ICMD Control-Plane Fit Checklist (2026) Use this worksheet to decide (1) where your product anchors, (2) what you must own to be durable, and (3) what to build first so you don’t get stuck in pilot mode. 1) Name the control plane you’re aligning with - Primary anchor (pick one): Microsoft 365/Entra | Salesforce | ServiceNow | Atlassian | AWS | GCP | Azure | Other: ______ - Why this is the customer’s “home screen” (one sentence): ______ - Who administers it inside the customer (role/team): ______ 2) Identify your “truth” and refuse to fight it - System of record you will NOT replace (be explicit): ______ - Objects/records you will extend (your domain model): ______ - Where reconciliation will happen (if any): ______ If you can’t name the system of record, pause. You’re building generic middleware. 3) Map platform-collision risk (concretely) List 5 features your anchor vendor can plausibly ship: - ______ - ______ - ______ - ______ - ______ Now list 5 things they won’t want to own (messy, specific, liability-heavy): - ______ - ______ - ______ - ______ - ______ Your roadmap should concentrate on the second list. 4) Enterprise acceptance gates (must-haves) Check each box only if you can ship it, not just promise it: - SSO (SAML/OIDC) and SCIM provisioning - Role model that matches customer expectations (RBAC/ABAC, least privilege) - Audit logs with actor/initiator/action/target/policy/outcome - Export path to customer tooling (SIEM/log stack) via API or webhook - Approval + rollback strategy for automated actions - Clear error taxonomy and replay/idempotency plan 5) Build sequence for “governed autonomy” Write the first workflow/queue you will own (must have an internal owner and backlog): ______ Then plan a staged rollout: - Phase 0: Mirror existing workflow (no autonomous actions) - Phase 1: Standardize inputs (schemas, required fields, taxonomies) - Phase 2: Assistive AI (suggestions/summaries only) - Phase 3: One automated action behind policy + approval - Phase 4: Expand action set; add metrics customers already trust (not vanity dashboards) 6) The procurement-proof narrative (one paragraph) Fill in: “We integrate natively with ______. We operate inside your existing permissions and audit model. We automate ______ (specific queue) with explicit policies, approvals, and rollback. If we fail, you can trace every action in ______ (customer’s logging/SIEM tool) and undo changes via ______.” If you can’t write this paragraph, you’re not ready to sell enterprise automation.