GCCF V1.0 โ GOVERNMENT CAPITAL CONTROL FRAMEWORK โ IFO4 / NTDG โ 2026
GCCF
GOVERNMENT CAPITAL CONTROL FRAMEWORK ยท V1.0
Every Dollar Under Change,
Governed.
GCCF is the operating framework that governs every dollar under change across government and defense - from allocation and execution to savings validation, risk forecasting, and audit-ready control.
Drift Sentinel detected $2.4M budget variance on Program ALPHA2s ago CORE PURPOSE
Not a Dashboard. A Control Architecture.
GCCF sits between policy and execution - above tools, below law and regulation, across finance, procurement, programs, cloud, vendors, and missions. It answers the 6 questions governments constantly fail to answer in one place.
01What money is changing right now?
02Who owns it?
03What mission or program is it tied to?
04Is it healthy, drifting, or failing?
05What evidence proves the spend, savings, or risk?
06What action should happen now?
DESIGN PRINCIPLES
Six Immutable Rules
2.1Every dollar under change must be visible
Any dollar moving through proposal, approval, obligation, execution, change, recovery, or termination must be represented in the framework.
2.2Every change must have an owner
No initiative, contract action, or variance may exist without a named accountable owner.
2.3Every savings claim must have a receipt
Savings are not accepted as a narrative. They require evidence, lineage, calculation logic, and approval.
2.4Every control must be operational
Controls are not policy text alone. They must drive routing, escalation, alerts, and action.
2.5Every forecast must be tied to mission impact
Cost forecasting without program, readiness, or outcome context is incomplete.
2.6Every platform decision must be auditable
Logs, rule evaluations, approvals, and evidence objects must be retained as part of normal operation.
8 CONTROL DOMAINS
The GCCF Domain Model
๐DOMAIN 01
Capital Visibility
See all money under change
โผ๐คDOMAIN 02
Ownership & Accountability
Every dollar has a named owner
โผ๐ฏDOMAIN 03
Allocation & Value Mapping
Tie capital to intended mission outcome
โผ๐ฅDOMAIN 04
Capital Health Scoring
Measure whether initiatives are healthy
โผโ ๏ธDOMAIN 05
Drift & Waste Detection
Detect deterioration before it becomes loss
โผ๐DOMAIN 06
Receipt-Backed Savings
Prove savings with evidence, not estimates
โผ๐ฎDOMAIN 07
Risk Forecasting
Predict overruns and control breakdowns
โผ๐๏ธDOMAIN 08
Executive Governance
Make governance executable
โผCAPITAL UNDER CHANGE
12-State Dollar Lifecycle
This is the heart of "capital under change." Every capital object moves through controlled states - from proposal to value realization. Governments track budget lines and contracts, but not the life-state of money under change. Until now.
โกIn Execution
STATE 06 OF 12
Active spend. Work in progress. Deliverables being produced.
OPERATING MODEL
Four-Layer Architecture
L1Policy & Authority
Statutory, regulatory, and governance environment. A-123, budget authority, acquisition rules, security standards.
L2Capital Control Model
The GCCF standard itself. Domains, states, control logic, ownership model, evidence model, scoring model.
L3Execution Platform
The operational control plane. Value ledger, receipt engine, health scoring, drift detection, forecasting, action orchestration.
L4Mission Execution
The business of control. Triage, escalations, corrective actions, descoping, deobligation, renegotiation, savings validation.
CONTROL MATRIX
9 Control Families
Control Family
Intent
Example Control
Ensure capital is representedNo capital object above threshold may exist outside ledger Ensure accountabilityActive spend requires named accountable owner Enforce authorityChanges above threshold require approval chain Support receiptsSavings claim cannot close without evidence set Detect deteriorationBurn variance over threshold creates drift alert Predict exposure90-day forecast refresh required on cadence Protect system and dataLeast-privilege access and immutable logging Govern deviationsAll policy exceptions require expiration + approver Preserve assurance recordAll material actions written to immutable audit log MATURITY MODEL
Four Levels of Control Maturity
L1
Visible
The organization can see spend but has weak control.
โFragmented reporting
โLimited ownership
โManual evidence
โLagging insight
L2
Controlled
Core controls exist and material spend is governed.
โStandard ownership model
โThreshold approvals
โBasic receipt model
โDrift alerts on major items
L3
Predictive
The organization forecasts and intervenes early.
โHealth scoring
โForecast cones
โRisk-based triage
โSavings verification discipline
L4
Autonomous
Controls drive action automatically with human governance.
โPolicy-as-code
โOrchestrated escalations
โAI recommendations
โContinuous evidence generation
DATA STANDARD
The GCCF Data Spine
Base LayerPRISM Specification
Normalized cost and usage across cloud and technology sources
ClassificationTBM Federal Extension
Management classification and reporting taxonomy
Control LayerGCCF Ledger Schema
Ownership, health, receipts, risk, control status, lifecycle state, corrective action
LOCALIZATION MODEL
One Framework. National Overlays.
GCCF is not one country's framework. It is a common capital-governance architecture with national overlays. The core stays the same. Only the localization layer changes.
๐
GCCF-Core
โLifecycle states
โValue ledger
โReceipt engine
โHealth scoring
โDrift model
โControl matrix
โForecasting
โOperating model
๐บ๐ธ
GCCF-US
โOMB A-123 / A-11
โAgency internal controls
โFAR / DFARS
โCUI / FICAM / NIST
โFedRAMP overlays
EXPLORE โ๐ฌ๐ง
GCCF-UK
โHM Treasury controls
โGovernment Security Classifications
โMOD / NHS reporting model
EXPLORE โ๐ก๏ธ
GCCF-NATO
โMultinational funding
โAlliance program structures
โShared mission controls
โCross-country vendor governance
EXPLORE โGCCF DOCTRINE
"DOGE can show savings. GCCF governs the system that makes those savings real, provable, and repeatable."
GCCF CharterDomain ModelControl MatrixData StandardNTDG Operating Model