ICMD 90-Day Agentic Leadership Rollout Template

Purpose
Deploy AI agents in a way that increases speed without increasing incidents, defects, or customer trust erosion. This template assumes you want measurable outcomes in 90 days and durable governance.

Success Metrics (pick 3–5)
- Engineering: lead time for changes (DORA), change failure rate, MTTR
- Support: time-to-first-response, time-to-resolution, CSAT, escalation rate
- GTM ops: turnaround time for proposals, CRM hygiene accuracy, win-rate on assisted deals
- Finance/IT: cost per workflow run, monthly LLM spend vs budget

Permission Tiers (policy)
Tier 0: Read-only (search, summarize, cite sources). No external side effects.
Tier 1: Propose-only (draft PRs, draft emails, create tickets). Human must approve send/merge.
Tier 2: Execute in non-prod (staging data cleanup, load tests, refactors). Automatic rollback required.
Tier 3: Limited prod actions (feature-flag changes, safe rollbacks). Requires eval gates + full audit.

90-Day Plan
Days 1–15: Foundation
- Name DRIs: exec sponsor, platform owner, security owner, domain owners (support/eng/etc.)
- Choose 3 “starter workflows” (high volume, low ambiguity, reversible)
- Implement agent identity: separate service accounts, least privilege, secrets in KMS/Vault
- Logging baseline: tool calls, inputs/outputs, timestamps, human approver field

Days 16–45: Shipping + Instrumentation
- Ship Tier 0–1 versions of the 3 workflows
- Add measurement dashboards: baseline vs current (weekly reporting)
- Start an eval suite: 50–150 real cases per workflow (including 10 adversarial cases)
- Define release gates: e.g., must pass 97% regression; must log 100% of actions

Days 46–75: Expand Scope Carefully
- Add 2 more workflows OR deepen one into Tier 2 (non-prod execution)
- Run a red-team session: prompt injection, data leakage, unsafe policy requests
- Add incident playbooks: disable switch, rollback steps, on-call routing

Days 76–90: Operationalize
- Quarterly operating review agenda: metrics, eval coverage, cost, incidents, permission changes
- Decide on Tier 3 candidates (only if: evals stable, audit complete, rollback proven)
- Publish a one-page “Agent Rules of the Road” for the whole company

Weekly Leadership Ritual (30 minutes)
1) Outcomes: what improved (cycle time, CSAT, MTTR) and what worsened
2) Quality: eval pass rate, top failure modes, incident/near-miss review
3) Governance: permission changes requested/approved/denied
4) Cost: spend vs budget, cost per successful workflow run
5) Next bets: one new workflow candidate with estimated ROI and risk tier

Go/No-Go Checklist (must be YES)
- Every workflow has a single accountable DRI
- 100% of agent actions are logged and attributable
- Automated evals run in CI or pre-release; thresholds defined
- Human approvals are enforced for Tier 1 actions
- Rollback path exists and is tested for any execution tier

Notes
If you can’t answer “what did the agent do, who approved it, and how did it perform?” in under 5 minutes, you’re not ready to expand permissions.