最終更新: 2026/06/22 18:56

Research Question

Which decision-rights and accountability model should govern Architecture Decision Records (ADRs) — i.e. how to define "who is the single accountable approver" and the stakeholder roles around each decision — for a solo operator scaling toward a multi-person executive team under audit requirements?

[Note: Focus on decision-authority role taxonomies (RACI/RAPID/DACI and alternatives), how accountability is recorded in ADRs, and how cross-cutting concerns (security, legal) attach to decisions. NOT about ADR file format, numbering, granularity (covered separately), or org-chart/HR job design.]

Context

We are a solo developer (法人 / Japanese corporation) operating a Decision Review Pipeline that gates every ADR: Triage → Blind-spot Detection → Body Generation → Scoring → Cross-Validation → Parallel multi-model review. Monthly volume 5–15 ADRs. The product is corporate accounting software with audit requirements (J-SOX / ITGC, Japanese e-bookkeeping law). Decisions must be traceable to who is accountable.

We already classify each ADR by Scope (Corporate / Platform / Product / Ops, mutually exclusive) and Tier (Light / Standard / Critical). We want to add a role/accountability layer. Our draft design (to be validated, not assumed):

  • One Accountable role per decision = the audit unit; Scope determines which role is accountable.
  • Responsible/executor differs from accountable/decider — split decisions on accountable-role boundaries, not executor boundaries.
  • External experts (tax accountant, lawyer) and AI reviewers are Consulted, never accountable (accountability stays internal).
  • Security and legal/compliance are treated as cross-cutting concerns that trigger mandatory consultation, not as additional Scope layers.

Today one person holds every role; the model must stay valid as the executive team grows (roles defined abstractly, people assigned later).

Questions

  1. Decision-rights framework: Which model (RACI, RAPID, DACI, or other) best fits ADR accountability, and how do they handle the "exactly one accountable" principle? Give selection criteria and trade-offs, with sources.

  2. Recording accountability in ADRs: How do practitioners encode "who decided / who approved" in ADR metadata (single accountable vs council / consensus)? What do audit/governance regimes (J-SOX, ITGC, ISO, COSO) require for decision approval evidence?

  3. Cross-cutting concerns (security, legal): Is it standard to treat security and legal/compliance as concerns/quality-attributes attached to a decision (triggering mandatory reviewers/gates) rather than as decision domains? How are such concern-gates and reviewer roles modeled?

  4. External experts & AI reviewers: How should non-accountable advisors (external counsel/tax advisors, automated/LLM reviewers) be represented so that accountability is not diluted? Any audit guidance on advisor vs approver.

  5. Solo-to-team scaling: What patterns let a single person hold multiple decision roles now and cleanly split them across an executive team later, without rewriting historical decisions?

Output

Structured report with:

  • Executive summary (3–5 key findings)
  • Per-question analysis with concrete, sourced recommendations
  • A recommended role taxonomy mapped to ADR metadata fields (role → who/when)
  • A short comparison table of RACI vs RAPID vs DACI for ADR use
  • Priority ranking (must-have / should-have / nice-to-have)
  • References with URLs