impediment-prioritization

Impediment Prioritization Skill

A domain-agnostic skill for ranking impediments and their countermeasures. Works with any {impediment, countermeasure} list — GHQR findings, audit results, retro action items, risk registers, architecture review gaps, etc.

When to Activate

Activate when the user:

• Asks to prioritize, rank, sequence, or triage impediments, gaps, risks, findings, or remediation items
• Provides a list of impediments with proposed countermeasures (or asks you to propose countermeasures for a list of problems)
• Asks "what should we fix first" on any improvement / remediation backlog
• Mentions value-stream prioritization, A3 countermeasures, ROI-vs-effort, or lean impediment ranking

Inputs

Accepted input: a list of {impediment, countermeasure} pairs. Sources include (non-exhaustive):

Source	Maps to Impediment	Maps to Countermeasure
GHQR / health-check findings	Finding or gap (Status ≠ Expected)	Recommendation / expected value
Audit results	Non-conformance	Remediation action
Retrospective	"What went wrong" item	Agreed improvement
Risk register	Risk	Mitigation
Architecture review	Gap vs. target state	Proposed change
User free-form list	Problem statement	Proposed fix

Rules:

• One countermeasure per impediment. If the input suggests multiple remediation paths, select the primary one and note alternatives in the rationale — do not emit multiple rows for the same impediment.
• Collapse duplicates before scoring.
• If a source link / citation is available, attach it to the countermeasure.
• If a confidence level is available on the source, surface it as an optional Confidence column.

Scoring Rubric (1–10 scales)

Score each impediment's countermeasure against all four criteria. See references/scoring-rubric.md for anchoring examples at the 1 / 5 / 10 levels across multiple domains (platform engineering, security, SRE, application development, governance).

Criterion	Scale	Definition
Return on Investment (ROI)	1 = low, 10 = high	Efficiency gain delivered by the countermeasure to this step AND to the overall value stream. Not purely financial — weight throughput, cycle-time reduction, defect removal, user / developer experience, and compliance lift.
Cost to Implement	1 = inexpensive, 10 = very expensive	Human capital (salary + time of people needed) plus any purchases, licenses, or infrastructure required to implement the countermeasure.
Ease of Deployment	1 = extremely hard, 10 = very easy	Remediation effort required to actually deploy the countermeasure end-to-end. Reflects technical complexity, change-management burden, and rollback risk.
Risk Factor	1 = low risk, 10 = very high risk	Risk weighted on impact to the overall value stream if the countermeasure goes wrong, stalls, or is deferred.

Every score must be accompanied by a one-line rationale. When a score is an estimate rather than drawn from explicit data, mark the rationale with (estimated).

Formula

Priority = ((ROI * (10 / Cost)) + (Ease * (10 / Risk))) / 2

• Theoretical range: 1 → 100. Practical range on typical backlogs: ~1 → 100.
• The scale minimum of 1 guarantees Cost and Risk are never zero (no divide-by-zero).
• Higher Priority = do first.
• Boundary checks:
  • ROI=10, Cost=1, Ease=10, Risk=1 → ((10*10)+(10*10))/2 = 100
  • ROI=1, Cost=10, Ease=1, Risk=10 → ((1*1)+(1*1))/2 = 1

Use the formula verbatim. Do not reweight, normalize, or substitute.

Method (agent procedure)

1. Ingest the impediment list. Confirm 1:1 impediment-to-countermeasure mapping; collapse duplicates.
2. Confirm the countermeasure for each impediment. Prefer documented best practice for the domain. Cite a public / authoritative link when one is available.
3. Score all four criteria using the rubric. Write a one-line rationale per criterion.
4. Compute Priority using the formula. Round to one decimal place.
5. Sort rows by Priority descending. Assign Rank starting at 1.
6. Render the output table (see below).
7. Call out the top 3 impediments with a short "why act first" paragraph.
8. Optional tags: if the workflow requires ownership flags (e.g., [CSA Action Required] vs. [Customer Self-Service] for GHQR/PAK, or [Owner: Team X] / [Self-Service] for internal backlogs), include them on the top-ranked items. Skip if not requested.

Output Template

## Prioritized Impediments

**Scoring:** ROI (1 low → 10 high), Cost (1 cheap → 10 expensive), Ease (1 hard → 10 easy), Risk (1 low → 10 high).
**Formula:** `Priority = ((ROI * (10/Cost)) + (Ease * (10/Risk))) / 2`

| Rank | Impediment | Countermeasure | ROI | Cost | Ease | Risk | Priority | Rationale |
|------|------------|----------------|-----|------|------|------|----------|-----------|
| 1 | [gap] | [action + link] | [n] | [n] | [n] | [n] | [n.n] | ROI: …<br>Cost: …<br>Ease: …<br>Risk: … |

### Top 3 — Act First
1. **[Impediment]** — [why it wins on the formula + optional ownership tag]
2. …
3. …

Worked example (GitHub Enterprise adoption):

Rank	Impediment	Countermeasure	ROI	Cost	Ease	Risk	Priority	Rationale
1	2FA not enforced at org level	Enforce org-wide 2FA (docs)	9	2	8	2	42.5	ROI: removes broad credential-compromise class Cost: admin toggle + member comms Ease: single org setting, members re-enroll Risk: low — can stage with grace period
2	Secret scanning disabled	Enable secret scanning + push protection org-wide (docs)	8	3	7	3	25.0	ROI: catches leaked creds pre-merge Cost: GHAS seats if not bundled (estimated) Ease: org-level default Risk: push-protection may block legitimate commits; stage per repo
3	No CODEOWNERS on critical repos	Add CODEOWNERS to top-20 repos (docs)	6	4	6	4	15.0	ROI: targeted review coverage Cost: team time to define owners (estimated) Ease: file-level change, but requires owner buy-in Risk: review bottlenecks if owners undersized

Worked example (generic retrospective action items):

Rank	Impediment	Countermeasure	ROI	Cost	Ease	Risk	Priority
1	Flaky test suite blocks deploys daily	Quarantine top-10 flaky tests + add retry policy	9	2	8	2	42.5
2	No on-call runbook for payment service	Draft runbook from last 3 incidents	7	3	8	2	31.7
3	Manual release notes take 2h/release	Generate from Conventional Commits via CI	6	4	5	3	15.8

Assumptions & Guardrails

• Scores are estimates informed by the rubric and any available source / citation. Mark estimated rationales explicitly with (estimated).
• Never fabricate context (team size, budget, tool inventory, organizational constraints). If required, ask the user or mark the score as estimated.
• Final ranking is a recommendation — it should be reviewed with the accountable team / owner before it's committed to an execution plan.
• Read-only by default — this skill does not execute remediations; it produces a ranked list consumed downstream.

Downstream Integration (optional)

The ranked table produced by this skill is the deliverable. Wire it into whatever downstream artifact your workflow needs (Jira epic, ADR, OKR backlog, incident review, health check report, etc.). This skill does not depend on any sibling skills or external templates.