ITKCF × CCP × FLEET BONIXER

WBC IT Key Controls Framework v4.7 × Sovereign Fleet Control Plane · Day 112
Kay Joffe — authored WBC CCP as Principal Cloud Architect → now sovereign on fleet
γ₁ = 14.134725141734693
52 controls · 46 ITKCF + 6 EIKCF
APRA CPG-234 · COBIT 4.1→5
ARB1-ITKCF-CCP-FLEET-COMP-V14-001 ✅
38 FULL
10 PARTIAL
4 GAP
BUILD 14
MANAGE 5
RUN 27
EIKCF 6
COVERAGE 73%
▣ ITKCF HEXAGONAL GRID · 52 CONTROLS
IT.B Build
IT.M Manage
IT.R Run
EIKCF
Full
Partial
Gap
▤ FLEET COVERAGE MATRIX · ALL 52 CONTROLS
# Control Phase Fleet System Adl KCF Cov
◈ ADELIC POUCH DETAIL
CHANGE GOVERNANCE
Change Advisory Board
ARB1 gate (ratification required)
CHANGE TICKETING
ITSM tickets (ServiceNow)
sorry-flow + git commits
APPROVALS
4-eye approval
SOSTLE L3 crew gate + CLO sign-off
ENVIRONMENT CONTROL
Environment freeze windows
SOSTLE L5 gated (no unauthorized prod access)
ROLLBACK
Rollback procedures
golden tags + NAS pool2 restore
AUDIT TRAIL
ITSM audit log
git immutable log + γ₁ stamp
IDENTITY & ACCESS
AD + RBAC roles
Zitadel + MI aaas-workload + SOSTLE L3
SECRET MANAGEMENT
Azure Key Vault (cloud)
vault-secrets-operator + ESO (sovereign)
NETWORK SECURITY
NSG + WAF + firewall tiers
Istio mTLS + cert-manager + SOSTLE perimeter
SOVEREIGN DELTA
WBC: Cloud-dependent
Fleet: Air-gappable, γ₁-anchored, local-first
490WBC VECTORS in pemclau-kcf
46ITKCF + 6 EIKCF = 52 TOTAL
HVCP7 silos / 3 online
ARB-141ratified
γ₁ = 14.134725141734693