sync | Informal status alignment; no formal minutes required |
| Weekly | Status Report distributed to Steering Committee | Written progress, risk, and budget update |
| Monthly | Steering Committee meeting | Formal review using the Steering Committee Deck; decisions requested are voted on; minutes and action items are recorded |
| Quarterly | Governance framework review | See Section 13 |
| Ad hoc | Change Control Board | Convened for any Tier 2/3 change request |
6. Change Control Governance
All formal changes to scope, schedule, or cost baselines follow the tiered authority model in Section 3, formalized through the program's Change Control Log. This document is the authoritative source for why those tiers exist and what they cover; the Change Control Log is the operational record of every request evaluated against them.
7. Vendor Governance
The program carries two major vendor contracts — Platform Upgrade ($1,850,000) and Integration Middleware ($620,000) — combined, roughly 35% of the base budget. This section defines vendor-specific decision authority, distinct from the general Change Control tiers in Section 6.
| Activity | Authority |
|---|---|
| Vendor SOW change, no cost/schedule impact | Vendor/Procurement Manager, informational to PM |
| Vendor SOW change, with cost or schedule impact | Steering Committee (Tier 2, per Section 3) |
| Vendor performance review | Conducted quarterly by the Vendor/Procurement Manager; reported to the PMO |
| Vendor dependency at risk (e.g., a RAIDD dependency flagged "At Risk") | Automatically visible to the Steering Committee via the RAIDD Log — no separate escalation required |
| Vendor contract dispute | Vendor/Procurement Manager → Program Manager → PMO Director → Executive Sponsor (final authority, in consultation with Compliance/Legal) |
| Vendor warranty & post-implementation support handover | Owned by the Vendor/Procurement Manager, per the terms established in CR-005 |
8. Stage Gates & Phase Approval Criteria
Each of the program's 8 WBS phases has a formal gate that must be passed before the next phase begins in earnest — modeled on the stage-gate approach common in regulated, multi-stakeholder programs.
Every gate requires two things, not one: the specific go/no-go criteria in the table below, and continued business justification — a brief reconfirmation that the assumptions underlying the Cost-Benefit Analysis still hold. A gate can meet every schedule and quality criterion and still legitimately not pass if the business case has materially changed. This principle is drawn from PRINCE2's continued-business-justification requirement and applies at every gate below, not only Go-Live.
| Gate | Go/No-Go Criteria | Approval |
|---|---|---|
| Requirements & Vendor Selection Complete | Vendor SOW signed; requirements baseline approved | Steering Committee |
| System Upgrade Validated | Platform upgrade tested and validated by the System Upgrade Lead | Steering Committee |
| Data Conversion Sign-off | ≥99.5% record-match accuracy achieved | Steering Committee |
| Integration Build Complete | All 6 integrations pass unit and integration testing | Program Manager, reported to Steering Committee |
| Testing Complete / UAT Sign-off | UAT pass rate ≥90%; zero open Critical/High security findings; SOX compliance testing passed | Steering Committee |
| Go-Live | All prior gates passed; formal Go-Live readiness review complete | Executive Sponsor + Steering Committee |
| Closeout | Warranty period complete; lessons learned documented | PMO |
9. Independent Assurance
Performance Monitoring (Section 12) is self-reported: the Program Manager and PMO track and report status upward through the normal chain. Independent Assurance is a distinct, separate check — performed by someone outside the reporting chain being assessed — to catch an incomplete or overly optimistic self-report before it reaches the Steering Committee.
| Element | Detail |
|---|---|
| Who performs it | PMO Director, or a PMO team member not directly assigned to this program; for smaller PMOs, the Executive Sponsor may designate an independent reviewer from outside the PMO |
| Frequency | Before each Stage Gate (Section 8); at the midpoint of any phase exceeding 90 days |
| Scope | Spot-check reported EVM figures (SPI/CPI) against underlying data; review RAIDD Log completeness; confirm Change Control Log entries match actual approved changes |
| Findings | Reported directly to the Steering Committee — not filtered through the Program Manager |
10. Risk & Issue Governance
The RAIDD Log records what the risks and issues are; this section defines who has the authority to accept, fund, or escalate a response to them.
| Risk Score | Authority |
|---|---|
| 1–3 (Low) | Program Manager may accept and manage without further approval |
| 4–6 (Medium) | Program Manager manages; reported to Steering Committee in the next status cycle |
| 7–9 (High) | Requires Steering Committee visibility and approval of the response plan |
11. Compliance & Regulatory Oversight
Because the program touches financial systems subject to SOX controls (Billing, Payment Processing, Commission Management), compliance sign-off carries a standing exception to the normal authority tiering:
12. Performance Monitoring
The Steering Committee monitors program health against the quality KPIs defined in PM Plan §8, reported monthly via the Steering Committee Deck:
- Schedule Performance Index (SPI) and Cost Performance Index (CPI) ≥ 0.95
- Data Conversion Accuracy ≥ 99.5%
- Critical/High Defect Escape Rate to UAT ≤ 5%
- UAT Pass Rate (first cycle) ≥ 90%
- Critical/High security findings open at Go-Live: 0
- Training Completion ≥ 95% prior to Go-Live
- Hypercare Severity-1 Incidents ≤ 2
13. Governance of This Framework
This document is owned by the PMO Director and reviewed quarterly. Amendments to the decision-rights tiers, escalation thresholds, or stage-gate criteria require Steering Committee approval; amendments to meeting cadence or reporting format may be approved by the PMO Director alone.
| Version | Date | Summary | Approved By |
|---|---|---|---|
| 1.0 | 15 Jan 2027 | Initial governance model established | Steering Committee |
14. Approval
This governance model is approved for use across the Enrollment & Claims Platform Modernization program.
G. Whitfield, Executive Sponsor
S. Ryan, Director, PMO
C. Tyrrell, Program Manager