GCCF V1.0 — GOVERNMENT CAPITAL CONTROL FRAMEWORK — IFO4 / NTDG — 2026
GCCF
GOVERNMENT CAPITAL CONTROL FRAMEWORK · V1.0
Every Dollar Under Change,
Governed.
GCCF is the operating framework that governs every dollar under change across government and defense - from allocation and execution to savings validation, risk forecasting, and audit-ready control.
Drift Sentinel detected $2.4M budget variance on Program ALPHA2s ago CORE PURPOSE
Not a Dashboard. A Control Architecture.
GCCF sits between policy and execution - above tools, below law and regulation, across finance, procurement, programs, cloud, vendors, and missions. It answers the 6 questions governments constantly fail to answer in one place.
01What money is changing right now?
02Who owns it?
03What mission or program is it tied to?
04Is it healthy, drifting, or failing?
05What evidence proves the spend, savings, or risk?
06What action should happen now?
DESIGN PRINCIPLES
Six Immutable Rules
2.1Every dollar under change must be visible
Any dollar moving through proposal, approval, obligation, execution, change, recovery, or termination must be represented in the framework.
2.2Every change must have an owner
No initiative, contract action, or variance may exist without a named accountable owner.
2.3Every savings claim must have a receipt
Savings are not accepted as a narrative. They require evidence, lineage, calculation logic, and approval.
2.4Every control must be operational
Controls are not policy text alone. They must drive routing, escalation, alerts, and action.
2.5Every forecast must be tied to mission impact
Cost forecasting without program, readiness, or outcome context is incomplete.
2.6Every platform decision must be auditable
Logs, rule evaluations, approvals, and evidence objects must be retained as part of normal operation.
8 CONTROL DOMAINS
The GCCF Domain Model
📊DOMAIN 01
Capital Visibility
See all money under change
▼👤DOMAIN 02
Ownership & Accountability
Every dollar has a named owner
▼🎯DOMAIN 03
Allocation & Value Mapping
Tie capital to intended mission outcome
▼🏥DOMAIN 04
Capital Health Scoring
Measure whether initiatives are healthy
▼⚠️DOMAIN 05
Drift & Waste Detection
Detect deterioration before it becomes loss
▼📝DOMAIN 06
Receipt-Backed Savings
Prove savings with evidence, not estimates
▼🔮DOMAIN 07
Risk Forecasting
Predict overruns and control breakdowns
▼🏛️DOMAIN 08
Executive Governance
Make governance executable
▼CAPITAL UNDER CHANGE
12-State Dollar Lifecycle
This is the heart of "capital under change." Every capital object moves through controlled states - from proposal to value realization. Governments track budget lines and contracts, but not the life-state of money under change. Until now.
⚡In Execution
STATE 06 OF 12
Active spend. Work in progress. Deliverables being produced.
OPERATING MODEL
Four-Layer Architecture
L1Policy & Authority
Statutory, regulatory, and governance environment. A-123, budget authority, acquisition rules, security standards.
L2Capital Control Model
The GCCF standard itself. Domains, states, control logic, ownership model, evidence model, scoring model.
L3Execution Platform
The operational control plane. Value ledger, receipt engine, health scoring, drift detection, forecasting, action orchestration.
L4Mission Execution
The business of control. Triage, escalations, corrective actions, descoping, deobligation, renegotiation, savings validation.
CONTROL MATRIX
9 Control Families
Control Family
Intent
Example Control
Ensure capital is representedNo capital object above threshold may exist outside ledger Ensure accountabilityActive spend requires named accountable owner Enforce authorityChanges above threshold require approval chain Support receiptsSavings claim cannot close without evidence set Detect deteriorationBurn variance over threshold creates drift alert Predict exposure90-day forecast refresh required on cadence Protect system and dataLeast-privilege access and immutable logging Govern deviationsAll policy exceptions require expiration + approver Preserve assurance recordAll material actions written to immutable audit log MATURITY MODEL
Four Levels of Control Maturity
L1
Visible
The organization can see spend but has weak control.
◆Fragmented reporting
◆Limited ownership
◆Manual evidence
◆Lagging insight
L2
Controlled
Core controls exist and material spend is governed.
◆Standard ownership model
◆Threshold approvals
◆Basic receipt model
◆Drift alerts on major items
L3
Predictive
The organization forecasts and intervenes early.
◆Health scoring
◆Forecast cones
◆Risk-based triage
◆Savings verification discipline
L4
Autonomous
Controls drive action automatically with human governance.
◆Policy-as-code
◆Orchestrated escalations
◆AI recommendations
◆Continuous evidence generation
DATA STANDARD
The GCCF Data Spine
Base LayerPRISM Specification
Normalized cost and usage across cloud and technology sources
ClassificationTBM Federal Extension
Management classification and reporting taxonomy
Control LayerGCCF Ledger Schema
Ownership, health, receipts, risk, control status, lifecycle state, corrective action
LOCALIZATION MODEL
One Framework. National Overlays.
GCCF is not one country's framework. It is a common capital-governance architecture with national overlays. The core stays the same. Only the localization layer changes.
🌐
GCCF-Core
◆Lifecycle states
◆Value ledger
◆Receipt engine
◆Health scoring
◆Drift model
◆Control matrix
◆Forecasting
◆Operating model
🇺🇸
GCCF-US
◆OMB A-123 / A-11
◆Agency internal controls
◆FAR / DFARS
◆CUI / FICAM / NIST
◆FedRAMP overlays
EXPLORE →🇬🇧
GCCF-UK
◆HM Treasury controls
◆Government Security Classifications
◆MOD / NHS reporting model
EXPLORE →🛡️
GCCF-NATO
◆Multinational funding
◆Alliance program structures
◆Shared mission controls
◆Cross-country vendor governance
EXPLORE →GCCF DOCTRINE
"DOGE can show savings. GCCF governs the system that makes those savings real, provable, and repeatable."
GCCF CharterDomain ModelControl MatrixData StandardNTDG Operating Model