—— 06 Subsystem: Knowledge Query & Self-Learning/04 Procedure: Drive & GitHub Navigation Guide.md ——§
DraftSOP · Procedure · KQ-SOP-4 — Digital-Stack Navigation Guide · 2025-05-15-r1§
First full draft – replaces the earlier “Drive & GitHub Navigation” placeholder with a hands-on tour of the entire Solo-Team tool stack (Drive, Trello, Clockify, Insightful, Telegram, Ops Sheet).
Big-Picture Overview§
| Block | Content |
|---|---|
| Purpose & Scope | Hand newcomers a one-stop atlas that answers three questions: ① Where do I click? (boards, drives, sheets, chats) ② What lives there? (rules, tasks, evidence, approvals) ③ How do the pieces snap together? (daily loops & data hand-offs) The guide is read-only training material referenced by onboarding checklists, /map and /drivepath bot commands, and the Self-Help Checklist. |
| Map / Flow | Start here → skim Digital-Stack Map (ASCII) → jump to the tool section you need (Drive · Trello · Telegram · Clockify · Insightful · Ops Sheet) → use quick-nav tips & “What to store / NOT store” tables → follow cross-links back into live SOPs. |
| Roles / RACI | Freelancer Operator R · Systems-Ops Lead A · Ops Manager C · GPT Assistant I |
| KPIs | 100 % operators complete atlas during Day-0 onboarding · < 2 support questions per operator in Week 1 about “where do I find …?” |
| Tools | Google Drive (Shared Drives) · Trello workspaces & boards · Telegram folders & bots · Clockify · Insightful · Ops Google Sheet |
| Risks | Docs drift from reality · Sensitive folders exposed by mistake · Operators save files in wrong Drive branch |
| Controls | • Quarterly System-Retro verifies atlas diagrams (SOP SYS07-Retro). • Drive ACL & GPT /drivepath lookup exclude 00-ADMIN & HR. |
Quick ASCII Map of the Digital Stack§
┌───────────────────┐ ┌───────────────────┐
│ 01-SYSTEMS Drive │<─SOPs──┐ │ 02-OPERATIONS │
│ (Markdown LIVE) │ │ │ Drive (assets) │
└─────────┬─────────┘ │ └─────────┬─────────┘
│ │ │ (png proof, reports)
│ │ │
▼ │ ▼
┌──────────────┐ cards │ ┌───────────────────┐
│ Trello Boards│──────────┘ │ Ops Google Sheet │
│ • Personal │ (row evidence) │
│ • Ops Team │<──────────reports───────────────┘
└──────┬───────┘
│ 🔴 / ✅
▼
┌────────────────┐
│ Telegram bots │
│ & channels │
└────────────────┘
(a cleaner SVG lives in the repo; bot /map shows this diagram)
Section Cheat-Sheet§
| Tool | Where it lives / how to open | What you store / do here | What never lives here | Quick-nav / pro-tip |
|---|---|---|---|---|
| Google Drive Shared Drives |
Chrome → drive.google.com → “Shared Drives” | • LIVE Markdown SOPs (01-SYSTEMS/01-SOPs-&-Playbooks/) • Reference diagrams & templates |
Finance PDFs (→ 00-ADMIN) | Star the folders you visit daily (Shift+S). |
| Personal Trello board | Operators Hub workspace → board named OP-<Name> |
Inbox / Q1-Q3 lists, Daily Hygiene, Blocked | Channel tasks (they stay on Ops board) | B key → instant board switcher. |
| Operations Trello board | Channel Ops workspace (<Channel> Ops) |
Ready ⏳ cards to copy into Personal | Personal backlog | Right-click card → “Copy → My Board”. |
| Ops Google Sheet | Link inside Ops board Read-Me card | Row-level process data, auto KPI formulas | Personal notes | Ctrl+/ opens sheet search by named range. |
| Clockify | Desktop app / web dashboard | Timers tagged with card link or SOP step | Idle 1 h+ chunks (split & label) | Alt+C hotkey → quick start. |
| Insightful | Agent in taskbar | 30-sec screenshots (idle guard 1 min desktop / 5 min mobile) | Personal browsing | Green status = recording ok; red ▶ restart agent. |
| Telegram folders | Ops, Reports, Systems | 🔴 alerts, Daily Digest, approvals, system updates | Long discussions (use Slack or call) | Pin /help bot message for command list. |
Detailed SOP — Navigation & Best-Practice Walk-through§
(6 bullet sections; ≤ 7 bullets each)
-
Drive Orientation (Markdown SSOT)
-
Open
01-SYSTEMS→01-SOPs-&-Playbooks. - Use 🔍 Drive search with
type:markdown SOP04. - Copy path (
⇧Z) to reference in PRs. - View-only outside
OP-<Name>and02-OPERATIONS. -
NEVER drag files out of shared drive (breaks links).
-
Personal & Ops Boards
-
Personal board WIP caps; Ops board is the source of truth for team work.
- Copy flow: Ops card → Personal Inbox → Q1 Doing.
- Butler mirrors 🔴 cards to Blocked list.
-
Archive done cards Monday 08:00 (auto).
-
Ops Google Sheet
-
Tabs: Input, KPI, Exceptions.
- Row status drives badge on Ops card.
-
If sheet row needs follow-up → paste link in Trello comment, not a new card.
-
Clockify + Insightful … (existing TT-SOP-1 rules condensed)
-
Telegram Traffic Rules … (Digest, Blocker, Kaizen, Systems Kitchen)
-
Troubleshooting & Gap Escalation … (points to Self-Help Checklist & Gap-Patch PR)
WGLL (Navigation)§
| ❌ Miss | ✅ Meets | ⭐ Exceeds (shareable win) |
|---|---|---|
| Saves files in wrong drive / asks mgr | Uses guide → finds correct spot unaided | Posts new /drivepath suggestion PR |
| Copies Ops card but leaves link broken | Card copied with back-link & moved to Q1 | Adds "Copied-by:<name>" label for metrics |
| Time entry w/out link | 100 % timers include card/SOP link | Proposes Clockify workspace tag automation |
ArchitectureSnapshot JSON (excerpt, new r1)§
{
"version_id": "2025-05-15-r1",
"system_level": "Procedure",
"lifecycle_state": "DraftSOP",
"target_name": "KQ-SOP-4 – Drive & Digital-Stack Navigation Guide",
"parent_name": "Knowledge Query & Self-Learning",
"last_updated": "2025-05-15T01:20:00Z",
"overview": {
"purpose": "Give operators a single atlas of all tools (Drive, Trello, Telegram, Clockify, Insightful, Ops Sheet) and show how data flows between them.",
"flow": [
"Open atlas (markdown)",
"Review ASCII map then jump to needed tool section",
"Follow quick-nav table and rules of what to store / avoid",
"If location unclear run /drivepath or /map in GPT",
"If still lost escalate via Self-Help Checklist & Knowledge-Gap tag"
],
"roles": ["Freelancer Operator","Systems-Ops Lead","Ops Manager"],
"kpis": [
"Day-0 atlas completion 100%",
"Week-1 'where is X' questions <2 per operator"
],
"tools": [
"Google Drive Shared Drives",
"Trello workspaces",
"Telegram channels",
"Clockify",
"Insightful",
"Ops Google Sheet"
],
"risks": [
"Docs drift from stack changes",
"Misplaced evidence",
"Exposure of admin paths"
],
"controls": [
"Quarterly Doc ↔ Stack audit",
"drive_paths.yml whitelists safe directories"
],
"doc_link": "Drive:/01-SYSTEMS/Knowledge/KQ-SOP-4_Digital_Stack_Navigation_v0.1.md"
}
}
(procedure_core to be authored after sign-off on content outline.)
— End of KQ-SOP-4 r1
—— 06 Subsystem: Knowledge Query & Self-Learning/05 Procedure Transcript Digest & Actions.md ——§
—— 06 Subsystem: Knowledge Query & Self-Learning/06 Procedure: Gap Flag & Patch Workflow.md ——§
Below is everything that’s already defined (or implicitly agreed) about KQ-SOP-6 — “Gap Flag & Patch Workflow”. I’ve grouped the facts under the headings the rest of our SOPs use, so you can see every moving part at a glance and spot-check for anything still missing.
1 · Purpose & Scope§
-
Why it exists – make sure every knowledge gap raised by an operator becomes a documented fix, not a Slack‐thread fossil:
-
✓ Capture the gap (Telegram tag
🔴Knowledge-Gapin #systems-kitchen). - ✓ Turn the gap into a GitHub Issue + PR against the Markdown SOP repo.
- ✓ Merge, bump version header, and let the webhook re-train the “Solo-Team Coach” bot (< 10 min).
- ✓ Reflect the change visually during the Friday Doc ↔ Miro Sync mini-ritual.
2 · Trigger & Owner§
| Trigger | Owner (RACI) |
|---|---|
Operator has run Self-Help Checklist (KQ-SOP-3) and is still blocked → posts gap in Telegram with 🔴Knowledge-Gap. |
R Freelancer Operator |
| Telegram bot or channel mention pings Systems-Ops Lead. | A Systems-Ops Lead |
| PR review / approval (if needed) | C Ops Manager or nominated reviewer |
| Webhook-driven GPT refresh; Doc title bump | I GPT Assistant |
3 · End-to-End Flow (high-level)§
Operator → Telegram 🔴Knowledge-Gap
│
▼ (≤2 h SLA)
Systems-Ops creates GitHub Issue ─┐
Lead & feature branch │
│ │
▼ │
Commit / fix Markdown │
│ │
▼ PR → Review → Merge┘ (≤24 h)
│
▼
GitHub webhook: • retrain GPT-o3 on new HEAD
• post “Patch merged” in #system-updates
• label Trello SOP Pipeline card “LIVE”
Friday < 5 min: Doc ↔ Miro Sync sweep updates any diagrams
4 · Detailed Steps (operational view)§
| # | Actor | Action / Control |
|---|---|---|
| 1 | Operator | After failing KQ-SOP-3, post message in #systems-kitchen starting with 🔴Knowledge-Gap — <one-line problem> and include link / screenshot. |
| 2 | Bot (optional) | Immediately replies with a checklist link: “Have you tried /find and /explain?” – purely a reminder. |
| 3 | Systems-Ops Lead | a) Acknowledge in ≤2 h. b) Open GitHub Issue using gap/<short-slug> template (fields: Context, Desired, Proposed fix).c) Create branch fix/<short-slug> and draft changes. |
| 4 | Reviewer (Ops-Mgr or peer) | Review PR (approve / request change). |
| 5 | Systems-Ops Lead | Merge PR; add semantic version bump at top of file; close Issue. |
| 6 | Webhook | • Triggers GPT model refresh. • Posts auto-message in #system-updates: “Gap patch merged – |
| 7 | Operator | Re-run the original GPT command – confirm answer now works; react ✅ on the Telegram gap thread. |
| 8 | Miro Sync (Fri) | If file renamed or a new SOP added, update the Miro architecture map box title / link (KQ-SOP-2). |
5 · KPIs§
| KPI | Target |
|---|---|
| Issue opened ≤ 2 h after Telegram post | 100 % |
| PR merged ≤ 24 h after issue | 100 % |
| GPT knowledge refresh < 10 min post-merge | 95 % |
| Doc ↔ Miro sync sweep (Friday) | 100 % weeks |
6 · Tools & Artefacts§
- Telegram – channel #systems-kitchen (gap intake) + #system-updates (merge notice).
- GitHub – repo
solo-team-sops; Issue & PR templates:ISSUE_TEMPLATE/gap_report.yml&PULL_REQUEST_TEMPLATE/fix_gap.md - Markdown SOP files – SSOT, version header
## Version vX.Y.Z — YYYY-MM-DD. - Trello – board SOP Pipeline → card auto-transition Draft → LIVE when PR merges.
- Webhook stack – GitHub → (Zapier or GHA) → GPT retrain endpoint; webhook also posts merge digest.
- Miro – Architecture Map frame for manual label update.
7 · Risks & Controls§
| Risk | Mitigation / Control |
|---|---|
| Gap never logged (operator forgets) | Self-Help Checklist ends with big “If still stuck → post 🔴Knowledge-Gap”. |
| Issue created but PR stalls | Trello card moves to “Blocked – needs review” after 24 h with Butler ping. |
| Merge conflicts corrupt docs | “Squash & Merge” only; CODEOWNERS require one reviewer. |
| Sensitive info leaked in Telegram thread | Operator reminder: no client PII in gap post; bot auto-redacts emails. |
| GPT not refreshed (webhook fails) | GitHub Action alerts #systems-kitchen if status ≠ success. |
8 · Current status§
- Version:
KQ-SOP-6-v0.1(framework only; needs templates & webhook YAML). - Hooks in place: Yes – basic webhook posts to #system-updates; GPT retrain lambda stubbed.
- Next small task: finish ISSUE & PR templates, add CODEOWNERS, document branch-naming in README.
That’s the complete knowledge surface for Gap Flag & Patch Workflow right now. If anything is missing, shout and we’ll fold it into v0.2.
—— 07 Subsystem: Gap Fix & Continuous Improvement/00 Subsystem: Gap Fix and Continuous improvement.md ——§
DraftSOP · Subsystem · Gap-Fix & Continuous Improvement · 2025-05-15-r1§
Target System — Gap-Fix & Continuous Improvement (new subsystem derived from the Master Blueprint v 3.2)
Big-Picture Overview§
| Block | Content |
|---|---|
| Purpose & Scope | Bake a never-stale feedback loop into the Solo-Team OS so that: 1️⃣ Any operator can flag a knowledge gap, bug or bottleneck the moment it hurts. 2️⃣ A lightweight PR pipeline promotes the fix into the Markdown SSOT, Trello cards and Miro maps within ≤ 24 h. 3️⃣ Weekly mini-retro & Kaizen review curates improvement ideas. 4️⃣ Quarterly System Retro safeguards security, retention and access hygiene. Outcome → The OS evolves as fast as the work does, without central bottlenecks. |
| Map / Flow | Gap spotted → GF-SOP-1 Gap Flag & Patch Workflow (Telegram tag 🔴Knowledge-Gap → GitHub Issue & PR → SOP merge) → auto-retrain GPT → GF-SOP-2 Weekly Kaizen Review picks one high-leverage idea → card moves to Q2 backlog → implemented fix passes through PR again → GF-SOP-3 Quarterly System Retro audits versions, access lists & Drive retention → posts summary in 📢 System Updates. |
| Roles | Freelancer Operator · Systems-Ops Lead · Ops Manager · GPT Assistant |
| RACI Snapshot | R Operator (flags gaps & submits PRs) · A Systems-Ops Lead (reviews & merges) · C Ops Manager (approves high-impact Kaizen) · I GPT (suggests fixes) |
| KPIs | Gap → PR merged < 24 h (95 %) · ≥ 1 Kaizen promoted weekly · No SOP > 90 d without version bump · Quarterly Retro completed 100 % |
| Tools | GitHub solo-team-sops · Google Drive (Markdown) · Trello SOP Pipeline board · Miro System Map frames · Telegram #systems-kitchen & 📢 System Updates |
| Risks (ISO 31000) | Merge conflicts stall updates · Operators bypass process and “cowboy patch” in Drive · PR backlog grows > 5 · Quarterly retro skipped → stale access lists |
| Open Questions | Auto-label “doc-needs-diagram” issues for Miro team? |
| Next Action | Finish GF-SOP-2 & GF-SOP-3 drafts; enable GitHub → Telegram webhook for merged PRs. |
Detailed SOPs (owned by this subsystem)§
| ID | Procedure | Status / Notes |
|---|---|---|
| GF-SOP-1 | Gap Flag & Patch Workflow (was KQ-SOP-6) | v0.3 ✓ – Telegram tag, GitHub Issue/PR, 24 h SLA |
| GF-SOP-2 | Weekly Kaizen Review & Promotion | TBD – run every Friday 17 : 05 (after Mini-Retro) |
| GF-SOP-3 | Quarterly System Retro Checklist | TBD – 10-min audit, post summary in 📢 System Updates |
ArchitectureSnapshot JSON§
{
"version_id": "2025-05-15-r1",
"system_level": "Subsystem",
"lifecycle_state": "DraftSOP",
"target_name": "Gap-Fix & Continuous Improvement",
"parent_name": "Personal Management OS for Freelancers",
"last_updated": "2025-05-15T01:20:00Z",
"overview": {
"purpose": "Keep the Solo-Team OS evergreen by turning every gap into a documented, merged improvement within 24 h.",
"flow": [
"Operator flags gap with 🔴Knowledge-Gap tag in Systems Kitchen",
"GF-SOP-1 creates GitHub Issue & PR; Systems-Ops Lead reviews",
"PR merged → Markdown updated → GPT retrains; Miro node refreshed",
"Weekly: GF-SOP-2 reviews Kaizen backlog, promotes 1 idea",
"Quarterly: GF-SOP-3 runs System Retro audit & posts summary"
],
"roles": ["Freelancer Operator","Systems-Ops Lead","Ops Manager","GPT Assistant"],
"kpis": [
"Gap to PR merge <24h 95%",
"≥1 Kaizen promoted per week",
"No SOP older than 90d without version bump",
"Quarterly retro completion 100%"
],
"tools": [
"GitHub solo-team-sops repo",
"Google Drive Markdown SSOT",
"Trello SOP Pipeline board",
"Miro System Map",
"Telegram channels #systems-kitchen & 📢 System Updates"
],
"risks": [
"Merge conflicts delay fixes",
"Unreviewed changes in Drive",
"PR backlog >5 open items",
"Quarterly retro skipped"
],
"doc_link": "Drive:/01-SYSTEMS/Continuous-Improvement/GF_Subsystem_v1.0.0.md"
},
"children": [
{ "system_level": "Procedure", "target_name": "GF-SOP-1 – Gap Flag & Patch Workflow", "version_id": "GF-SOP-1-v0.3" },
{ "system_level": "Procedure", "target_name": "GF-SOP-2 – Weekly Kaizen Review & Promotion", "version_id": "GF-SOP-2-TBD" },
{ "system_level": "Procedure", "target_name": "GF-SOP-3 – Quarterly System Retro Checklist", "version_id": "GF-SOP-3-TBD" }
]
}
ASCII Swim-lane (gap spotted → PR merged)§
Operator Systems-Ops Lead GitHub Repo GPT Bot / Docs
| | | |
| 🔴 Tag gap in | | |
| #systems-kitchen | | |
|------------------------>| | |
| | Open Issue + PR | |
| |------------------------>| |
| | Review / request fix | |
| |<------------------------| |
| | Merge PR ≤24 h | |
| |------------------------>| |
| | | Webhook triggers retrain |
| | |--------------------------->|
| | | | ✅ “Knowledge updated!”
| | Post merge note | |
|<------------------------| | |
| Celebrate & continue | | |
— End of Gap-Fix & Continuous Improvement Subsystem r1
—— 08 IT-Security & Compliance (Subsystem/00 Subsystem: IT Security And Compliance.md ——§
DraftSOP · Subsystem · IT-Security & Compliance · 2025-05-15-r3§
(supersedes r2 — inserts mobile-phone Day-0 setup and renumbers downstream SOPs; 7 procedures total)
Big-Picture Overview§
| Block | Content |
|---|---|
| Purpose & Scope | Secure every endpoint and the surrounding work zone so Solo-Team data stays safe, operators stay focused, and access is retired cleanly. The subsystem now has three Day-0 tracks (laptop / desktop, work-environment, mobile phone), two quarterly audits, plus incident response and off-boarding. |
| Life-Cycle Flow | 1️⃣ SEC-SOP-1 Device Provisioning & Hardening → 2️⃣ SEC-SOP-2 Work-Environment & Comms Compliance → 3️⃣ SEC-SOP-3 Mobile-Phone Work-Profile & App Setup → work period → Quarterly audits: 4️⃣ Work-Env Self-Audit, 5️⃣ Device-Security Audit → incident? run SEC-SOP-6 IR → contract end → SEC-SOP-7 Off-boarding & Remote Wipe |
| Roles / RACI | Freelancer Operator R · Ops Manager A · Systems-Ops Lead / Security Admin C · GPT Assistant I |
| KPIs | • 100 % endpoints (laptop + phone) encrypted • Day-0 approvals before first timer 100 % • Quarterly audits closed ≤ 48 h • Incident contained ≤ 4 h • Off-boarding completed ≤ 24 h |
| Core Tools | BitLocker / FileVault / LUKS · Android Work-Profile / iOS MDM · Trello Security board · Google Drive 00-ADMIN · Insightful · Clockify · OS Focus/DND · Telegram #security-alerts |
| Risks | Lost unencrypted device · Patch / AV drift · Personal IM leaks data · Ex-operator retains access · Remote-wipe failure |
| Next Action | Draft SEC-SOP-4 & SEC-SOP-5 checklists; create Day-0 Trello template that spawns three cards (SOP-1, 2, 3). |
SOP Index (owned here)§
| ID | Procedure | Status / Notes |
|---|---|---|
| SEC-SOP-1 | Device Provisioning & Hardening (laptop / desktop) | v1.3 ✓ |
| SEC-SOP-2 | Work-Environment & Communication Compliance | v1.0 ✓ |
| SEC-SOP-3 | Mobile-Phone Work-Profile & App Setup | TBD (Day-0, Android & iOS) |
| SEC-SOP-4 | Quarterly Work-Environment Self-Audit | stub TBD |
| SEC-SOP-5 | Quarterly Device-Security Audit | stub TBD |
| SEC-SOP-6 | Incident Response & Containment | stub TBD |
| SEC-SOP-7 | Access Off-boarding & Remote Wipe | stub TBD |
GPT commands:
/checklist day-0 → laptop + phone + work-env tasks.
/tip security returns WGLL snippets from SOP-1 / -2 / -3.
ASCII Life-Cycle Diagram (v3)§
┌───────────── Day-0 On-boarding ─────────────┐
│ Card-1 ▶ SEC-SOP-1 Laptop Hardening │
│ Card-2 ▶ SEC-SOP-2 Focus Work-Env │
│ Card-3 ▶ SEC-SOP-3 Mobile-Phone Setup │
└──────────────┬─────────────┬───────────────┘
│ │ all ✅
▼ ▼
┌────────────── Work begins ──────────────┐
│ 90-day timer │
│ Card-Repeater drops two audit cards │
└───────┬────────────┬────────────────────┘
│ │
▼ ▼
SEC-SOP-4 SEC-SOP-5
(Work-Env Audit) (Device Audit)
│ │
└────┬───────┘
incident? no │ │ yes
▼ │
continue │
│ ▼
│ SEC-SOP-6
│ (Incident Response)
│ └─ lock → wipe → IR log
▼
contract ends / device retired
▼
SEC-SOP-7 Off-boarding
(disable creds · remote-wipe ·
archive final security card)
ArchitectureSnapshot JSON (schema-valid, r3)§
{
"version_id": "2025-05-15-r3",
"system_level": "Subsystem",
"lifecycle_state": "DraftSOP",
"target_name": "IT-Security & Compliance",
"parent_name": "Personal Management OS for Freelancers",
"last_updated": "2025-05-15T03:55:00Z",
"overview": {
"purpose": "Harden every endpoint, lock in a focus-only work zone, audit drift, handle incidents, and retire access fast.",
"flow": [
"Day-0 laptop hardening (SEC-SOP-1)",
"Day-0 work-environment & comms compliance (SEC-SOP-2)",
"Day-0 mobile-phone work-profile setup (SEC-SOP-3)",
"Quarterly Work-Env Self-Audit (SEC-SOP-4)",
"Quarterly Device-Security Audit (SEC-SOP-5)",
"Incident response & containment (SEC-SOP-6)",
"Access off-boarding & remote wipe (SEC-SOP-7)"
],
"roles": ["Freelancer Operator","Ops Manager","Systems-Ops Lead","Security Admin","GPT Assistant"],
"kpis": [
"100% encryption coverage (laptop + phone)",
"Day-0 approvals before work 100%",
"Quarterly audits closed ≤48h",
"Incidents contained ≤4h",
"Off-boarding completed ≤24h"
],
"tools": [
"Disk-encryption suites",
"Android/iOS work profile or MDM",
"Trello Security board",
"Google Drive 00-ADMIN",
"Insightful dashboard",
"Clockify",
"Telegram #security-alerts"
],
"risks": [
"Unencrypted lost device",
"Patch or AV drift",
"Personal IM leaks screenshots",
"Ex-operator retains credentials",
"Remote-wipe failure"
],
"doc_link": "Drive:/01-SYSTEMS/IT-Security/SEC_Subsystem_v1.2.0.md"
},
"children": [
{ "system_level": "Procedure", "target_name": "SEC-SOP-1 – Device Provisioning & Hardening", "version_id": "SOP-SEC-1-v1.3.0" },
{ "system_level": "Procedure", "target_name": "SEC-SOP-2 – Work-Environment & Communication Compliance", "version_id": "SEC-SOP-2-v1.0.0" },
{ "system_level": "Procedure", "target_name": "SEC-SOP-3 – Mobile-Phone Work-Profile & App Setup", "version_id": "SEC-SOP-3-TBD" },
{ "system_level": "Procedure", "target_name": "SEC-SOP-4 – Quarterly Work-Environment Self-Audit", "version_id": "SEC-SOP-4-TBD" },
{ "system_level": "Procedure", "target_name": "SEC-SOP-5 – Quarterly Device-Security Audit", "version_id": "SEC-SOP-5-TBD" },
{ "system_level": "Procedure", "target_name": "SEC-SOP-6 – Incident Response & Containment", "version_id": "SEC-SOP-6-TBD" },
{ "system_level": "Procedure", "target_name": "SEC-SOP-7 – Access Off-boarding & Remote Wipe", "version_id": "SEC-SOP-7-TBD" }
]
}
— IT-Security & Compliance Subsystem r3 — now seven SOPs (laptop, work-env, phone, two audits, IR, off-boarding).
—— 08 IT-Security & Compliance (Subsystem/01 Procedure: Device Provisioning and Hardening.md ——§
DraftSOP · Procedure · SEC-SOP-1 — Device Provisioning & Hardening · 2025-05-15-v1.3.0§
(adds mobile-Telegram prerequisite + early desktop Telegram install to keep the comms line alive during setup)
Big-Picture Overview§
| Block | Content |
|---|---|
| Purpose & Scope | Hand every freelancer a secure, fully-tooled workstation + clean digital identity before the first billable minute. |
| When | Day-0 (first shift) · on OS-reinstall · on device swap. |
| Map / Flow | Prereq install Telegram on phone → unbox laptop / VM → create work Gmail → create Work OS profile → install Telegram Desktop immediately → apply Hardening Checklist → install remaining core apps (Drive, Trello, MarkText, Clockify, Insightful) → run Proof-of-Life test → submit Day-0 Device Trello card → Manager ✅/❌. |
| Roles / RACI | Freelancer Operator R · Ops Manager A · Systems-Ops Lead C · GPT Assistant I |
| KPIs | 100 % encryption · 0 admin accounts · Day-0 card approved before first timer |
| Tools | BitLocker/FileVault/LUKS · OS firewall & AV · Telegram (mobile + desktop) · Gmail (work-only) · Trello Desktop · Drive for Desktop · MarkText · Clockify · Insightful |
| Risks | Unencrypted lost device · Personal email leak · Comms lost during install · Missing Markdown viewer |
| Controls | Trello Day-0 template · Gmail naming st-<firstname><yy>@gmail.com · Recovery keys in 00-ADMIN · Telegram phone fall-back |
Detailed Workflow (8 bullets)§
| # | Step & Owner | Key Points / Controls |
|---|---|---|
| 0 · Prerequisite — Mobile Telegram Online Operator |
Install Telegram on phone → join /manager & /security-alerts channels (keeps live comms while desktop apps install). |
|
| 1 · Create Work-Only Gmail | If no Workspace account: make up-only-<firstname>.<lastname>@gmail.com (2-FA). Send address to Ops Manager for access provisioning. |
|
| 2 · Create Work OS Profile | Windows: Accounts ▸ Add work account (non-admin). macOS/Linux: new user work (Standard). |
|
| 3 · Install Telegram Desktop (Immediately) | Sign in; send “Device online” to /manager to confirm comms before hardening continues. |
|
| 4 · Apply Hardening Checklist | Encryption ON · patches current · firewall default-deny · AV clean · Bitwarden · uBlock Origin + Docs/Drive viewer only. | |
| 5 · Install Core Stack | Trello Desktop · Drive for Desktop (shared drives) · MarkText · Clockify · Insightful. Sign in with work Gmail/Workspace. Insightful: 30-sec shots; idle 1 min (desktop) / 5 min (mobile). |
|
| 6 · Configure Projects & Proof-of-Life | Clockify projects; Insightful path OP-<name>/Insightful/<date>/.Run 2-min timer “TEST – Device Ready” → Trello card to Doing → verify ≥ 4 Insightful screenshots. |
|
| 7 · Submit Day-0 Approval | Attach screenshots (Encryption ON, Insightful green, timer entry link) to card → move to Waiting for Approval → /manager ping. |
|
| 8 · Manager Review ≤ 24 h | ✅ Approved → operator archives card. ❌ Fix issues → resubmit. |
SLA — Device must be Approved before any billable Clockify timer.
WGLL Snapshot (unchanged)§
| Criterion | ❌ Miss | ✅ Meets | ⭐ Exceeds |
|---|---|---|---|
| Encryption | Off / unknown | Enabled & screenshot | Enabled + recovery key in 00-ADMIN |
| Proof-of-Life card | Missing | Card + 2 screenshots | Card + 2 screenshots + zipped Insightful folder |
| Work Gmail | Uses personal account | Dedicated st-… Gmail w/ 2-FA |
Recovery codes stored in 00-ADMIN |
ArchitectureSnapshot JSON (v1.3.0)§
{
"version_id": "SOP-SEC-1-v1.3.0",
"system_level": "Procedure",
"lifecycle_state": "DraftSOP",
"target_name": "SEC-SOP-1 – Device Provisioning & Hardening",
"parent_name": "Device Security & Compliance",
"last_updated": "2025-05-15T03:25:00Z",
"overview": {
"purpose": "Issue a hardened, fully-tooled device and work identity before the first billable minute.",
"flow": [
"Install Telegram on phone for live comms",
"Create dedicated work Gmail with 2-FA",
"Create non-admin work OS profile",
"Install Telegram Desktop immediately, confirm comms",
"Apply hardening checklist (encryption, firewall, AV, Bitwarden)",
"Install Trello, Drive, MarkText, Clockify, Insightful; sign in",
"Run Proof-of-Life timer and verify Insightful screenshots",
"Submit Day-0 Trello card; manager approves or rejects"
],
"roles": ["Freelancer Operator","Ops Manager","Systems-Ops Lead","GPT Assistant"],
"kpis": ["100% devices encrypted","Day-0 approval before work","0 local admin accounts"],
"tools": ["BitLocker/FileVault/LUKS","Telegram (mobile & desktop)","Gmail work account","MarkText","Trello","Drive","Clockify","Insightful"],
"risks": ["Unsecured device","Comms lost during install","Personal email leak"],
"controls": ["Day-0 Trello template","Gmail naming convention","Recovery keys in 00-ADMIN"],
"doc_link": "Drive:/01-SYSTEMS/IT-Security/SEC-SOP-1_Device_Provisioning_v1.3.0.md"
},
"procedure_core": {
"procedure_id": "SEC-SOP-1",
"name": "Device Provisioning & Hardening",
"purpose": "Day-0 checklist for secure, tool-ready freelancer machines.",
"trigger": "New device / OS reinstall / quarterly re-audit.",
"inputs": ["Fresh workstation","Google credentials","Day-0 Trello card"],
"responsible_role": "Freelancer Operator",
"steps": [
"Install Telegram on phone; join required channels",
"Create dedicated work Gmail (2-FA) if no Workspace account",
"Create non-admin work OS profile and sign in",
"Install Telegram Desktop; confirm comms",
"Apply hardening checklist (encryption, patches, firewall, AV, Bitwarden)",
"Install & sign-in to Trello, Drive, MarkText, Clockify, Insightful",
"Run 2-min Proof-of-Life timer and verify Insightful shots",
"Submit Day-0 approval card; fix ❌ items and resubmit if needed"
],
"outputs": ["Approved Day-0 card with evidence","Encrypted, tooled workstation"],
"sla": "Approval required before any billable work.",
"controls": ["Encryption screenshot","Insightful status screenshot","Manager approval comment"],
"tools": ["OS security panels","Telegram","MarkText","Trello","Clockify","Insightful"],
"kpis": ["Encryption 100%","Approval turnaround ≤24 h"],
"risks": ["Unsecured device","Operator skips approval"],
"doc_link": "Drive:/01-SYSTEMS/IT-Security/SEC-SOP-1_Device_Provisioning_v1.3.0.md"
},
"children": []
}
— End of SEC-SOP-1 v1.3.0
—— 08 IT-Security & Compliance (Subsystem/02 Procedure: Work Environment Compliance.md ——§
DraftSOP · Procedure · SEC-SOP-5 — Work-Environment & Communication Compliance · 2025-05-15-r0§
New Day-0 checklist that locks in a distraction-free workspace, “work-only” comms rules, and quarterly self-audits. Lives inside the IT-Security & Compliance subsystem next to Device Hardening.
Big-Picture Overview§
| Block | Content |
|---|---|
| Purpose & Scope | Make sure every freelancer works in a secure, interruption-free environment and uses work-only communication channels while timers are running. Covers: physical workspace rules, family/room-mate boundaries, allowed apps & messaging, and quarterly self-audit. |
| When | Day-0 (before first billable timer) & Quarterly Review (Card-Repeater drops “SEC-Self-Audit” card). |
| Map / Flow | Create dedicated workspace → agree household rules → lock personal messengers → run 15-min Focus Test → Trello Work-Env Checklist card ➜ Waiting for Approval → Manager ✅/❌ → archive. |
| Roles / RACI | Freelancer Operator R · Ops Manager A · Systems-Ops Lead C · GPT Assistant I |
| KPIs | 0 personal chat windows active in Insightful shots · 100 % Day-0 Work-Env cards approved · Quarterly self-audit done on time |
| Tools | Dedicated workspace hardware · Trello card template “Work-Env Checklist” · Insightful screenshots · Telegram Systems Kitchen (for questions) |
| Risks (ISO 31000) | Home distractions → SLA slips · Personal IM leaks client data · Ergonomic issues → burnout |
| Controls | Insightful random 30-sec shots 🍃 · Quarterly self-audit card with same checklist |
| Done-When | Manager ✅ comment & card archived; Insightful shows green status + no non-work chat apps during Focus Test |
Detailed SOP — Work-Environment Compliance (≤ 7 bullets)§
| # | Step & Owner | Key Points / Controls |
|---|---|---|
| 1. Dedicate a physical workspace Operator |
• Desk & chair in low-traffic room (door or divider). • Adequate lighting; camera background neutral. • Ergonomic setup: eye-level monitor, wrists neutral. |
|
| 2. Create household “Do-Not-Disturb” pact | • Inform family/room-mates of work hours. • Post a “🔴 Focus – back at HH:MM” sign. • Emergencies only; quick hand signals if absolutely needed. |
|
| 3. Enforce work-only comms during timers | • Allowed apps: Trello, Drive, Clockify, Insightful, Telegram work accounts. • Mute / log out of WhatsApp, FB Messenger, personal Gmail on work profile. • If break ≥ 5 min → stop Clockify timer first. |
|
| 4. Configure Focus Aids | • Windows “Focus Assist” or macOS “Do Not Disturb” ON. • Phone on silent, outside reach. • Optional: Pomodoro 50 / 10 if approved by manager. |
|
| 5. 15-min Proof-of-Focus Test | • Start Clockify timer “TEST – Focus Environment”. • Work on a dummy Trello card; keep only work apps open. • Insightful must capture ≥ 30 screenshots with no personal apps visible. |
|
| 6. Submit Work-Env Checklist card | • Attach two Insightful screenshots (start & end of test). • List household boundaries agreed. • Move card → Waiting for Approval; ping manager in /manager Telegram. |
|
| 7. Manager review ≤ 24 h | ✅ = comment “Approved”; Operator archives card. ❌ = comment fixes (e.g. personal Slack open) → Operator corrects & resubmits. |
Quarterly Self-Audit — Card-Repeater drops same checklist on the last Friday of each quarter; operator reconfirms or updates proof.
WGLL (“What Great Looks Like”)§
| Criterion | ❌ Miss | ✅ Meets | ⭐ Exceeds |
|---|---|---|---|
| Personal chat apps | WhatsApp visible in screenshot | Only work apps during Focus Test | Personal phone in another room; Focus Assist log |
| Physical workspace | Kitchen table w/ people passing | Dedicated desk, neutral background | Door closed + noise-cancel headset |
| Boundaries set | Family walks in during test | Household sign & time blocks agreed | Family reminds operator to take stretch breaks 😉 |
ArchitectureSnapshot JSON§
{
"version_id": "2025-05-15-r0",
"system_level": "Procedure",
"lifecycle_state": "DraftSOP",
"target_name": "SEC-SOP-5 – Work-Environment & Communication Compliance",
"parent_name": "IT-Security & Compliance",
"last_updated": "2025-05-15T01:20:00Z",
"overview": {
"purpose": "Ensure every freelancer works in a distraction-free, secure environment with work-only communications.",
"flow": [
"Dedicate physical workspace and set household boundaries",
"Disable personal messengers; enable OS Focus Assist",
"Run 15-min Focus Test (Clockify + Insightful)",
"Submit Work-Env Checklist card with screenshots",
"Manager approves or rejects within 24 h",
"Repeat self-audit quarterly"
],
"roles": ["Freelancer Operator","Ops Manager","Systems-Ops Lead","GPT Assistant"],
"kpis": [
"0 personal chat apps during timers",
"100% Day-0 cards approved before work starts",
"Quarterly self-audit completion 100%"
],
"tools": [
"Dedicated workspace hardware",
"Trello card template",
"Clockify",
"Insightful",
"Telegram"
],
"risks": [
"Distractions cause SLA misses",
"Data leakage via personal IM",
"Poor ergonomics leads to burnout"
],
"controls": [
"Insightful random screenshots",
"Quarterly card-repeater audit",
"Manager approval gating"
],
"doc_link": "Drive:/01-SYSTEMS/Security/SEC-SOP-5_Work_Env_Compliance_v1.0.0.md"
},
"procedure_core": {
"procedure_id": "SEC-SOP-5",
"name": "Work-Environment & Communication Compliance",
"purpose": "Day-0 + quarterly checklist to lock-in a secure, distraction-free workspace.",
"trigger": "New hire Day-0, quarterly on last Friday.",
"inputs": [
"Dedicated workspace",
"Work-profile computer",
"Trello Work-Env Checklist card"
],
"responsible_role": "Freelancer Operator",
"steps": [
"Set up dedicated workspace & ergonomics",
"Agree household Do-Not-Disturb pact",
"Disable personal comms apps on work profile",
"Configure Focus Assist / DND",
"Run 15-min Focus Test (Clockify + Insightful)",
"Submit checklist card with screenshots & ping manager",
"Fix ❌ comments and resubmit if needed"
],
"outputs": [
"Approved Work-Env Checklist card",
"Insightful proof screenshots"
],
"sla": "Approval required before first shift; quarterly audit card due same day.",
"controls": [
"Insightful screenshot review",
"Trello approval gate"
],
"tools": [
"Clockify",
"Insightful",
"Trello",
"Operating-system Focus features"
],
"kpis": [
"Distraction-free screenshots 100%",
"Quarterly audit pass rate 100%"
],
"risks": [
"Personal chat distraction",
"Uncontrolled environment"
],
"doc_link": "Drive:/01-SYSTEMS/Security/SEC-SOP-5_Work_Env_Compliance_v1.0.0.md"
},
"children": []
}
— End of SEC-SOP-5 r0
—— 08 IT-Security & Compliance (Subsystem/03 Procedure: Mobile-Phone Work-Profile & App Setup.md ——§
DraftSOP · Procedure · SEC-SOP-3 — Mobile-Phone Focus-Mode & App Setup · 2025-05-15-r2§
(r2 adds flexibility for non-9-to-5 shifts and manual Focus toggling.)
Big-Picture Overview§
| Block | Content |
|---|---|
| Purpose & Scope | Give every freelancer a distraction-free yet responsive phone set-up: • Core apps (Telegram, Gmail, Calendar, Drive) fire through instantly while they’re on shift. • Personal apps stay muted. Shifts aren’t always 09 : 00 – 17 : 30. Operators must align Focus hours with their actual work window or toggle Focus manually at clock-in / clock-out. |
| When | Day-0 (after laptop hardening) and whenever the phone is replaced. |
| Map / Flow | Install apps → sign in → create or tweak Work Focus / Priority Mode (scheduled or manual toggle) → pin work widgets → ping test → screenshot → Trello Phone Setup card → Manager ✅/❌. |
| Roles / RACI | Operator R · Ops Manager A · Systems-Ops Lead C · GPT I |
| KPIs | 100 % operators receive /manager Telegram within 3 s during shift · 0 off-hours work pings (except 🔴 alerts) |
| Tools | Android Focus Mode / iOS Focus · Gmail · Google Calendar · Google Drive · Telegram |
| Risks | Missed approval ping · After-hours ping fatigue · Screenshots synced to personal cloud |
Detailed Workflow (8 steps)§
| # | Step & Owner | Key Points / Controls |
|---|---|---|
| 1. Check chat line | Telegram already installed from laptop set-up. | |
| 2. Install work apps | Gmail, Calendar, Drive (Play / App Store). | |
| 3. Add Solo-Team Google account | Settings → Accounts → Add Google → company address. Enable contacts & calendar sync. |
|
| 4. Create “Work” Focus / Priority Mode | Choose ONE: • Scheduled Focus: set start = planned shift minus 1 h (gives prep time), end = shift + 30 min. • Manual toggle: leave schedule blank; enable Focus each time you clock-in and disable at clock-out. Allow only Telegram, Gmail, Calendar, Drive; block personal IM. |
|
| 5. Home-screen hygiene | Separate “Work” page: Telegram, Gmail, Calendar widget, Drive shortcut, Clockify web-link. | |
| 6. Ping test & screenshots | Manager sends “Ping test” → vibration ≤3 s. Screenshot Focus settings and notification shade. |
|
| 7. Submit for approval | Attach 2 screenshots to Trello Phone Setup card → move to Waiting for Approval → ping manager. | |
| 8. Manager review | ✅ “Phone OK” → archive card. ❌ comment fix → operator resubmits. |
Done-When — Card approved before first paid shift.
WGLL (snapshot)§
| ❌ Miss | ✅ Meets | ⭐ Exceeds |
|---|---|---|
| Focus hours wrong or unset | Schedule matches shift OR operator toggles Focus every session | Adds one-tap Start / Stop Shift shortcut (iOS lock-screen / Android tile) |
ArchitectureSnapshot (JSON)§
{
"version_id": "2025-05-15-r2",
"system_level": "Procedure",
"lifecycle_state": "DraftSOP",
"target_name": "SEC-SOP-3 – Mobile-Phone Focus-Mode & App Setup",
"parent_name": "IT-Security & Compliance",
"last_updated": "2025-05-15T03:25:00Z",
"overview": {
"purpose": "Configure a distraction-free yet responsive phone set-up aligned to each operator’s real shift.",
"flow": [
"Install Telegram, Gmail, Calendar, Drive",
"Add Solo-Team Google account",
"Create Work Focus / Priority Mode (scheduled to shift or manual toggle)",
"Allow only core apps; mute personal IM",
"Separate work home-screen",
"Ping test and screenshots",
"Submit Trello Phone Setup card for approval"
],
"roles": ["Freelancer Operator","Ops Manager","Systems-Ops Lead","GPT Assistant"],
"kpis": [
"Work pings received <3 s during shift",
"No off-hours work notifications",
"Phone setup approved before first shift"
],
"tools": [
"Platform Focus / Do-Not-Disturb",
"Telegram",
"Gmail",
"Google Calendar",
"Google Drive"
],
"risks": [
"Missed manager approvals",
"After-hours burnout via notifications",
"Work data synced to personal cloud"
],
"doc_link": "Drive:/01-SYSTEMS/IT-Security/SEC-SOP-3_Phone_Setup_v1.1.md"
},
"children": []
}
— End of SEC-SOP-3 r2