Memo 07 — Organizational Governance
Series: The Landscape of Normative Systems (LNS) Series ID: LNS Memo number: 07 of 12 Primary JD questions: Q1 (sources), Q2 (six-part analysis), Q4 (the Regulation → Procedure → Policy → Job Description → KPI → individual action dependency chain), with contributions to Q3 (norm-generation behaviors: authority, optimization) and Q7 (relation of organizations to law, power, incentives). Status of D0: Immutable. Not modified, not criticized, not defended in this memo. (The adversarial treatment of the computability assumption is reserved for Memo 11; here we only stage the relevant threats.)
Scope note. This memo treats the organization — the firm, the bureau, the agency, the military unit, the professional body — as a norm-generating and norm-executing system, and it owns the lower, operational half of the JD Q4 dependency graph: the progressive refinement of abstract law and regulation into procedure, policy, job description, and finally the individual, measurable directive (the KPI or its equivalent) that terminates in a physical action. This is the layer closest to the executable governance the field targets; for the compiler architects it is best read as the compilation-target half of the normative stack — the point where an ought has been ground down until it is nearly an instruction with an operand and a measurable postcondition. We survey corporate governance (the board/shareholder/manager principal–agent structure), Weberian bureaucracy read as an execution engine, standard operating procedures (SOPs), professional standards and codes, military doctrine and command hierarchy (orders as imperative norms; rules of engagement as conditional constraints), management-by-objectives / OKRs / KPIs as the operationalization-and-measurement layer, and compliance/audit as the internal enforcement organ. We apply the mandatory six-part analysis (JD Q2) to four sources treated distinctly: organizational governance, professional standards, military doctrine, and contracts-as-internal-policy. The memo's structural centerpiece is an ASCII dependency diagram of the full Regulation → … → KPI chain annotated with the transformation semantics at each edge (refinement, specialization, operationalization, measurement, execution), and an explicit judgment about which layers are already near-executable. All claims carry epistemic tags per §0.4 of the conventions; content is separated into the four standing categories per §0.5.
07.1 Orientation: the organization as the last mile of governance
The sources surveyed in Memos 01–06 answer the question where do norms come from. This memo answers a different question: how does an abstract norm become a physical act performed by a specific human (or machine) at a specific time? INFERENCE — this is the framing that distinguishes Memo 07 from its neighbors and is the reason the JD routes the operational half of Q4 here.
An organization is the social technology that closes that gap. INFERENCE A statute says "financial institutions shall maintain adequate controls against money laundering." No one can execute that sentence. Between it and the teller who files a suspicious-activity report there is a cascade: a regulator issues a rule with numeric thresholds; the bank's board adopts an AML policy; compliance writes a procedure; a job description assigns the procedure to a role; a KPI measures whether the role performs it; and a specific person, at 14:32 on a Tuesday, clicks submit. INFERENCE that this cascade is the empirical content of "organizational governance," illustrated with a representative but stylized example.
Two properties of this cascade make it central to the Computable Governance program:
-
It is a refinement pipeline. Each stage takes a more abstract norm and produces a less abstract one, adding operational detail while (ideally) preserving the abstract norm's intent. INFERENCE This is structurally identical to compilation: high-level intent → intermediate representation → machine instruction. The analogy is not decorative; it is the reason this layer is the natural compilation target for D1/D2. HYPOTHESIS — that the organizational refinement pipeline and program compilation share enough structure to be modeled by the same machinery; this is a load-bearing hypothesis for the whole program and is stress-tested below and in Memo 11.
-
Its bottom stages are already near-executable. A KPI is a measurable predicate over a state; an SOP is close to an imperative program; an order is close to a function call. INFERENCE Unlike the sources of Memo 06 (diffuse social norms) or Memo 04 (revelation), organizational norms are frequently authored to be followed mechanically, sometimes by literal software. This is the layer where the gap between ought and instruction is smallest.
A text diagram of where this memo sits in the stack:
legitimacy is the hard problem"] TM -.-> TMN["concrete, measurable, fast-mutating
EXECUTION is the hard problem"]
Memo 01 owns the top of the Q4 chain (politics → constitution → law → regulation). This memo owns the bottom (regulation → … → KPI → action). The two meet at regulation, which is treated here as the entry point — the most abstract input the organizational pipeline consumes — and is analyzed as the boundary object between the two halves (07.6).
07.1.1 What "organizational governance" denotes here
Organizational governance is the set of norms, structures, and processes by which an organization (a) receives external norms, (b) generates its own internal norms, (c) allocates authority and responsibility over them, and (d) enforces them on its members. INFERENCE — a working definition assembled from the corporate-governance and public-administration literatures; not a quotation. It has two faces the memo keeps distinct:
- Norm-receiving / norm-executing face: the organization as a machine that runs external law and regulation (bureaucracy as execution engine, 07.3; compliance as enforcement, 07.8).
- Norm-generating face: the organization as a legislator of its own internal order — policies, procedures, standards, orders, contracts (07.2, 07.4–07.7).
Most real organizations are both simultaneously, and the coupling between the two faces (external law flowing in, internal norms flowing out and down) is exactly the Q4 refinement pipeline.
07.2 Corporate governance: the principal–agent architecture as a norm-allocation structure
07.2.1 Established consensus
Corporate governance is fundamentally a structure for allocating decision rights and accountability among parties with divergent interests. FACT that this is the mainstream characterization across law-and-economics and management scholarship. The canonical structure is the three-tier chain:
The principal–agent problem is the defining tension. FACT that the agency-cost framing is associated with Jensen and Meckling's 1976 theory of the firm, and earlier with Berle and Means' 1932 observation of the separation of ownership and control. The core facts, stated carefully:
- Separation of ownership and control FACT re Berle–Means: those who own the residual claim (shareholders) are not those who make daily decisions (managers).
- Divergent interests + information asymmetry FACT that this pairing is the standard agency model: the agent knows more about their own effort and the firm's state than the principal, and the agent's utility need not align with the principal's.
- Agency costs FACT re Jensen–Meckling: the residual loss plus monitoring costs plus bonding costs that arise because alignment is imperfect.
INFERENCE In the shared vocabulary (§0.6), corporate governance is a system of power-conferring norms (Hohfeldian power/liability) as much as duty-imposing ones: it specifies who has the power to bind the organization, who is liable to have their position changed, and who owes fiduciary duties to whom. The board holds a power over management (hire/fire); management holds delegated powers over employees; shareholders hold a residual power over the board (vote). The whole structure is a Hohfeldian power lattice with duties hung off it.
Fiduciary duty is the load-bearing legitimacy device. FACT that directors in most common-law jurisdictions owe duties of care and loyalty, enforced through litigation and, in the U.S., mediated by doctrines such as the business judgment rule. INFERENCE Fiduciary duty is the mechanism by which the validity of a delegated power is coupled to a duty running back to the principal: you may exercise this power (validity), but only in the principal's interest (duty), on pain of liability (enforcement).
07.2.2 Competing theories
Presented without adjudication (§0.5):
- Shareholder-primacy vs stakeholder theory. One view (associated with the position of Friedman and much of law-and-economics) holds the firm's governing objective is shareholder value; a competing view (stakeholder theory, associated with Freeman) holds the firm owes duties to a broader set — employees, creditors, community. FACT that both positions are widely held and institutionally embodied in different jurisdictions. Computationally this is a disagreement about the objective function the governance system optimizes — a single scalar (share price) vs a vector with contested weights. INFERENCE
- Contractarian (nexus-of-contracts) vs entity theories of the firm. One view treats the firm as a nexus of contracts (the position associated with Jensen–Meckling and Easterbrook–Fischel) with no privileged center; a competing view treats the firm as a real entity with interests of its own. FACT that both are live in corporate-law theory. This matters computationally: the nexus view says organizational norms reduce to bilateral agreements (compilable as contracts, 07.7); the entity view says there is irreducible organization-level structure. INFERENCE
- Team-production and property-rights theories (associated respectively with Blair–Stout, and with Grossman–Hart–Moore) locate governance in the problem of who holds residual control rights over non-contractible decisions. FACT that these are established strands. Computationally relevant because they identify the residue that cannot be specified in advance — the incompleteness of contracts (07.7.2).
07.2.3 Six-part analysis: organizational governance (corporate form)
(1) Origin. FACT Corporate governance norms originate from three stacked sources: (a) external company law and securities regulation (the enabling statute that lets the corporate form exist and imposes mandatory rules); (b) the charter/articles and bylaws (the organization's own constitution, adopted by founders/shareholders); (c) board resolutions and internal policies (ongoing internal legislation). INFERENCE Origin is therefore layered: an external legislator authorizes a private legislator (the shareholders/board) to make binding internal norms — a delegated legislative power, structurally identical to the way a constitution authorizes a legislature (cf. Memo 01, Memo 02 on rules of change).
(2) Legitimacy. INFERENCE Legitimacy of corporate authority rests on consent-through-ownership/employment plus legal enablement: shareholders consented by investing, employees by contracting, and the state confers validity through incorporation. In Weber's typology (07.3, Memo 06) this is predominantly rational-legal legitimacy — authority attaches to an office defined by rules, not to a person. FACT re Weber's category. Note the sharp §0.6 distinction: a board resolution can be valid (properly enacted under the bylaws) yet lack legitimacy in employees' eyes and still be efficacious (obeyed) through enforcement. The three come apart routinely.
(3) Enforcement mechanism. FACT Two enforcement layers: external (courts enforcing fiduciary duty via derivative/class litigation; regulators via sanctions; markets via takeover and share-price discipline) and internal (the board's power to fire management; management's power to discipline employees; compliance/audit, 07.8). INFERENCE The internal enforcement chain is the hierarchical sanction — each level can impose consequences on the level below through delegated disciplinary power. This is the organizational analogue of the state's monopoly on force, but bounded: an organization's ultimate sanction is expulsion (termination), not violence. INFERENCE — a structurally important ceiling, contrasted with military doctrine in 07.6.
(4) Mutation mechanism. FACT Corporate governance norms mutate through: charter/bylaw amendment (shareholder vote, high threshold, slow); board resolution (fast, low threshold, bounded scope); policy revision by management (fastest, continuous); and externally, through changes in company law and case-law reinterpretation of fiduciary standards. INFERENCE The mutation rate is stratified by layer — the constitution-like layers mutate slowly and by supermajority, the policy layers mutate continuously by managerial fiat. This stratification recurs throughout the memo and is a key computational feature (07.9).
(5) Hierarchy. FACT /INFERENCE Internal norm hierarchy: company law > charter/articles > bylaws > board resolutions > management policies > procedures. Higher layers constrain lower (a policy contradicting the charter is ultra vires and void). FACT that ultra vires — action beyond conferred power — voids the act. This is a genuine lex superior ordering (cf. Memo 02) internal to the organization.
(6) Conflicts. FACT /INFERENCE Characteristic conflicts: manager–shareholder (agency conflict); majority–minority shareholder (expropriation); shareholder–creditor (risk-shifting); board–management (oversight vs autonomy); and inter-source conflict where external regulation contradicts an internal policy (regulation wins, via validity). Conflict-resolution devices include lex-superior voiding (ultra vires), fiduciary-duty litigation, and voting. INFERENCE Computationally, the recurring conflict type is objective-function divergence between a delegating and a delegated node — the agency conflict — which is the organizational instance of the general delegation problem (07.10).
(7) Computational implications. INFERENCE (i) Governance is representable as a directed authority graph with typed edges (delegation of power) and duty edges running back up. (ii) The agency conflict means every delegation edge carries a residual misalignment that cannot be assumed zero — a compiler must model delegation as lossy (07.10). (iii) The layered mutation rates imply the representation must be versioned per layer, not globally. (iv) Fiduciary duty is an open-textured constraint ("act in the principal's interest") that resists full specification — flagged OPEN as a non-compilable residue that the entity/property-rights theories predict is irreducible.
07.3 Bureaucracy: Weber's rational-legal ideal type as an execution engine
07.3.1 Established consensus
Weber's rational-legal bureaucracy is the most explicitly "computational" model of governance produced by classical social theory. INFERENCE — a claim this memo makes and defends; the content of Weber's ideal type is [FACT.] The ideal-typical features, as associated with Max Weber's account of bureaucracy in Economy and Society:
- Fixed jurisdictional areas ordered by rules — each office has a defined competence. FACT re Weber.
- Hierarchy of offices — a clear super-/subordination, each level supervising the one below. FACT .
- Management by written documents ("the files") — actions are recorded, and the record is authoritative. FACT .
- Expert training — officeholders are selected and qualified by competence. FACT .
- Full working capacity of the official — the office is a full-time vocation. FACT .
- Governance by general, learnable, stable rules — decisions apply rules to cases; discretion is minimized. FACT .
- Separation of office from officeholder — the office and its resources are not the personal property of the incumbent; authority attaches to the position. FACT .
INFERENCE — the central claim of this section Read as a machine, the Weberian bureau is a rule-application engine: it takes a case (an input), matches it against general rules (a program), applies the rule via an officeholder (an interchangeable executor bound to the office's competence), records the result in files (persistent state), and escalates unresolved matters up the hierarchy (an exception/interrupt mechanism). Every feature Weber lists maps onto a property one would demand of a deterministic, auditable computation:
| Weberian feature | Computational reading |
|---|---|
| fixed jurisdiction | typed function domain / scope |
| hierarchy of offices | call stack / escalation path |
| management by written files | persistent, authoritative state log |
| expert training | correct interpreter for the rule-language |
| rules over discretion | determinism; same input -> same output |
| office separate from person | referential transparency (executor is interchangeable; result depends on office+rule, not on who holds it) |
| career + salaried official | decoupling executor's payoff from case outcome (reduces per-case corruption incentive) |
The separation of office from officeholder is the crucial idealization. INFERENCE It is what makes the bureau functionally equivalent to a program: if the output depends only on the rule and the case, not on the identity or mood of the executor, then the human is a substitutable interpreter and the "governance" lives in the rules and files, not in the person. This is precisely the property a compiler needs: referential transparency of the executor. Weber's ideal type is, in effect, an early specification of deterministic, auditable, delegable rule-execution by interchangeable agents. HYPOTHESIS — that this equivalence is exact enough to build on; tested against its known failures immediately below.
07.3.2 Competing theories and the known failure modes (destructive testing, M5)
The ideal type is an ideal type — Weber himself presented it as a limiting case, not a description. FACT re Weber's methodology of ideal types. The literature on its failure modes is a built-in destructive test:
- Bounded rationality and the incompleteness of rules (the position associated with Herbert Simon): real officials satisfice; rules never cover all cases; discretion re-enters at the gaps. FACT that Simon's Administrative Behavior argues administrative decisions are boundedly rational. Computationally: the rule-program has undefined behavior on inputs its authors did not foresee — the organizational analogue of Hart's open texture (Memo 02). INFERENCE
- Goal displacement / "bureaucratic ritualism" (the position associated with Robert Merton's "bureaucratic personality"): following the rule becomes an end in itself, and adherence to procedure defeats the procedure's purpose. FACT re Merton's argument. Computationally: the executable proxy (the rule) diverges from the intent it was meant to refine — a refinement-fidelity failure that recurs at every edge of the Q4 chain (07.9.3). INFERENCE
- Street-level discretion (the position associated with Michael Lipsky's Street-Level Bureaucracy): frontline officials (police, caseworkers, teachers) effectively make policy through the discretion they exercise in applying it. FACT re Lipsky's thesis. Computationally: the actual norm executed is co-produced at the leaf, not fully determined by the higher layers — the pipeline is not a pure top-down refinement. INFERENCE — an important qualification to the compilation analogy, revisited in 07.9.4.
- Informal organization (associated with the Hawthorne studies and the human-relations school): actual behavior is governed by informal norms (Memo 06) that the formal structure does not capture. FACT that informal organization is a well-established empirical finding. Computationally: there is a shadow norm-set running alongside the formal one, and efficacy depends on both. INFERENCE
INFERENCE These four failures share a structure: discretion re-enters wherever the rule under-determines the case. The Weberian machine is deterministic only to the extent the rules are complete, and rules are never complete (Simon, Hart). So the bureau is better modeled as a rule-execution engine with a discretion-filled residual at every leaf — a hybrid of program and human interpreter, not a pure program. This is the single most important qualification the memo makes to the "organization = compiler" analogy.
07.3.3 Open questions
- OPEN Is the discretionary residual (Simon/Lipsky) bounded and characterizable, or is it open-ended? If bounded, a compiler can model it as a typed "escalate to human" exception; if open-ended, the leaf of the pipeline is intrinsically non-executable. This is the organizational form of the open-texture problem (Memo 02) and is not resolved here.
- OPEN Whether "management by files" (the authoritative record) is sufficient to reconstruct the norm actually applied, or whether the informal/tacit layer means the files systematically under-record the operative norm.
07.4 The internal refinement layers: policy, procedure, SOP, work instruction
This section characterizes the internal norm layers between regulation and the individual directive. These are the intermediate representations of the organizational compiler. INFERENCE
07.4.1 Established consensus: the layer taxonomy
The management and quality-assurance literatures (e.g., the document hierarchies used in ISO 9001-style quality systems) converge on a document/norm hierarchy of roughly this shape FACT that such tiered documentation hierarchies are standard in quality-managed organizations; the exact tier names vary by organization:
('We will not launder money.') Stable, board/exec-owned."] PROC["PROCESS / PROCEDURE - the ordered set of activities that realize a policy;
WHO does WHAT in WHAT ORDER, across roles. ('The customer-onboarding process.')
Owned by process owners; medium stability."] SOP["SOP / WORK INSTRUCTION - step-by-step instructions for a specific task by a specific role.
('To verify identity: 1. request document; 2. check against list X; 3. record result in system Y.')
Near-imperative."] REC["RECORD / FORM - the artifact produced by executing the instruction; the evidence.
('KYC verification record #4471.') This is state."] POL -->|"refinement (adds conditions, scope, ownership)"| PROC PROC -->|"specialization (binds steps to specific roles/systems)"| SOP SOP -->|"operationalization (turns steps into observable acts)"| REC
INFERENCE — the load-bearing structural claim of the memo The semantic content of each downward edge is a distinct transformation:
- Policy → Procedure = refinement. The abstract intent is decomposed into an ordered activity flow, adding conditions, exceptions, and role assignments. Nothing measurable yet; still descriptive of what and who.
- Procedure → SOP/Work Instruction = specialization + operationalization. The generic activity is bound to a specific role, tool, and observable act sequence. After this edge the norm is nearly imperative: a list of steps a named role performs, each step an observable operation with a defined output.
- SOP → Record = execution. Performing the instruction produces a persistent artifact — the Weberian "file" — which is the state change the whole pipeline exists to produce, and the object audit later inspects.
This is the point of the memo's central thesis: by the SOP/work-instruction layer, the norm has been ground down to something structurally close to a program. INFERENCE An SOP is an ordered sequence of imperative steps, each with a subject (the role), an operation (the act), operands (the document, the system, the threshold), and a postcondition (the record). That is nearly the definition of an instruction in an imperative language. The deontic modality has largely collapsed to obligation ("you shall do step 3"), and the conditionals ("if the amount exceeds T, then file report R") are ordinary branch instructions. INFERENCE
07.4.2 Standard operating procedures as programs — how far the analogy holds
Where the SOP-as-program analogy is strong INFERENCE:
- Sequencing and branching. SOPs use ordered steps, conditionals ("if X then Y"), and loops ("repeat until Z"). These are directly the control-flow primitives of imperative programming.
- Explicit preconditions/postconditions. Good SOPs state entry criteria and completion criteria — Hoare-triple-like structure (precondition, action, postcondition).
- Determinism as an explicit goal. SOPs exist precisely to remove executor discretion so that different people produce the same output — the referential-transparency goal of 07.3.1, made concrete.
- Versioning and change control. Quality systems require SOPs to be versioned, approved, and dated — the amendment interface the social norms of Memo 06 lacked (contrast 06.13 item 7). This is a genuine, exploitable difference: organizational norms carry explicit version metadata. FACT that document-control / versioning is a standard requirement in quality-managed environments.
Where it breaks INFERENCE — destructive test, M5:
- The "as appropriate" gap. SOPs routinely contain judgment-laden steps ("escalate if suspicious," "use professional judgment," "as appropriate"). These are un-refined predicates — calls to a human oracle. The Lipsky discretion (07.3.2) lives exactly in these gaps.
- Exception handling is underspecified. SOPs are written for the expected path; the branch coverage for anomalies is typically incomplete (Simon's incompleteness, 07.3.2). Real execution routes exceptions up the hierarchy to a human, i.e., the pipeline depends on an escalation interrupt it does not fully specify.
- Semantics are in natural language. The "code" is prose interpreted by a human; two readers may branch differently (Hart's open texture, Memo 02). Determinism is aspirational, not guaranteed.
INFERENCE Net: the SOP layer is the most compilable natural-language norm layer in the entire LNS survey, but it is compilable only up to the discretionary predicates it embeds. A faithful representation is a program with typed holes where each hole is a call to a human (or higher-authority) oracle. This "program-with-holes" model is the memo's recommended representation for the operational layers (07.11, Handoff).
07.4.3 Policy as the "specification" layer
INFERENCE If the SOP is the implementation, the policy is the specification: a statement of intent against which implementations are judged for fidelity. This maps onto a classic software distinction (specification vs implementation) and imports its classic problem: implementation may satisfy the letter of the SOP while violating the policy's intent (Merton's goal displacement, 07.3.2). The gap between policy-intent and SOP-behavior is the organizational refinement-fidelity problem and is, in general, OPEN: verifying that a concrete procedure actually realizes an abstract policy's intent is not mechanically decidable when the intent is stated in open-textured natural language. INFERENCE from the open-texture results imported from Memo 02.
07.4.4 Research opportunities
- Formalize the SOP layer as guarded imperative programs with explicit human-oracle holes; make the holes first-class typed objects (07.11).
- Exploit the native version metadata of organizational documents: unlike social norms, these layers already carry approval, date, and owner — a ready-made provenance and versioning substrate for D1 (07.9).
- Treat policy→procedure refinement fidelity as a verification-condition-generation problem (does the procedure discharge the policy's stated conditions?), accepting that open-textured clauses generate conditions that can only be flagged, not discharged.
07.5 Professional standards and codes
07.5.1 Established consensus
A profession is a self-regulating occupational community that generates and enforces its own binding norms of competence and conduct. FACT that self-regulation, a codified body of knowledge, controlled entry, and a code of ethics are the standard sociological markers of a profession — the trait model is associated with the sociology-of-professions literature. Examples: medicine (licensing boards, standard of care), law (bar admission, professional-responsibility rules), accounting/audit (GAAP/IFRS, auditing standards), engineering (professional-engineer licensure, codes of practice), and increasingly software/security (certification regimes).
Professional norms occupy a distinctive position: they are neither fully external law nor fully internal organizational policy. INFERENCE A physician is bound by professional standards that (a) are generated by a professional body, not the employer; (b) may be incorporated by reference into law (the "standard of care" in negligence) and into employment contracts; and (c) travel with the person across organizations. This makes professional standards a portable, cross-cutting norm-set — a horizontal layer that intersects the vertical Q4 pipeline at the individual role. INFERENCE — structurally important; see 07.10.3.
07.5.2 Six-part analysis: professional standards
(1) Origin. FACT Professional standards originate from a professional body (association, licensing board, standards organization) exercising delegated or assumed authority over a domain of expertise. Origin is typically (a) codification of accumulated expert practice (the "body of knowledge") and (b) deliberate rule-making by committees of practitioners. INFERENCE Unlike legislation (external authority) or contract (bilateral consent), the source is epistemic community + delegated self-regulation — the norm's authority derives partly from claimed expertise.
(2) Legitimacy. INFERENCE Legitimacy rests on a distinctive base: claimed competence/expertise (rational-legal in Weber's sense, but grounded in knowledge rather than office) plus peer consent (members accept the body's authority) plus, often, state delegation (the state grants the profession a monopoly on practice in exchange for self-regulation — the "regulatory bargain"). FACT that many professions hold state-granted practice monopolies conditioned on self-regulation. Note the §0.6 split: a professional standard can be valid within the profession (properly adopted) and legitimate to practitioners yet have no legal validity until incorporated by a court or statute; conversely a rescinded standard may remain efficacious as habit.
(3) Enforcement mechanism. FACT Multi-channel: (a) licensure/disciplinary — the body can suspend or revoke the license to practice (the strongest sanction: exclusion from the occupation); (b) legal — breach of the professional standard of care grounds malpractice/negligence liability in court; (c) reputational — peer and market sanction; (d) organizational — employers enforce professional standards as conditions of employment. INFERENCE The characteristic and unusually powerful sanction is revocation of the right to practice, which is a Hohfeldian disability imposed by the body (removing the member's power to act as a licensed professional).
(4) Mutation mechanism. FACT Standards mutate by committee revision (standards updates, new editions of codes), by incorporation of new scientific consensus (evidence-based practice guidelines), and by case-law that reinterprets the standard of care. INFERENCE Mutation is slower than organizational policy but faster and more centralized than social custom, and it is unusual in being explicitly evidence-driven in the scientific professions — a mutation mechanism closer to "norm generated by optimization/adaptation to evidence" (JD Q3) than to voting or fiat.
(5) Hierarchy. INFERENCE Within the pipeline, professional standards typically sit between external law and internal policy but cut across the vertical hierarchy: they bind the individual professional directly, sometimes overriding an employer's instruction (e.g., a professional-ethics duty to refuse an unlawful or unsafe directive). This produces a genuine dual-authority structure: the professional answers both to the org hierarchy and to the professional body. INFERENCE — the source of a characteristic conflict, next.
(6) Conflicts. FACT /INFERENCE The signature conflict is organizational directive vs professional duty: the employer orders an action the professional's code forbids (an engineer told to approve an unsafe design; an accountant pressured to certify misleading statements; a physician told to under-treat for cost). Professional codes typically assert priority of the professional duty, and law often backs this (whistleblower protections, personal professional liability). INFERENCE Computationally this is a priority conflict between two authority sources binding the same agent — not resolvable by the org's internal lex-superior ordering, because the professional body is outside that ordering. It requires a cross-source priority rule.
(7) Computational implications. INFERENCE (i) Professional standards must be modeled as a cross-cutting norm-set attached to the role/agent, not to the org node — a horizontal binding that the vertical pipeline cannot override by fiat. (ii) They introduce multi-principal delegation: the agent serves two masters with a priority rule between them. (iii) The "standard of care" is an open-textured, evidence-indexed predicate ("what a reasonable practitioner would do") — a non-compilable oracle call, but one that is unusually well-instrumented (guidelines, checklists, evidence bases) and so partly proxy-able. (iv) The evidence-driven mutation mechanism means the norm-set is time-and-evidence indexed: a compiled professional norm must carry the guideline version and evidence date it reflects.
07.5.3 Note: codes of ethics vs codes of conduct
INFERENCE Professional bodies typically issue two related but distinct instruments: a code of ethics (aspirational principles; open-textured; closer to Memo 03 ethics) and a code of conduct/practice (specific prohibited/required acts; closer to compilable rules). The distinction matters computationally: the code of conduct is largely refinable to the SOP layer; the code of ethics is a policy/specification layer whose intent the conduct code is meant to realize, inheriting the refinement-fidelity problem of 07.4.3.
07.6 Military doctrine and command hierarchy
Military organization is the purest instance of imperative, hierarchical norm-execution in the survey, and for that reason it is the clearest natural laboratory for the compilation analogy. INFERENCE It also exhibits, in sharp form, features the civilian organization softens: an unbroken chain of command, the order as a directly binding imperative norm, and a ceiling of sanction (up to and including lethal force and the harshest disciplinary penalties) that civilian organizations lack.
07.6.1 Established consensus: three distinct norm objects
Military governance uses at least three structurally different norm objects that must not be conflated FACT that doctrine, orders, and rules of engagement are distinct instruments in military practice; the analytical separation here is [INFERENCE]:
-
Doctrine — the codified body of how the force fights and operates: standardized principles, tactics, techniques, and procedures. FACT that military doctrine is a published, versioned body of authoritative guidance. Doctrine is not a set of direct orders; it is closer to policy + SOP + a shared operating language — a standardized program library plus a specification of principles. Its function is to make units interoperable and predictable (the referential-transparency goal again: any trained unit executes the doctrine the same way).
-
The order (command) — a directly binding imperative issued by a superior to a subordinate within the chain of command. FACT that lawful orders are binding and that militaries maintain a defined chain of command. An order is the closest thing in the entire LNS survey to a function call: a specific directive, to a specific subordinate, to perform a specific action, now. Its modality is pure obligation (O), its scope is bounded by the issuer's authority and the lawfulness constraint, and its "return" is a report back up the chain.
-
Rules of engagement (ROE) — conditional constraints on the use of force: standing predicates that permit, forbid, or condition action independent of any specific order. FACT that ROE are directives defining the circumstances and limitations for engagement. ROE are guard conditions:
F(engage) unless (conditions C1..Cn hold). They are deontic constraints (mixtures of P/F/O) that bound the space within which orders may be issued and executed.
INFERENCE — a clean computational reading Doctrine is the program library and calling conventions; ROE are the invariants/guards that every action must satisfy; the order is the call; the report is the return value and state update. This is the most program-like decomposition in the survey.
07.6.2 Six-part analysis: military doctrine
(1) Origin. FACT Doctrine originates from a military institution's doctrine-development command/process: codification of operational experience (lessons learned), deliberate design by staff, and adaptation to new technology and threats. Orders originate from commanders exercising delegated command authority; ROE originate from political-military authority (often approved at the highest civilian/command level) and are pushed down. INFERENCE Origin is thus stratified: doctrine from an institutional codification process, ROE from top-level authority, orders from every commander in the chain within their competence.
(2) Legitimacy. INFERENCE Legitimacy is strongly rational-legal (Weber): authority attaches to rank and appointment (the office), not the person, and is ultimately grounded in the state's authority and, in most systems, civilian control of the military. The duty to obey is legitimated by the institution and by law (military justice codes make disobedience of lawful orders an offense). FACT that military legal codes criminalize disobedience of lawful orders. Crucial constraint: legitimacy of an order is conditional on lawfulness — the duty to obey does not extend to manifestly unlawful orders (the position crystallized in post-WWII war-crimes jurisprudence). FACT that "superior orders" is not a complete defense for manifestly unlawful acts under modern international criminal law.
(3) Enforcement mechanism. FACT Enforcement is via a dedicated military-justice system (courts-martial, disciplinary powers) with sanctions ranging up to the most severe the legal order permits, plus the strong informal enforcement of unit cohesion. INFERENCE The enforcement ceiling is far higher than the civilian organization's "expulsion" ceiling (07.2.3), and the immediacy is greater (on-the-spot correction, summary discipline). This is the defining structural difference: the military execution engine has an unusually strong and fast sanction, which raises measured efficacy but does not by itself raise legitimacy (§0.6 distinction preserved).
(4) Mutation mechanism. FACT /INFERENCE Doctrine mutates through periodic revision cycles and post-conflict "lessons learned"; ROE mutate rapidly with the political and operational situation (they can change mission to mission, even hour to hour); orders are ephemeral (issued and discharged). INFERENCE The mutation-rate stratification is extreme here: doctrine is slow and institutional, ROE are fast and situational, orders are instantaneous and single-use. Any representation must accommodate norms whose lifetime and mutation rate differ by many orders of magnitude within one system.
(5) Hierarchy. FACT The chain of command is an explicit, near-total-order authority hierarchy: each level derives authority from the level above and commands the level below; there is (ideally) unity of command (one commander per unit) and no gaps. INFERENCE This is the cleanest lex-superior + delegation lattice in the survey — a genuine hierarchy where the priority of a higher order over a lower one is explicit and where ROE and law sit above even a superior's order (an order cannot lawfully countermand the binding ROE/law constraint).
(6) Conflicts. FACT /INFERENCE Characteristic conflicts: (a) order vs law/ROE — a superior's order that violates ROE or the law of armed conflict (resolved in principle by the lawfulness constraint: the unlawful order is not binding, though this collides with the duty to obey and with real coercive pressure — a genuine hard case); (b) conflicting orders from different superiors (resolved by unity-of-command and by seniority); (c) doctrine vs situation (doctrine is default, not mandatory; commanders may deviate — bounded discretion, the Lipsky point in uniform). INFERENCE The order-vs-law conflict is the sharpest instance in the entire LNS survey of a conflict between an imperative from the delegation hierarchy and a constraint from a higher normative source, and its resolution is not mechanical — it requires the subordinate to judge "manifest unlawfulness," an open-textured predicate under coercion.
(7) Computational implications. INFERENCE (i) The order = imperative call and ROE = guard/invariant decomposition is the single most directly compilable structure in the survey and is the recommended model for the "directive" primitive (07.11). (ii) The lawfulness/ROE constraint shows that even a pure imperative system needs a non-overridable guard layer that the command hierarchy cannot bypass — an argument for representing certain constraints as invariants checked at execution, not as norms the hierarchy can amend. (iii) The "manifestly unlawful order" test is a mandatory human-oracle hole that cannot be compiled away — it is the point where the executor must exercise irreducible judgment, and any faithful model must expose it rather than hide it. (iv) The extreme mutation-rate spread mandates per-norm lifetime/versioning metadata.
07.6.3 Why military governance is the compilation analogy's best case and its clearest limit
INFERENCE Military command demonstrates both directions of the memo's thesis at once. It shows the analogy at its strongest: a real, life-and-death governance system deliberately engineered for deterministic, delegable, hierarchical execution — orders as calls, ROE as guards, doctrine as library. And it shows the analogy's hard limit at its sharpest: the one place the system absolutely cannot make mechanical — the subordinate's duty to refuse a manifestly unlawful order — is a load-bearing, irreducibly human judgment deliberately left in the machine. A system that compiled that away would be not more correct but catastrophically wrong. This is the memo's cleanest evidence that the operational layer is program-with-mandatory-human-holes, not pure program. INFERENCE — flagged for Memo 11 as a concrete falsification thread: 07.13.
07.7 Contracts-as-internal-policy
Memo 05 (Institutional Economics) treats contract as an external, market-facing source of norms between arms-length parties. This memo treats a different aspect: the contract as an internal governance instrument — the employment contract, the service-level agreement (SLA), the operating agreement, and the internally-imposed terms that function as privately legislated policy binding the organization's members and counterparties. INFERENCE — this is the intra-organizational reading; the market-coordination reading is Memo 05's.
07.7.1 Established consensus
A contract is a norm-set created by the consent of parties and enforced (ultimately) by the state, but operating as private law between them. FACT that contracts are enforceable agreements creating obligations between parties. The doctrine that "the contract is the law between the parties" (pacta sunt servanda) makes each contract a miniature legal order the parties impose on themselves. FACT that pacta sunt servanda — agreements must be kept — is a foundational principle across legal traditions.
Inside organizations, contracts do governance work in three modes INFERENCE:
- The employment contract binds the individual into the org hierarchy: it is the root delegation edge by which the organization acquires authority over the employee's actions (the employee consents to follow lawful instructions within scope). INFERENCE — the employment contract is literally the instrument that creates the org's power over the person; it is the base case of the delegation chain of 07.10.
- The SLA / performance contract encodes obligations as measurable predicates with consequences ("99.9% uptime or a service credit of X") — this is contract already written in the KPI idiom (07.8): condition, measurement, consequence. INFERENCE — SLAs are the most near-executable contract form and a bridge to the measurement layer.
- Internal terms/policies incorporated by reference — codes, handbooks, and policies that the employment contract incorporates, so that a policy breach becomes a contract breach. FACT that employee handbooks/policies are commonly incorporated into or made conditions of the employment relationship. This is the mechanism by which internal policy acquires contractual (hence externally enforceable) force.
07.7.2 Six-part analysis: contracts-as-internal-policy
(1) Origin. FACT Origin is consent between parties — offer, acceptance, consideration (in common-law framing) — exercised under a background legal order that supplies default terms and enforceability. INFERENCE Unlike legislation (unilateral authority) or custom (diffuse), the source event is bilateral (or multilateral) agreement, and the norm's content is largely party-authored. This is the paradigm of JD Q3's "norm generated by contract."
(2) Legitimacy. INFERENCE Legitimacy rests on consent — the strongest legitimacy base in liberal legal theory: the parties bound themselves. Note the §0.6 distinctions: a contract term can be valid (formed correctly) yet illegitimate/unconscionable (and hence unenforceable) and separately efficacious or not. The employment contract's legitimacy is complicated by unequal bargaining power — consent is real but constrained — which is why labor law overrides some terms (a mandatory-norm ceiling on private legislation). FACT that labor/employment law imposes non-waivable terms overriding contractual consent.
(3) Enforcement mechanism. FACT Ultimate enforcement is external (courts award damages, specific performance, injunctions). Internal/practical enforcement is by self-help and graduated response: withholding performance, service credits, termination — the org's expulsion ceiling again (07.2.3). INFERENCE The two-tier structure (cheap internal self-help, expensive external adjudication) means most contract norms are enforced without the state, in the shadow of the state — a point Memo 05 develops as "private ordering."
(4) Mutation mechanism. FACT Contracts mutate by amendment/novation (mutual consent), by renewal/renegotiation, and by judicial interpretation that fills gaps and construes ambiguous terms. INFERENCE Mutation requires (in principle) consent of all parties — a unanimity rule sharply different from the majority/fiat mutation of policy (07.2.4). This makes contract-norms rigid between renegotiation points and is a source of the incompleteness problem, next.
(5) Hierarchy. INFERENCE Contracts sit below mandatory law (non-waivable statutory terms override contract) and below the constitution/charter of the org, but above discretionary internal policy where the contract has incorporated specific terms (a policy change cannot unilaterally alter a contracted term). This produces a subtle ordering: mandatory law > contract > default internal policy — and the contract can pin a policy against unilateral change.
(6) Conflicts. FACT /INFERENCE Characteristic conflicts: contract vs mandatory law (law wins; term void); contract vs later policy (contract wins where it governs; the org cannot policy-around a contracted term); incompleteness gaps (the contract is silent on a contingency — the signature problem). Contract law resolves gaps with default rules, interpretation (intent), and doctrines like good faith. INFERENCE
(7) Computational implications. INFERENCE (i) The employment contract is the base delegation edge: model it as the instrument that instantiates the org's authority over an agent, with an explicit scope (lawful instructions within the role) — this scope is the boundary of the whole downstream pipeline's authority over that person. (ii) The SLA/performance contract is already in KPI form (condition → measurement → consequence) and is directly compilable — a ready early target. (iii) Contract incompleteness is the central non-compilability result: it is provably impossible to specify all future contingencies in advance (the position associated with the incomplete-contracts literature of Grossman–Hart–Moore; and, at the limit, undecidability of anticipating all states). A compiler must therefore treat every contract-norm as partial, with an explicit residual-control/gap-filling mechanism (a human-oracle or default-rule hole) — the same program-with-holes shape recurs.
07.7.3 Incomplete contracts and the limit of pre-specification (destructive test, M5)
FACT that the incomplete-contracts literature (associated with Grossman, Hart, and Moore) establishes that real contracts cannot specify all contingencies, which is why residual control rights matter. INFERENCE This is the contractual form of the incompleteness that appears as open texture (Memo 02), bounded rationality (Simon, 07.3.2), and the "as appropriate" gap in SOPs (07.4.2). Across every operational source in this memo, the same wall appears: you cannot fully specify in advance what to do in every future state. The recurring computational consequence is that the operational layer is never a total function; it is a partial function plus a defined fallback to a higher authority or human judgment. INFERENCE — this is one of the memo's two unifying findings; the other is the mutation-rate stratification of 07.9.
07.8 The measurement layer: MBO, OKRs, KPIs — operationalization into measurable predicates
07.8.1 Established consensus
Management-by-objectives and its descendants (OKRs, KPIs, balanced scorecards) are the machinery that converts qualitative directives into quantitative, measurable targets. FACT that management-by-objectives is associated with Peter Drucker's The Practice of Management (1954); OKRs are associated with Andrew Grove at Intel and their later spread; the balanced scorecard is associated with Kaplan and Norton. The shared operation across all these techniques is operationalization + measurement: take a directive ("improve customer satisfaction") and bind it to (a) a metric (an observable, quantifiable variable), (b) a target (a threshold on the metric), and (c) a review cadence (when compliance is checked). INFERENCE
INFERENCE — central to the memo's thesis The KPI is the terminal, near-executable form of a norm. It is a predicate over an observable state, attached to a responsible agent, evaluated on a schedule, with a consequence (reward/sanction) attached to the evaluation. That is almost exactly a monitored assertion in a running program: assert(metric(role) satisfies target) at each review; else trigger consequence. By the KPI layer, the deontic content (O/P/F) has been fully reduced to a checkable condition plus a consequence — the point of maximal compilability in the whole LNS survey. INFERENCE
07.8.2 The operationalization gap and its pathologies (destructive test, M5)
The reduction from directive to metric is lossy, and the loss is well-documented INFERENCE that these are instances of one phenomenon:
- Goodhart's law (the position associated with Charles Goodhart, and the sharpened formulation associated with Marilyn Strathern): when a measure becomes a target, it ceases to be a good measure. FACT that this is the standard statement of Goodhart's law. The metric is a proxy for the intent; optimizing the proxy diverges from the intent.
- Surrogation (the management-accounting term): decision-makers mistake the metric for the objective, losing sight of the intent the metric was meant to represent. FACT that surrogation names this substitution.
- Metric gaming / perverse incentives: agents optimize the measured quantity by means that defeat the underlying goal (the classic "hit the target, miss the point"). FACT that measurement-driven gaming is a well-documented phenomenon across sectors.
INFERENCE All three are forms of the refinement-fidelity failure first named at 07.4.3: the executable proxy (metric/target) diverges from the abstract intent (directive/policy) it refines. This is the same wall as incomplete contracts and open texture, now appearing at the measurement edge. It has a precise computational statement: operationalization maps an intent to a proxy, and the map is generally not intent-preserving; optimizing the proxy does not optimize the intent (this is the alignment problem in its organizational form). INFERENCE — explicitly connects the organizational measurement problem to the specification/alignment problem in computing.
07.8.3 Why this layer is nonetheless the compiler's best friend
INFERENCE Despite the fidelity gap, the KPI/OKR layer is the most valuable to D1/D2 for a concrete reason: it is the layer where the organization has already done the work of producing observable predicates and consequences. The compiler does not have to invent measurement; organizations manufacture it continuously. The KPI layer therefore supplies (a) ready-made executable postconditions, (b) ready-made review cadences (the enforcement clock), and (c) ready-made attribution (which role owns which predicate). The compiler's job at this layer is not to build the predicates but to (i) carry the provenance chain linking each KPI back up to the policy/regulation it refines, so surrogation is detectable, and (ii) flag the fidelity gap rather than assume it is zero. INFERENCE — Handoff item.
07.9 Compliance and audit as the internal enforcement organ
07.9.1 Established consensus
Compliance and audit are the organization's internal detection-and-sanction machinery — the enforcement mechanism of the whole pipeline. INFERENCE In the §0.6 vocabulary, if policies/SOPs/KPIs are the norms, compliance/audit is the enforcement mechanism: it detects deviation and applies (or triggers) consequences. The standard architecture is the "three lines" model FACT that a three-lines-of-defense model is a widely adopted internal-control framework, associated with the internal-audit profession:
| Line | Function |
|---|---|
| 1st line: OPERATIONS | own and manage risk; execute controls in the SOP |
| 2nd line: COMPLIANCE/RISK | set control standards, monitor, advise |
| 3rd line: INTERNAL AUDIT | independent assurance that lines 1 and 2 work |
| (external): AUDITORS/REGULATORS | independent external verification |
INFERENCE This is a layered verification architecture: execution, then monitoring of execution, then assurance of the monitoring, then external attestation. It is structurally a stack of checkers, each verifying the layer below, terminating in an external oracle (regulator/external auditor).
07.9.2 Audit as verification against a specification
INFERENCE — a clean computational reading An audit is a conformance test: it takes the records (the Weberian files, the state produced by execution) and checks them against the control specification (the policy/procedure/regulation). Its logical form is: for each required control, gather evidence (records), and assert that the observed state satisfies the specified norm. An audit finding is an assertion failure; a control is a runtime check embedded in the SOP; audit is deferred, sampled verification of those checks.
Two consequences INFERENCE:
- Audit relies on the record layer being faithful. If execution does not produce truthful records (the "management by files" assumption of 07.3.1 fails), audit verifies a fiction. The integrity of the state log is the precondition for the whole enforcement architecture — an argument for tamper-evident, provenance-carrying records at the execution layer.
- Audit is sampled, not total. Real audit checks a sample, not every case — it is probabilistic verification under cost constraints. Enforcement efficacy is therefore stochastic (detection probability < 1), which reconnects to the deterrence model of enforcement (Memos 01/05): compliance is driven by expected sanction = detection probability × penalty. INFERENCE
07.9.3 Established consensus / open question: does enforcement close the loop?
INFERENCE Compliance/audit is what makes the pipeline a closed control loop rather than an open-loop refinement: the record produced at execution flows back up to be checked against the norm, and deviations trigger correction (of the actor, or of the norm). This is the operational-layer feedback loop that Memo 09 generalizes. But whether the loop actually corrects to the intent (vs merely to the metric) is exactly the Goodhart/surrogation problem (07.8.2): audit can confirm the KPI was hit while the policy intent was missed. OPEN Whether internal enforcement can be designed to detect intent-divergence and not merely metric-divergence is unresolved and is a direct instance of the alignment problem.
07.10 The Q4 dependency chain: full diagram with transformation semantics
This section is the memo's structural centerpiece. It presents the complete Regulation → … → KPI → action chain that this memo owns, annotates the semantic transformation at each edge, and marks which layers are already near-executable. The upstream portion (politics → constitution → law → regulation) is owned by Memo 01 and shown here in compressed form only to locate the entry point.
07.10.1 The full operational pipeline
07.10.2 The five edge-semantics, named
The pipeline is defined by exactly five downward transformation types plus one back-edge INFERENCE — this enumeration is the memo's proposed edge taxonomy for D1:
- RECEPTION+REFINEMENT (Regulation → Policy). Import an external norm; restate as internal intent; add scope and owner. Meaning-preserving in aspiration, lossy in practice.
- REFINEMENT (Policy → Procedure). Decompose intent into ordered, conditional activity across roles. Adds structure, not yet measurement.
- SPECIALIZATION + OPERATIONALIZATION (Procedure → SOP). Bind generic steps to specific role/tool/threshold/observable act. The norm becomes near-imperative here.
- ATTRIBUTION (SOP → Job Description). Bundle obligations/powers and bind them to a position (Weberian office, not person). Creates the delegation edge and the scope of authority.
- OPERATIONALIZATION + MEASUREMENT (Job Description → KPI). Bind obligations to observable metrics + targets + cadence + consequence. Deontic content reduces to a checkable predicate.
- EXECUTION (KPI → action → record) and the ENFORCEMENT back-edge (record → audit → correction of actor or norm). Closes the control loop.
INFERENCE Two of these edges — operationalization (3 and 5) — are where measurable, checkable content is introduced, and they are precisely the edges where refinement fidelity is lost (Goodhart, surrogation, "as appropriate" gaps). The compiler's highest-value intervention is at these two edges: carry the provenance link across them and flag the fidelity gap (07.11).
07.10.3 Which layers are already near-executable
A judgment, layer by layer INFERENCE throughout, with the reasoning exposed for audit per M1:
| Layer | Executability | Why |
|---|---|---|
| Regulation | LOW | abstract, open-textured, meaning-heavy |
| Policy | LOW | intent-level; "why", not "how"; open texture |
| Procedure | MEDIUM | ordered flow + conditionals, but prose, role-generic, discretion predicates remain |
| SOP / Work Instr. | HIGH* | imperative steps, branches, pre/postconds; *HIGH except at human-oracle "holes" |
| Job Description | MEDIUM-HIGH | structured bundle of obligations+powers+scope; the scope/authority part is crisp, the duty content inherits the SOP's holes |
| KPI / Key Result | VERY HIGH | predicate over observable state + agent + clock + consequence = a monitored assertion |
| Order (military) | VERY HIGH | imperative call; guarded by ROE/law |
| ROE | HIGH | standing guard predicates (P/F/O) |
| SLA/perf. contract | HIGH | condition -> measurement -> consequence (contract already in KPI idiom, 07.7.1) |
| Fiduciary duty | VERY LOW | open-textured "act in principal's interest" |
| Standard of care | LOW-MEDIUM | open-textured but instrumented (guidelines) |
INFERENCE — the headline The bottom of the pipeline (SOP, KPI, order, ROE, SLA) is already near-executable; several forms (KPIs, SLAs, ROE-as-guards, orders-as-calls) are deliberately authored to be machine-checkable or machine-executable and in many organizations already are literally implemented in software (workflow engines, monitoring/alerting systems, access-control policies, automated compliance checks). The top of the pipeline (regulation, policy, fiduciary duty) is not executable and is the specification the executable layers are meant to realize. The pipeline is therefore a real, operating instance of compilation from an under-specified high-level intent to an executable low-level artifact — with the caveat, established repeatedly above, that the compilation is lossy at the operationalization edges and incomplete at the discretion holes. INFERENCE
This is why the memo characterizes the organizational layer as the compilation-target half of the stack: it is where the field's target — executable governance — already partially exists, engineered by organizations for their own reasons, and the compiler's task is less to create executability than to connect it faithfully to the intent above it and verify the connection.
07.11 Delegation and the chain of authority (the transverse structure)
The Q4 pipeline of 07.10 is the vertical refinement of norm content. Cutting across it is a second structure: the delegation of authority over persons — the chain by which the organization's power to command reaches a specific agent. INFERENCE The two are distinct: 07.10 refines what must be done; delegation allocates who may command whom to do it.
07.11.1 Established consensus
Authority is delegated down a chain, and responsibility is (in principle) retained up it. FACT that the delegation-of-authority-with-retained-responsibility principle is a standard tenet of organization theory and public administration. The canonical asymmetry: authority can be delegated; ultimate responsibility (accountability) cannot. FACT that this is the classical statement, associated with classical administrative theory. Each delegation edge:
INFERENCE In Hohfeldian terms, delegation is the transfer of a power (to bind the org, to command) bounded by a scope, while the duty to answer for outcomes runs back up. The employment contract (07.7.1) is the base delegation edge that first attaches an agent to the chain; the job description (07.10) is the content of what is delegated to that agent's position.
07.11.2 Delegation is lossy — the transverse form of the fidelity problem
INFERENCE The principal–agent gap (07.2.1) means every delegation edge carries misalignment: the subordinate's objectives are not identical to the superior's, and information is asymmetric. So delegation, like operationalization, is lossy: authority transmitted down does not perfectly carry the delegator's intent. This is the same fidelity wall as Goodhart (07.8.2) and incomplete contracts (07.7.3), now on the authority axis rather than the content axis. INFERENCE The memo's unifying observation: both axes of the organizational compiler — content refinement and authority delegation — are lossy at every edge, for the same underlying reason: the impossibility of fully pre-specifying intent across an interface between non-identical agents.
07.11.3 Scope, ultra vires, and the containment of delegated power
FACT Delegated authority is bounded by scope; action beyond scope is ultra vires and void (07.2.6). INFERENCE Scope is the type signature of the delegation edge: it defines the domain over which the subordinate's exercise of power is valid. This gives the compiler a crisp, checkable structure — did the action fall within the delegated scope? — which is decidable when scope is well-specified, and is one of the more compilable elements of the whole layer. The professional-standards cross-cut (07.5) complicates it: an agent may be bound by an out-of-hierarchy authority (the professional body) whose duty can override an in-scope order — the multi-principal problem (07.5.2), which scope alone cannot resolve.
07.12 Computational synthesis and the four standing categories
07.12.1 Norm-generation behaviors contributed to the Q3 taxonomy
This memo supplies several generation behaviors to the cross-source taxonomy assembled in Memo 10 INFERENCE — provided for that memo to aggregate:
- Norm generated by authority/fiat — a superior issues a policy or order; validity derives from the issuer's delegated power, not from consent or content. (Policy, order.)
- Norm generated by refinement — a lower norm is derived from a higher one by decomposition; its authority is borrowed from the parent norm. (Policy→procedure→SOP.) This is a generation mode largely unique to the organizational layer and is the mode the compilation analogy targets.
- Norm generated by operationalization/measurement — a qualitative directive is converted into a measurable predicate + target. (KPI/OKR.) Authority borrowed from the directive; content introduced by the choice of metric (and thereby corruptible — Goodhart).
- Norm generated by contract/consent — bilateral agreement (employment contract, SLA). (Shared with Memo 05, distinct intra-org reading here.)
- Norm generated by codification of expertise — professional standards distilled from a body of knowledge and evidence; a hybrid of authority and optimization-to-evidence.
07.12.2 Established consensus (within this memo's domain)
- Organizations are simultaneously norm-receivers (executing external law) and norm-generators (internal policy). FACT /INFERENCE
- Internal norms are stratified into layers (policy → procedure → SOP → work instruction) with decreasing abstraction and increasing operational specificity. FACT that tiered norm hierarchies are standard practice.
- The Weberian rational-legal bureau — offices, rules, files, hierarchy, office/person separation — is the dominant execution model and is engineered for deterministic, delegable, auditable rule-application. FACT re Weber's content.
- Authority is delegated down a bounded scope; accountability is retained up; out-of-scope action is void. FACT re classical administrative theory.
- Compliance/audit is a layered verification architecture (three lines + external) that closes the pipeline into a control loop. FACT that layered internal-control models are standard.
- The bottom of the pipeline (SOP/KPI/order/ROE/SLA) is near-executable and frequently already implemented in software. INFERENCE , strongly supported by observed practice.
07.12.3 Competing theories (live disagreements, not adjudicated)
- Shareholder primacy vs stakeholder theory: scalar vs vector objective function (07.2.2).
- Nexus-of-contracts vs entity theory of the firm: whether org norms reduce to contracts or have irreducible entity-level structure (07.2.2) — bears directly on whether the org layer is compilable as contracts.
- Rule-determinism (idealized Weber) vs discretion-primacy (Simon/Lipsky/Merton): whether the bureau is a program or a program-plus-irreducible-human-residual (07.3). This memo takes the hybrid position but flags the disagreement.
- Formal vs informal organization: whether the operative norm-set is the documented one or the shadow one (07.3.2) — determines whether the compilable artifacts capture the norms that actually govern.
07.12.4 Open questions
- OPEN Is the discretionary residual at the SOP/order leaf bounded and typeable, or open-ended? (07.3.3, 07.6.2.) Determines whether "human-oracle holes" are a finite, modelable interface or an unbounded escape hatch.
- OPEN Can operationalization (directive→metric) ever be made intent-preserving, or is Goodhart divergence irreducible? (07.8.2.) This is the organizational alignment problem.
- OPEN Can internal enforcement detect intent-divergence, not merely metric-divergence? (07.9.3.)
- OPEN Can refinement fidelity (does this procedure realize this policy's intent?) be mechanically verified when intent is open-textured? (07.4.3.) Imported from Memo 02's open-texture result; not resolved.
- OPEN How to represent multi-principal binding (org hierarchy vs professional body) and its priority rule when the two authorities are not in one lex-superior ordering. (07.5.2.)
- OPEN Whether the "management by files" record layer faithfully captures the operative norm, given informal organization and possible record-falsification. (07.3.3, 07.9.2.)
07.12.5 Research opportunities (for D1/D2)
- Model the operational layers as guarded imperative programs with typed human-oracle holes (07.4.2, 07.6.2, 07.7.3): a uniform representation that captures how far each layer is compilable and marks exactly where it is not.
- Make the edge-semantics of 07.10.2 first-class: tag every refinement/specialization/operationalization/attribution/measurement edge with its type, and carry a provenance link across it so any leaf directive can be traced to the regulation it descends from — enabling surrogation/goal-displacement detection.
- Exploit the layer's native version + owner + date metadata (07.4.2) as a ready-made provenance and change-control substrate — a genuine advantage over the social layer (Memo 06).
- Treat KPIs/SLAs/ROE/orders as the compilable core and build the executable substrate there first (workflow, monitoring, access control are the existing implementations to interface with).
- Represent delegation as lossy, scoped power transfer (07.11): typed by scope (checkable ultra vires), carrying retained-accountability edges upward, and carrying an explicit misalignment residual.
07.13 Falsification threats staged for Memo 11
This memo hands the adversarial memo several sharpened, falsifiable threats aimed at the operational-layer form of the computability assumption. Stated so Memo 11 can attempt to break the assumption without this memo defending D0 (§0.2).
-
The manifestly-unlawful-order hole (Arendt/war-crimes jurisprudence read operationally). The best-engineered execution engine in the survey — military command — deliberately leaves an irreducibly human judgment at the leaf (refuse the manifestly unlawful order) and would be catastrophically wrong to remove it (07.6.3). Threat: the operational layer's most critical norm is by design non-executable. Falsified if "manifest unlawfulness" (or its civilian analogues) can be reliably discharged by a mechanical procedure without loss.
-
Goodhart/surrogation as an irreducible operationalization loss (07.8.2). Every operationalization edge maps intent to a proxy, and optimizing the proxy provably diverges from the intent in general. Threat: the very act of making a norm measurable (hence compilable) corrupts it. Falsified if an intent-preserving operationalization procedure exists for non-trivial open-textured directives.
-
Incomplete contracts / bounded rationality (07.3.2, 07.7.3). It is impossible to pre-specify the correct action in every future state, so the operational layer is never a total function; it always falls back to residual human judgment. Threat: the leaf of the pipeline is intrinsically partial. Falsified if the residual can be shown to be bounded and fully specifiable for a target domain.
-
Informal organization / faithfulness of the record (07.3.2, 07.9.2). The compilable artifacts (documents, files) may systematically fail to capture the norms that actually govern behavior. Threat: the compiler compiles the formal shadow, not the operative norm. Falsified if the operative norm-set is reliably recoverable from the formal record.
INFERENCE These four threats share the structure identified throughout the memo: they are all instances of the impossibility of fully pre-specifying intent across an interface between non-identical agents (07.11.2). Memo 11 should treat this as a single deep threat with four organizational faces, distinct from the Luhmann (external computability of law) and Foucault (neutrality of the machine) threats staged by Memo 06.
07.14 Handoff to D1/D2
Concrete implications for the compiler architects (all INFERENCE from this memo unless noted). This is the compilation-target half of the stack; these are the most directly actionable handoffs in the series.
-
Adopt the five-edge refinement pipeline as D1's operational spine (07.10). Regulation → Policy → Procedure → SOP → Job Description → KPI → action, with the six named edge-semantics (reception+refinement, refinement, specialization+operationalization, attribution, operationalization+measurement, execution) plus the enforcement back-edge. Make each edge a typed transformation, not an opaque link.
-
Carry a provenance link across every edge. Each leaf directive (KPI, SOP step, order) must be traceable up to the regulation/policy it descends from. This is what makes surrogation and goal-displacement detectable (07.8.2, 07.9.3): if a KPI cannot be traced to a live parent intent, flag it. Provenance is the single highest-value structure this layer offers.
-
Represent the operational layers as guarded imperative programs with typed human-oracle holes (07.4.2, 07.6.2, 07.7.3). SOPs, orders, and procedures are compilable up to their discretion predicates ("as appropriate," "if suspicious," "manifestly unlawful"). Model each such predicate as a first-class, typed call to a human (or higher-authority) oracle — never silently compile it away. The holes are load-bearing (07.6.3).
-
Treat KPIs/SLAs/ROE/orders as the compilable core and build there first. KPI = predicate-over-state + agent + review clock + consequence = a monitored assertion (07.8.1). SLA = condition→measurement→consequence, already in KPI form (07.7.1). ROE = standing guard predicates (07.6.1). Order = imperative call bounded by guards (07.6.1). These forms are frequently already implemented in software; D2's job is to interface with existing workflow/monitoring/access-control substrates, not to reinvent execution.
-
Model operationalization as explicitly lossy and flag the fidelity gap (07.8.2). The directive→metric map is generally not intent-preserving (Goodhart/surrogation = the organizational alignment problem). Do not assume the KPI equals the policy. Carry a fidelity-uncertainty annotation on every operationalization edge; never treat a satisfied metric as a satisfied intent.
-
Model the Weberian office as the unit of referential transparency (07.3.1). Bind norms to positions, not persons; the executor is interchangeable. This is exactly the property that lets a human executor be swapped for software without changing the norm — the cleanest bridge from the human execution engine to an automated one. But retain the discretionary residual (07.3.2): the office is a rule-interpreter with holes, not a pure function.
-
Represent delegation as scoped, lossy power transfer with retained accountability (07.11). Scope is the type signature of a delegation edge; out-of-scope action is void (ultra vires) and is decidable when scope is well-specified — a compilable check. Carry accountability edges upward separately from authority edges downward. Model the principal–agent misalignment as a non-zero residual on every edge.
-
Support multi-principal binding with an explicit cross-source priority rule (07.5.2, 07.11.3). An agent bound by both the org hierarchy and an out-of-hierarchy professional body (whose duty can override an in-scope order) cannot be resolved by internal lex-superior alone. D1 needs a priority mechanism between authority sources that are not in a single hierarchy.
-
Reuse the layer's native version/owner/date metadata as the provenance and change-control substrate (07.4.2). Unlike social norms (Memo 06), organizational norms already carry approval, version, effective-date, and owner. Ingest these directly; they solve the staleness/versioning problem that the social layer could not.
-
Model enforcement as layered, sampled (probabilistic) verification against a specification (07.9). Compliance = runtime checks embedded in SOPs; audit = deferred, sampled conformance testing of the record layer against the norm spec; the record (Weberian file) is the state whose integrity is the precondition for all enforcement. Design the record layer to be tamper-evident and provenance-carrying, or audit verifies a fiction.
-
Accommodate extreme per-norm mutation-rate stratification (07.2.4, 07.6.2). Within one system, doctrine/charter mutate slowly by supermajority; policy mutates continuously by fiat; ROE mutate hour-to-hour; orders are single-use. Version per layer/per norm, never globally, and carry each norm's lifetime and mutation authority as metadata.
-
Preserve the non-overridable guard layer (07.6.2). Some constraints (ROE, law, mandatory statutory terms, fiduciary duty) must sit above the command/policy hierarchy and be checked at execution — the delegation chain must not be able to amend them away. Represent them as invariants enforced at the execution edge, distinct from the amendable norms below.
-
The safe residue this layer contributes to the Memo 12 interface: (a) the five typed refinement edges as a compilation model; (b) the office/position as the unit of referential transparency; (c) scope as a decidable type signature on delegation; (d) KPI/SLA/ROE/order as near-native executable norm forms; (e) provenance links as the mechanism for fidelity tracking. Everything above the SOP layer (policy, regulation, fiduciary duty, standard of care) enters as open-textured specification whose realization the executable layers can be checked against but not proven to satisfy — the refinement-fidelity residue that this memo, with Memos 02 and 06, hands forward as OPEN.
End of Memo 07. Cross-references: Memo 01 (upstream half of the Q4 chain: politics → constitution → law → regulation; political generation of law), Memo 02 (open texture, rules of change, lex superior, hard cases — the source of the refinement-fidelity and discretion residues), Memo 03 (codes of ethics as open-textured specification), Memo 05 (contract as market coordination; private ordering; incomplete contracts; principal–agent economics), Memo 06 (informal organization, social/shadow norms, legitimacy vs validity vs efficacy, professional norms as social norms), Memo 08 (standards bodies and regulation as international/cross-org sources), Memo 09 (the enforcement control loop and mutation dynamics generalized), Memo 10 (norm-generation behaviors: authority, refinement, operationalization, contract, codification-of-expertise), Memo 11 (falsification: the manifestly-unlawful-order hole, Goodhart/surrogation, incomplete contracts, informal organization), Memo 12 (the invariant interface: typed refinement edges, office-as-referential-transparency, scope-as-type, executable norm forms, provenance).