Customer Onboarding — Evidence First, Access Second
The expanded onboarding page for DEFONEOS buyers: first 10 minutes, first 24 hours, 7-day scoping, 30-day control map, 90-day pilot closeout, and truthful sandbox provisioning gates.
Onboarding principle
A new buyer should experience DEFONEOS as controlled, auditable, and bounded from minute one. The onboarding path starts with evidence and scope, not with unbounded platform access.
- First 10 minutes: confirm buyer route, public evidence, and owner gate.
- First 24 hours: send evidence room, pricing card, and validation agenda.
- First 7 days: scope a 90-day pilot or close the thread honestly.
- First 30 days: produce control map, public-source demo, and risk register.
- First 90 days: deliver go/no-go report and procurement route.
Onboarding stages
This replaces vague “your sandbox is live” language with a real controlled path.
| Stage | Buyer sees | Owner action | Status |
|---|---|---|---|
| 1. Intake | Confirmation and reference number | Verify identity, route, and consent | Public |
| 2. Evidence | Evidence room and pricing card | Send proof bundle and validation slots | Live |
| 3. Scope | Meeting-notes-to-SoW draft | Convert buyer pain into 90-day pilot | Draft |
| 4. Security | Data boundary and red-line register | Confirm no sensitive data in public demo | Designed |
| 5. Provisioning | Sandbox or private workspace | Only after payment or contract route | Owner-gated |
| 6. Pilot | Control map, demo, risk register | Run 30/60/90 cadence | Buyer-gated |
| 7. Closeout | Go/no-go report | Route to framework, prime, grant, or stop | Decision |
First-10-minute checklist
Use this after a high-intent buyer action.
- Open CRM and create or update the buyer record.
- Classify source: demo, pricing, investor, partner, procurement, or checkout.
- Check whether the buyer is public-sector, prime, SME, academic, regulator, or investor.
- Send the correct public link bundle only.
- Schedule a validation slot or stop if the signal is low-quality.
- Do not claim operational access, security clearance, or certification.
Sandbox provisioning truth
The old onboarding page implied automatic sandbox provisioning. This page makes the truthful route explicit.
| Requirement | Why it matters | Gate |
|---|---|---|
| Verified buyer identity | Prevents unknown access to dual-use AI surface | Owner |
| Payment or contract route | Avoids unpaid provisioning and unclear terms | Owner |
| Data boundary | Keeps public-source demo separate from sensitive buyer data | Buyer plus owner |
| Security posture | Cyber Essentials Plus and access-control path | Owner |
| Scope and success metric | Prevents platform sprawl | Buyer plus owner |
| Revocation path | Access can be removed if scope changes | Owner |
Command examples
Commands below are illustrative until a buyer-specific sandbox exists. Do not present them as live credentials.
# Public-source pilot preparation python -m defoneos.verify --evidence-room public --red-lines strict python -m defoneos.scope --template 90-day-pilot --buyer public-service python -m defoneos.audit --frameworks jsp936,nist-ai-rmf,iso42001,uk-gdpr # Private sandbox commands require owner-gated provisioning. # Never paste real API keys into public pages or email.
Welcome email template
Send this only after owner verification.
Subject: DEFONEOS onboarding — evidence, scope, and next step Thank you for the DEFONEOS request. I have verified the public route and set up the next step as a bounded validation, not an open-ended platform rollout. Your public evidence links: - Evidence room: /defoneos-mod-evidence-room-index - Pricing: /defoneos-mod-pricing-card-onepager - 90-day pilot SoW: /defoneos-mod-meeting-notes-to-sow Before any sandbox or private workspace is provisioned, we will confirm data boundary, scope, commercial route, and accountable owner. Regards, Nicholas Templeman
30-day onboarding cadence
The onboarding cadence turns a high-intent buyer into a governed pilot without assuming that all infrastructure is already accredited.
| Day | Buyer outcome | DEFONEOS deliverable | Decision gate |
|---|---|---|---|
| 0 | Understands route and boundaries. | Evidence room, pricing card, SoW template. | Proceed to validation or close. |
| 1 | Has a named validation slot. | Agenda, public proof links, red-line register. | Meeting accepted. |
| 7 | Sees scoped pilot draft. | 90-day SoW v0.1, success metrics, risk register. | Buyer validates scope. |
| 14 | Confirms procurement route. | DASA, G-Cloud, prime, grant, or direct-pilot map. | Route owner named. |
| 30 | Receives control map and demo plan. | JSP 936 map, NIST AI RMF map, public-source demo plan. | Go or no-go to Day 60. |
Access-control model
Access follows the least-privilege route. Public pages are open. Private workspaces are created only after scope, payment or contract path, and data boundary are verified.
- Public visitor: can read public pages and evidence-room artefacts.
- Prospect: can receive tailored public links and validation agenda.
- Pilot buyer: can access a private workspace only after owner gate.
- Prime or consortium partner: receives partner-safe artefacts without exclusivity.
- Regulator or standards body: receives governance and assurance artefacts, not sales pressure.
- Investor: receives investor pack only after identity plausibility check.
Onboarding failure modes
These are the common places onboarding goes wrong. The page names them so the operator can prevent them.
| Failure mode | Symptom | Recovery |
|---|---|---|
| Premature access claim | Buyer thinks a sandbox is live before gates are complete. | Clarify evidence-first path and owner-gated provisioning. |
| Unbounded platform ask | Buyer wants everything in one pilot. | Reduce to three work packages and one success metric set. |
| Security overreach | Buyer asks for sensitive data in public demo. | Move to private route or keep public-source only. |
| Procurement ambiguity | No route owner or framework path. | Send procurement guide and ask for named route owner. |
| Certification confusion | Buyer asks whether DEFONEOS is already certified. | Show current owner gates and DEFONEOS-SEAL route truthfully. |
First technical validation agenda
This is the agenda for the first call after onboarding.
0-3 min Confirm buyer problem and success condition. 3-8 min Show evidence-room map and red-line register. 8-13 min Walk through public-source demo route and data boundary. 13-17 min Show pricing card and 90-day SoW skeleton. 17-20 min Agree next step: stop, route, technical deep dive, or pilot scope.
Evidence artefacts created during onboarding
Each buyer journey should leave a small, auditable trail. That trail is the operating system: not a spreadsheet of vague promises, but named artefacts with owners and review dates.
| Artefact | Created by | When | Purpose |
|---|---|---|---|
| Buyer record | JEEVES draft plus owner review | Day 0 | Track state, signal score, next action, and honesty flag. |
| Evidence bundle | JEEVES | Day 0-1 | Send the smallest proof set matching buyer pain. |
| Validation agenda | Owner | Before first technical call | Keep the call to proof, boundary, commercial route, and next step. |
| SoW draft | Owner with converter page | After meeting | Turn notes into a bounded 90-day pilot. |
| Risk register | JEEVES draft plus owner review | Before pilot | Name certification, procurement, data, expectation, and scope risks. |
| Closeout report | Owner | Day 90 | Go, no-go, extend, framework route, prime route, or grant route. |
Data-boundary pledge
This pledge is the clearest way to explain onboarding to a cautious public-sector buyer.
- Public pages contain only public, illustrative, or owner-approved content.
- Private buyer data does not enter public Vercel pages.
- Classified, sensitive, or operationally protected data is out of scope for public demos.
- Every AI-assisted output remains advisory during pilot unless a separate assurance path changes that status.
- Every pilot has a named human accountable owner.
- Every red-line request stops automation and routes to Nick.
- Every external claim is bounded by evidence, sample size, and honesty status.
Procurement route primer
Onboarding should quickly identify the likely route so the buyer is not left with “interesting, but impossible to buy”.
| Route | When to use | DEFONEOS artefact | Gate |
|---|---|---|---|
| DASA open call | Innovation and defence problem framing. | DASA walkthrough and SoW draft. | Owner submission. |
| G-Cloud or CCS | Cloud service procurement and public-sector buyer. | G-Cloud listing bundle and pricing card. | Listing status and buyer route. |
| Prime partner | When clearance, framework, or contract vehicle belongs to a larger supplier. | Referral partner letter and evidence room. | No exclusivity without review. |
| Direct pilot | When buyer has budget and authority for discovery. | 90-day pilot SoW. | Contract and payment route. |
| Grant or accelerator | When product-market validation is the goal. | DIANA, UKDI, Innovate UK pack. | Owner application. |
12-framework crosswalk
The mapping below is a design and evidence discipline, not a claim of third-party certification.
| Framework | Control mapping | Honesty status |
|---|---|---|
| EU AI Act | Transparency, human oversight, record keeping, post-market monitoring, and high-risk discipline for public-service AI. | Designed. Verify per buyer before external submission. |
| GDPR and UK GDPR | Data minimisation, lawful basis, subject-access path, retention, and no personal-surveillance default. | Designed. Verify per buyer before external submission. |
| JSP 936 | Assurance-case structure, safety evidence, accountable owner, and operational human control. | Designed. Verify per buyer before external submission. |
| JSP 440 | Protective marking, supplier security, secure handling, and public-vs-sensitive separation. | Designed. Verify per buyer before external submission. |
| NIST AI RMF | Govern, Map, Measure, Manage controls connected to buyer onboarding evidence. | Designed. Verify per buyer before external submission. |
| ISO 42001 | AI management system roles, process control, continuous review, and competence evidence. | Designed. Verify per buyer before external submission. |
| NIST PQC | Cryptographic agility path and truthful statement of current vs future signing posture. | Designed. Verify per buyer before external submission. |
| NATO STANAG | Interoperability-compatible language without claiming NATO certification. | Designed. Verify per buyer before external submission. |
| AUKUS Pillar II | Compatibility framing only; no partnership claim without signed evidence. | Designed. Verify per buyer before external submission. |
| OSCAL | Control catalogue, SSP, component definition, and machine-readable audit path. | Designed. Verify per buyer before external submission. |
| Five Eyes export discipline | Public-source and non-controlled data boundary. | Designed. Verify per buyer before external submission. |
| C2PA 2.0 | Content provenance and media-lineage posture for artefacts sent externally. | Designed. Verify per buyer before external submission. |
Honesty register
Explicit bounds for this page.
- This page is public onboarding or thank-you material, not legal advice or official government endorsement.
- No AUKUS, NATO, DAIC, DASA, Dstl, MOD, or Cyber Essentials certification is claimed unless separately evidenced.
- No kinetic-targeting, kill-order, find-fix-finish, personal-surveillance, face-recognition, or phone-location pattern is included.
- DEFONEOS-SEAL is not issued here and requires BFT quorum plus owner gate.
- Public links only. Buyer-specific sensitive data must not be pasted into this page.
- Generated 2026-07-11T08:07:40Z. File slug defoneos-onboarding.