EGP Microsoft 365 Managed Admin Services Rate Card v2 · 24-Persona Multi-Lens Synthesis

Persona: {{24 EGP PPMO+ personas + 4 EGP committees + Pinnacle-II Global 10 + Microsoft Partner / FastTrack supplemental}}

Status: Marc-locked DRAFT v2 · 2026-06-27 · LIVE for Marc review · v1 PRESERVED by reference (never overwritten)

v1 source (read-only canonical): /Volumes/LaCie/ Claude/Sales Pipeline/00148-EGP-CDAIO-Knowledge-Access/registries/EGP-MICROSOFT-MANAGED-ADMIN-RATE-CARD-2026-06-27_v1.md · md5 10c25b0e2ba5a0433e8cbb7318226573

Audience: ExCom+ · Marc · PPMO+ leads · Vadi · Vesta · Hakeem

v2 purpose: stress-test v1's 5-service stack with 24 independent lenses · produce KEEP/MODIFY/DROP consensus matrix · propose MaraHealth Invoice 4 v3 amount

1. Executive Framing

v1 shipped the 5-service stack (Identity/CA $5.49 · Endpoint $6.49 · Autopatch $4.99 · DLP $5.99 · Posture $4.95) layered over M365 Business Premium ($27.50) and Teams Phone ($18.99). Blended per-seat customer rate: $74.40 · 101% blended margin loaded vs $37.00 wholesale. v1 stands. v2 does NOT re-author the wholesale base, the Microsoft Learn citation set, or the underlying refutation logic. v2 ASKS: does this stack survive 24 independent professional lenses, and what does each lens want to change?

This document is the consensus + dissent matrix. Each of the 24 voices below produces a 1-page lens analysis with explicit KEEP / MODIFY / DROP votes per service and a preferred price. The synthesis section tallies the votes, identifies median pricing, and proposes either (a) ship v1 unchanged, (b) ship v2 modified, or (c) shape vN+1.

Headline finding (jumping ahead to §27): 23 of 24 personas vote KEEP on Services 1, 3, 5. Service 2 (Endpoint) draws 6 MODIFY votes (rename to defuse SOC confusion). Service 4 (DLP) draws 4 MODIFY votes (re-price upward to $6.49 reflecting healthcare value). Median preferred bundle price across 24 voices: $74.85/user/mo · $0.45 above v1 · within noise. Recommendation: ship v1 stack unchanged, adopt the rename for Service 2 (EnRoute Endpoint Sentry) and the upward re-price of Service 4 to $6.49 in v3. MaraHealth Invoice 4 v3 target: $209.34/mo (+$2.09 vs v2).

2. Method

Each persona received the v1 document in full and answered five questions:

Through your lens, what is right about the 5-service stack?
What would you change · add · remove · re-price · re-bundle? Be specific in dollars or specific in action.
What MUST be preserved?
Per-service vote: KEEP / MODIFY / DROP each of S1 through S5.
Preferred price per service (5 numbers).

Plus: one-line client narrative through your lens, one-line risk register.

Voting personas (24): 10 EGP PPMO+ leads + 4 EGP committees + 10 Pinnacle-II Global firms. Microsoft Partner and Microsoft FastTrack lenses are SUPPLEMENTAL (informative · do not vote · their perspective surfaces what Microsoft itself funds or expects).

PART I · EGP PPMO+ (10 voices)

3. Gemma · CMO · Brand & Narrative Lens

The 5-service stack is technically defensible but linguistically inert. "Service 1," "Service 2," etc. is operator language, not customer language. v1 §11 item 3 already queued the rebrand and I am calling it now: every service gets a brand-coded name that customers can say in a board meeting without sounding like they're reading a spreadsheet. Identity Shield, Endpoint Sentry, Patch Cadence, Data Guard, Compliance Beacon. The customer narrative shifts from "we sold them five services" to "we deployed the Shield · Sentry · Cadence · Guard · Beacon framework," which sounds like a methodology they bought into, not a line-item bundle they can negotiate down.

I would also push the Hosting Lite line out of the per-seat rate card into a separate tenant fee row in every quote so the per-seat number reads as the clean $74.40 instead of getting muddled with $59.99 flat. Brand consistency: every service name maps to a one-syllable customer outcome (Shield protects, Sentry watches, Cadence keeps rhythm, Guard holds the line, Beacon signals). No jargon.

PRESERVE: the under-30-minutes EGP labor commitment and the "we monitor; we do not respond" line from §7-Q3. Both are brand-defining boundaries.

Vote · Price: S1 MODIFY $5.49 · S2 MODIFY $6.49 · S3 MODIFY $4.99 · S4 MODIFY $5.99 · S5 MODIFY $4.95 (all MODIFY = rename only, prices held)

Client narrative: "Your Microsoft 365 stack runs the EnRoute Shield · Sentry · Cadence · Guard · Beacon framework."

Risk: the numeric labels survive into a customer-facing quote and the customer asks "can I drop Service 2?"

4. Vesta · CDAIO COS · KnowledgeCore Substrate Lens

Each of the 5 services must register as a first-class artifact in KnowledgeCore with a stable schema: service-id · microsoft-feature-uri · enable-runbook · monthly-review-runbook · evidence-template · per-tenant-state-pointer. v1 ships the prose but does not ship the schema. Without the schema, every monthly Lighthouse review becomes a free-form prose blob that the next persona shift cannot re-execute deterministically. I want EGP-MICROSOFT-SERVICE-CATALOG.json next to the rate card · 5 entries · each entry a runbook pointer into tools/.

I would also formalize the monthly review cadence as a launchd job (com.egp.msft-tenant-monthly-review) per customer tenant rather than a calendar reminder for a human. The 4-to-6 minute labor estimates per service in v1 are honest only if the labor pulls a pre-built dashboard view, not if a persona has to remember which Lighthouse tab to open.

PRESERVE: the 5-service decomposition. The five services map cleanly to five Microsoft auto-features, which gives KnowledgeCore a clean 5-row substrate.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Five services · five Microsoft auto-features · five KnowledgeCore runbooks · five lines on your invoice."

Risk: without the schema, the monthly cadence drifts within 60 days and the labor commitment becomes unhonest.

5. Betty · Chief Tax · ASC 606 Revenue Recognition Lens

This is two distinct revenue streams that the v1 rate card lumps into one customer invoice. Stream A: NCE license resale (M365 BP $27.50 + Teams Phone $18.99). Under ASC 606, EGP is the PRINCIPAL on indirect CSP resale (EGP sets price, holds inventory risk, takes credit risk on the customer), recognize gross at $46.49 with $37.00 COGS to Ingram. Stream B: managed admin services (S1-S5 totaling $27.91). EGP is the SERVICE PROVIDER, recognize over time as the monthly cadence is delivered, no COGS material.

The implication: invoice line items must SEPARATE the two streams so the GL classification reads correctly. Right now §9 v1 MaraHealth Invoice 4 v2 shows S1-S5 as line items mixed with the license lines, which is fine for the customer-facing invoice but the internal accounting must split: license-resale revenue (Stream A) · managed-services revenue (Stream B). For year-end audit, Stream B is the higher-quality recurring revenue (no COGS, no Microsoft repricing risk).

Tax classification: license-resale is software-as-service in most state nexus tests · taxable in CO, NM, NY, PA, SC, TX, WA. Managed-admin-services is consulting-services · taxable in HI, NM, SD, WV. EGP needs the GL split to apply the correct state sales tax per stream.

PRESERVE: the customer-facing single-invoice presentation. Split is internal only.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: customer-facing unchanged · internal GL split codified.

Risk: without the GL split, sales tax under-collection on managed-services in 4 states; audit-trail failure if revenue concentration test triggers at year-end.

6. Oliver · Senior Strategy · Phased Execution Lens

v1 ships the rate card. v1 does not ship the rollout. I want a 90 · 180 · 365 cadence:

Day 0 to 30: apply to all new Microsoft prospects (default-action option a from §11 item 2). MaraHealth gets v2 staged DRAFT, decision queued. Peds 360 + grandfathered at current rates. New-quote template shipped to Vadi.

Day 30 to 90: Lighthouse-driven monthly cadence proven across 5 paying tenants. Labor logs captured. If aggregate labor exceeds 30 minutes per tenant per month, re-price upward in v3.

Day 90 to 180: sweep the 278 sub-account base. Flag tenants where the 5-service stack adds material lift. Issue targeted upsell quotes. Hosting Lite tenants without M365 get a Stream A only quote (license resale).

Day 180 to 365: measure realized margin vs the 25-33% envelope. If realized blended margin holds above 90%, ship v3 with Service 4 re-priced upward (per consensus matrix §27).

PRESERVE: the under-30-minutes labor commitment. It is the strategic moat.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 MODIFY $6.49 · S5 KEEP $4.95

Client narrative: "Phase 1 prospectively · Phase 2 your tenant within 90 days · Phase 3 sweep."

Risk: Phase 2 labor metric drift signals MSP-creep · we must re-price OR re-scope before Phase 3.

7. Octavio · Senior Strategy · Portfolio Diversification Lens

Single-vendor concentration on Microsoft is a strategic exposure. v1 is correct that the 5-service stack rides Microsoft auto-features, but EGP's portfolio cannot bet only on Microsoft. I want a parallel rate card track at the same 5-service decomposition mapped to Google Workspace + Google Endpoint Management + Chronicle/SCC: 5 services riding Google auto-features. Same 25-33% envelope. Same under-30-minutes commitment.

The Microsoft rate card stands. v2 should explicitly reference that a Google Workspace mirror card is in the pipeline (sister artifact in 00146-EGP-TechStack/Google-Workspace/) so customers on Workspace are not orphaned. Diversification protects EGP if Microsoft re-prices NCE wholesale by more than 5% in any 90-day window (§7-Q8 in v1).

I would also reserve a spot for an AWS / IAM Identity Center mirror card if any SCP-adjacent customer runs on AWS Workspaces.

PRESERVE: the 5-service decomposition framework. It generalizes.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "5-service framework · Microsoft · Google · AWS · all at the same envelope."

Risk: customer hears "Microsoft only" and goes shopping for a Workspace alternative.

8. Clarise · Custodian · Defensive Design & Audit Trail Lens

Per service per tenant per month, EGP must capture: (a) timestamp of monthly review action, (b) Lighthouse screenshot or API pull stored in evidence vault, (c) the specific finding (drift detected · clean · exception queued), (d) any customer-facing summary issued, (e) persona signature. v1 says "4 minutes Lighthouse risk review" for S1 but does not specify what evidence persists. If a customer's auditor asks "show me the 12 months of Service 5 deliverables you charged $59.40 for," EGP needs to put 12 PDFs on the table with timestamps and signatures.

I want EGP-MSFT-EVIDENCE-VAULT/<tenant>/<YYYY-MM>/<service>.{json,pdf,png} as the canonical evidence path. The monthly cadence runbook produces evidence as a side effect. No evidence · no invoice that month for that service.

PRESERVE: the §7-Q3 line "we monitor; we do not respond." That is the defensive perimeter.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Every service charge ships with a timestamped, signed monthly evidence packet."

Risk: Lighthouse API rate-limit changes break the evidence pull · need fallback to screenshot.

9. Claudia · Customer Success · Objection-Handling & UX Lens

Service 2 is the objection landmine. v1 §7-Q3 explicitly addresses "Service 2 sounds like SOC services" because the language IS SOC-adjacent. "Endpoint Threat Containment" · "Attack Disruption Oversight" · these phrases echo SOC marketing. The first three customer calls will all ask "do you have a SOC?" and the answer is "no, Microsoft's AI does the work." That works for sophisticated buyers and confuses unsophisticated ones.

Rename Service 2 per Gemma's brand framework (EnRoute Endpoint Sentry) AND insert an explicit "what this is NOT" line directly under the service description in the customer-facing quote: "This is not a Security Operations Center engagement. We monitor Microsoft Defender's exception queue monthly. If a real incident is detected, we refer you to an Incident Response firm within 1 business day."

Add a sentence to §6 cover letter: "Question 3 in the FAQ explains why Service 2 is not SOC." Pre-empt the question.

PRESERVE: §7-Q3 verbatim. It already does the work; we just need to surface it earlier.

Vote · Price: S1 KEEP $5.49 · S2 MODIFY $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Five clearly bounded services · no surprises · no SOC fantasy."

Risk: without the rename + pre-empt, churn risk on Service 2 within first 6 months.

10. Hakeem · Engineering · Automation & Low-Touch Fulfillment Lens

Every minute of the under-30-minutes labor commitment MUST be tool-mediated, not human-attention-mediated. Microsoft Graph API · Lighthouse REST · Intune Graph · Compliance Manager API. I will build five tools in tools/:

egp_msft_s1_identity_review.py · pull Entra risky-sign-in events · render 1-page customer summary
egp_msft_s2_action_center_review.py · pull Defender Action Center exceptions · flag any pending release-from-containment
egp_msft_s3_autopatch_status.py · pull Autopatch management status · render compliance %
egp_msft_s4_compliance_score.py · pull Compliance Manager score · render delta vs prior month
egp_msft_s5_lighthouse_drift.py · pull Lighthouse drift report · render 1-page posture summary

All 5 tools share a common _egp_msft_graph_auth.py PIT-cache library aligned to the 7-path GHL sub-account auth resolver pattern (2026-06-25 canon). Marc-decision is queue not block: if API auth fails on any path, escalate to Marc with audit trail · do not silently fail.

Aggregate monthly labor target across all 5 services per tenant: 8 minutes (down from 30) once the tools are stable. The 30-minute commitment in v1 is the headroom for the first 5 tenants; thereafter it falls.

PRESERVE: the headline "under 30 minutes." Build to beat it · do not over-promise.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Five services · five tools · five summaries · eight minutes of EGP attention per tenant per month."

Risk: Graph API auth path failure on a new tenant · escalation path must be clean.

11. Vadi · CMO · Campaign Acquisition Lens

The campaign headline writes itself: "Save $10.60 per user per month vs true MSP" (§7-Q9). At 25 users that is $3,180 per year retained. That is the LinkedIn ad. That is the SMS hook. That is the cover-letter open paragraph for outbound.

I want three campaigns aligned to this rate card:

Cold outbound · "$10.60 saved per user per month" · target SMBs currently paying MSP at $85+ · Migadu inbox cluster · NEPQ-style discovery
MaraHealth Alliance vertical · target HIPAA-adjacent practices · lead with §7-Q5 DLP defense
Peds 360 + grandfathered · no campaign; warm renewal at current rates · upsell v3 at 12-month mark

Re-use existing artifact EGP-MICROSOFT-SMS-CAMPAIGN-REWRITE-20260421 for SMS variant. Each campaign needs a landing page rendered from this rate card · auto-built from the existing CF Pages pattern.

PRESERVE: the $10.60 / $74.40 / $85 numerical triangle. It is the entire campaign.

Vote · Price: S1 KEEP $5.49 · S2 MODIFY $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "$10.60 saved per user per month vs true MSP · same automated outcomes."

Risk: if customer compares us to ad-hoc MSP at $65/user (not $85), the gap closes and the headline weakens.

12. Willemena · PPMO-HQ Outbound + Forms · Operational Cadence Lens

The monthly Lighthouse summary delivery to the customer is itself a recurring outbound · five summaries · five send-templates · five Mailgun routes. I want EGP-MSFT-MONTHLY-SUMMARY-CADENCE-2026-06-27.json registered in the outbound cadence registry: per tenant per month, on the 5th business day, send the 1-page Lighthouse posture summary to the customer-of-record with cc to AM. Email render uses Hakeem's tool output directly · zero hand-edit.

Form-builder integration: the customer onboarding form (the one that captures tenant ID, primary contact, MFA admin escalation contact, IR-firm referral preference) lives in GHL HQ Main. I will provision the form within 24 hours of Marc's prospective-rollout decision. Form ID and webhook will hit egp_msft_onboarding_intake.py.

Send cadence respects the 2026-06-25 sending-domain canon: marketing comms (Vadi's three campaigns above) go on the marketing brand pool (enrouteexchange.info preferred). Operational comms (monthly summary deliveries) go on mg.relay.egp1.io or email.mg.enroutegrowthplatform.io per transactional carve-out.

PRESERVE: the canonical sending-domain split. Customer monthly summaries are transactional, not marketing.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Your monthly Microsoft posture summary lands by the 5th business day · every month · automatically."

Risk: monthly summary email lands in spam due to domain mis-routing · customer perceives ghost service.

PART II · EGP Committees (4 voices)

13. ExCom+ · Governance & Materiality

The committee tested the rate card against a materiality threshold: does the +$71.88/mo per MaraHealth tenant (v1 §9 delta) compound into material recurring revenue at the portfolio level? 278 sub-accounts at average 0.6 take-rate = ~167 tenants. At median +$72/mo per tenant = ~$12,000/mo · $144,000/year recurring revenue lift. That clears the materiality threshold.

Governance asks: who signs off when Microsoft auto-action mis-fires (e.g., Defender contains a legitimate device, customer is locked out, escalation needed)? v1 §7-Q3 says "we refer to an IR firm." ExCom+ wants the IR-firm referral panel formalized in the v2 onboarding form (Willemena's intake): customer pre-selects from 3 EGP-vetted IR firms · referral SLA = 1 business day · EGP is held harmless on outcome.

Recurring rate-review cadence: NCE wholesale checked monthly · if Microsoft moves >5% in 90 days, customer rate adjusts per §7-Q8. ExCom+ requires written 30-day notice template (Vadi to draft) and a quarterly margin attestation from Hakeem.

PRESERVE: the 25-33% envelope as the floor. Do not negotiate below.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 MODIFY $6.49 · S5 KEEP $4.95

Client narrative: "EGP holds your floor · Microsoft holds the automation · you hold the outcome."

Risk: without IR-firm pre-select, an incident escalation creates ambiguity and liability exposure.

14. DaCom · Delivery & Automation Committee · Pipeline Resilience

The 5 services collapse into 5 tool runs · 5 evidence artifacts · 5 customer summaries · 1 monthly send. DaCom wants a single orchestrator egp_msft_tenant_monthly_orchestrator.py that fans out the 5 tool runs in parallel · gates on all 5 succeeding · then triggers the monthly send. Failure of any one tool blocks the send and queues a Marc-decision alert.

Pipeline resilience requirements:

Graph API auth fallback to web-cookie path (path 6 of canonical 7-path resolver) before queueing to Marc
Idempotent re-run within same calendar month (no duplicate sends)
Send-status webhook captured in EGP-MSFT-MONTHLY-SUMMARY-CADENCE-2026-06-27.state.json
24-hour retry envelope before raising P1

The 30-minute labor commitment in v1 is honest only if the orchestrator runs unattended. If a persona has to babysit the monthly run, it is no longer under-30-minutes.

PRESERVE: the 5-service decomposition. The 5 tools map 1:1.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Five tools · one orchestrator · zero babysitting."

Risk: orchestrator silent-fails on a tenant for 3 months · invoiced services · no evidence · customer churn + clawback.

15. GenCom · Writer's Room · Narrative Consistency

The cover letter (§6), the FAQ (§7), the comparison table (§8), and the MaraHealth proposal (§9) must all use the same vocabulary. GenCom audit:

"Managed Admin Services" used 11 times · consistent
"True MSP" used 14 times · consistent
"Microsoft auto-feature" mentioned but the noun shifts ("auto-mechanism" · "auto-action" · "automatic") · standardize on "auto-feature"
"Lighthouse" introduced in S5 but referenced earlier · add a one-line glossary at top of §4

For the customer-facing rebrand (Gemma's framework), GenCom requires a verbal-anchor map: customer-says "EnRoute Identity Shield" · internal-says "Service 1 · Identity + CA." Both vocabularies coexist · neither replaces the other · cover letter uses brand vocabulary, internal runbooks use service-number vocabulary.

The MaraHealth Invoice 4 customer-facing line item should read with the brand vocabulary even though the internal GL split (Betty's lens) uses the service-number vocabulary.

PRESERVE: the §7-Q3 verbatim ("we monitor; we do not respond"). Highest-quality sentence in the document.

Vote · Price: S1 KEEP $5.49 · S2 MODIFY $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Same vocabulary every artifact · cover letter to invoice line · zero customer confusion."

Risk: narrative drift between v2 marketing and v3 marketing as new artifacts compound.

16. PanCom · Cross-Cutting Integrity · Invariant Enforcement

The rate card claims under-30-minutes per customer per month. PanCom invariant: this claim must be measurable, auditable, and falsifiable. Required instrumentation:

Each tool run emits a labor-attribution timestamp (start · end · persona-id)
Monthly aggregate per tenant logged to EGP-MSFT-LABOR-LEDGER.jsonl
Quarterly attestation: persona-aggregate labor / tenant-count = average labor per tenant per month
If average exceeds 30 min for 2 consecutive quarters, raise P0 to ExCom+ · re-price the stack or re-scope

The rate card claims "Microsoft does the work automatically" against 16 Microsoft Learn citations. PanCom invariant: each citation has a last-verified date · re-verify quarterly · if Microsoft changes a feature gate (e.g., Hotpatch eligibility narrows, Lighthouse pricing changes for CSP), surface within 30 days.

The rate card claims "we do not respond." PanCom invariant: ANY persona that initiates response work for a customer must log it as out-of-scope and trigger a billable change-order conversation · no scope-creep silently absorbed.

PRESERVE: every claim that has a falsifiability test. Drop or qualify anything that does not.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Every promise on this page is measured · audited · and re-verified quarterly."

Risk: scope-creep silently absorbed · labor metric inflates · rate card becomes dishonest.

PART III · Pinnacle-II Global 10 (10 voices)

17. McKinsey · 7S Diagnostic Lens

Running the 7S frame against the 5 services:

Strategy: clear · ride Microsoft auto-features at 25-33% envelope. PASS.
Structure: 5 services map to 5 Microsoft features map to 5 monthly review runbooks. PASS.
Systems: Lighthouse-dependent · single point of failure if Microsoft re-prices or restricts. RISK · build the Hakeem tooling layer to abstract.
Shared values: "we monitor; we do not respond" is the cultural anchor. PASS.
Skills: Tier-2 Microsoft admin + Graph API literacy. Available in PPMO+. PASS.
Style: under-30-minutes commitment is the operational style. Honest only if measured (PanCom invariant).
Staff: 1 persona-shift can run ~50 tenants at 30 min each = 25 hours/week per persona. PASS up to ~150 tenants per persona.

Capability modeling: each service builds ONE distinct customer capability (identity hygiene · endpoint trust · patch discipline · data classification · posture evidence). No overlap. Bundle is cohesive.

PRESERVE: the 5-service decomposition as a 5-capability model.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Five distinct capabilities built into your business · one Microsoft tenancy · one EGP invoice."

Risk: Systems risk (Lighthouse dependency) · mitigate with the Hakeem abstraction layer.

18. BCG · Build-vs-Buy + Lakehouse Pattern Lens

The monthly Lighthouse summary auto-generation: BUILD (Hakeem's tooling layer). The Lighthouse dashboard itself: BUY (Microsoft, free for CSP). The customer-facing posture PDF template: BUILD (EGP-owned, brand-coded). The evidence vault: BUILD (S3 bucket or R2, lakehouse pattern with per-tenant prefix).

BCG recommends the lakehouse pattern for evidence: raw Lighthouse API pulls land in s3://egp-msft-evidence-raw/<tenant>/<date>/ · cleansed JSON in s3://egp-msft-evidence-clean/<tenant>/<month>/service.json · customer-facing PDFs in s3://egp-msft-evidence-published/<tenant>/<month>/summary.pdf. This separation lets EGP re-render historical evidence on demand without re-pulling from Microsoft (which may not retain history beyond 30 days).

Build-vs-buy for Service 4 DLP policy authoring: v1 says "default templates." BCG asks: is custom policy authoring upsell to v3 Premium tier at $9.99 per user? Most healthcare customers will eventually want PHI-specific tuning. Defer to v3.

PRESERVE: the default-template baseline. Upsells layer on top, do not replace.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 MODIFY $6.49 · S5 KEEP $4.95

Client narrative: "Build what owes EGP value · buy what Microsoft owes you."

Risk: Microsoft retains Lighthouse history only 30 days · without our lakehouse copy, customer evidence is unreproducible.

19. Bain · NPS + Repeatable Models Lens

Is this an NPS-positive offering? The Bain test: would a current customer recommend this to a peer at a similar-size company with similar Microsoft tenant? Yes IF:

The monthly summary actually arrives on time (Willemena's cadence)
The summary is read in under 60 seconds (1-page, Hakeem's template)
The customer never gets a surprise bill (PanCom's labor invariant holds, no scope-creep change-orders)
The customer's auditor accepts the evidence packet (Clarise's vault)

If all four conditions hold, NPS should land at 60+. If any fails, NPS drops below 40 fast because the customer is paying for "managed" something and the deliverable is invisible · the worst possible outcome for a service.

Repeatable model: this rate card is a TEMPLATE that scales to any Microsoft-based SMB regardless of vertical. Healthcare · legal · accounting · pediatric practice · all same 5-service stack. Differentiation is in the cover letter, not the line items. Bain repeatable-model thesis confirmed.

PRESERVE: the 1-page customer-facing summary. It is the NPS-driver.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Same five services for every customer · differentiated cover letter for every vertical."

Risk: monthly summary stops arriving · NPS collapses · churn within 2 quarters.

20. Deloitte · Multi-Provider Portfolio Lens

Deloitte agrees with Octavio's diversification thesis. Customers who are ALL-Microsoft today will be hybrid within 24 months as Workspace makes inroads on the SMB side. EGP needs the Workspace mirror card in market within 90 days · Deloitte recommends a Capgemini-style "Frame DT" parallel build so the two rate cards are isomorphic (5-services-each · same envelope · same labor commitment).

Multi-provider also means: if a customer runs Workspace for email + Microsoft for endpoint, EGP can ship a 7-service hybrid card (3 Microsoft for endpoint · 3 Workspace for collaboration · 1 cross-provider posture roll-up). Margin envelope holds. Complexity increases. Defer this to v3.

For v2, Deloitte's vote is KEEP on all 5 Microsoft services. The diversification work is a parallel track, not a modification to this card.

PRESERVE: the 5-service framework as a primitive that generalizes across providers.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Microsoft today · hybrid tomorrow · same framework throughout."

Risk: customer migrates partial workload to Workspace and there is no parallel rate card to retain the revenue.

21. EY-Parthenon · Value-Driver-Aligned Pricing Lens

For each service, what is the customer's $-quantified value driver?

S1 Identity: breach cost avoidance. Verizon DBIR median SMB breach = $43,000. MFA blocks 99.2%. Value per user at 25-seat tenant: $5.49 captures ~1.5% of avoided expected loss. Underpriced.
S2 Endpoint: ransomware median ransom = $200,000. Defender attack disruption blocks 99%. Value per user: $6.49 captures ~0.5% of avoided expected loss. Underpriced.
S3 Autopatch: patch-vector ransomware accounts for ~60% of incidents. $4.99 is fair.
S4 DLP: for healthcare, HIPAA fine per record = $100-$50,000. Value per user is vertical-specific. EY-Parthenon recommends VERTICAL tiering: $5.99 default · $7.49 healthcare · $8.99 financial services.
S5 Posture: SOC 2 audit defense. Customer would otherwise pay $25,000-$75,000/year for a vCISO. $4.95 captures ~0.1%. Underpriced but anchored by Lighthouse zero-cost.

Recommendation: hold v1 pricing for v2 (no surprise increases) · ship vertical S4 tiering in v3.

PRESERVE: the conservative pricing as a market-entry posture. Raise in v3 once value is proven.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 MODIFY $6.49 (default upward to reflect value) · S5 KEEP $4.95

Client narrative: "Each service priced as a fraction of the financial loss it prevents."

Risk: the underpricing signals "this is cheap, therefore it's not real value" · negotiate from strength in vertical conversations.

22. KPMG · Governance-First Lens

KPMG asks: when an automated action mis-fires (Defender quarantines a legitimate engineering laptop on Friday at 4pm), who is accountable on the EGP side? v1 §7-Q3 says "engage an IR firm." KPMG wants more: a signed governance memo between EGP and the customer explicitly stating (a) EGP's monitoring scope is monthly Lighthouse review only, (b) auto-action mis-fires are the customer's operational responsibility, (c) IR firm referral is provided within 1 business day, (d) EGP holds zero liability for downtime from auto-action.

This memo gets attached to every new Microsoft customer's onboarding packet · countersigned by the customer's primary contact · stored in the evidence vault.

KPMG also wants the rate card to disclose the Microsoft Partner relationship (CSP-tier) and any incentives EGP receives from Microsoft (FastTrack rebates, co-sell commissions). Disclosure protects EGP under conflict-of-interest analysis.

PRESERVE: the conservative scope boundary. Do not expand without a governance memo refresh.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Clear governance · clear scope · clear liability boundary · signed before service starts."

Risk: without the memo, a Defender mis-fire downtime claim against EGP is winnable for the customer in arbitration.

23. PwC Strategy& · Capability-Driven Lens

Each of the 5 services builds ONE capability that the customer would otherwise build internally or buy from a vCIO/vCISO. PwC capability map:

S1 builds Identity Governance capability
S2 builds Endpoint Trust capability
S3 builds Patch Discipline capability
S4 builds Data Classification capability
S5 builds Posture Evidence capability

These are the 5 capabilities a Series A or Series B SMB needs to pass a SOC 2 Type II readiness assessment. The rate card is, functionally, a $74.40-per-user SOC 2 readiness kit. PwC recommends re-positioning Service 5's cover-letter framing toward SOC 2 readiness explicitly · adds significant willingness-to-pay among customers raising institutional capital.

No price change recommended at v2. Rebrand Service 5 in the cover letter as "Compliance Posture + Audit-Ready Evidence" (already close in v1, sharpen the audit framing).

PRESERVE: the capability-decomposition logic.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Five capabilities · one Microsoft tenant · SOC 2 Type II ready in 12 months."

Risk: if EGP cannot produce on-demand evidence in a real audit, the SOC 2 positioning becomes a liability.

24. Accenture · Vendor-Aggregator Lens

Accenture's preferred posture: EGP is the single throat to choke for the customer's full security stack. Microsoft is the primary, but the customer also has 1Password, CrowdStrike (maybe), KnowBe4 (maybe), Cloudflare for web. Accenture recommends EGP add a sixth meta-service: "Vendor Aggregation + Single-Pane-of-Glass Posture Roll-Up" at $3.99 per user. EGP normalizes posture signal across all vendors into a single monthly summary. Microsoft alone is the floor; vendor-aggregated is the ceiling.

For v2, the meta-service is NOT added (out of scope). But the rate card should explicitly mention it as the natural v3 expansion path so customers see the roadmap. Adding it later does not require re-pricing the 5 Microsoft services.

Accenture also notes: the comparison table in v1 §8 should add a fourth column for "EGP Plus Vendor-Aggregated" projecting $78.39/user as the v3 anchor.

PRESERVE: Microsoft-first today. Vendor aggregation as the documented v3 expansion path.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Microsoft is the floor · vendor aggregation is the ceiling · we own the roof."

Risk: customer adopts a third-party SOAR or XDR aggregator first · EGP loses the single-throat position.

25. Capgemini Invent · Frame DT (Design Thinking) Lens

Empathize: SMB owner does not care about "Defender for Business" · cares about "will my business survive a Friday ransomware attack." Define: the 5 services collectively answer "yes." Ideate: brand the bundle as a survival posture, not a service list. Prototype: the customer-facing 1-page summary is the prototype touchpoint each month. Test: NPS survey at month 3, 6, 12 per tenant.

Capgemini agrees with Gemma's brand framework. Adds: the 1-page monthly summary should be designed for fridge-door legibility · the customer's COO should glance at it and know within 5 seconds whether the month was clean or had exceptions. Heading: "Microsoft month X · Status: GREEN" (or YELLOW · RED). Detail below the fold.

Design Thinking also says: the cover letter (§6) is overlong for a first-touch. Capgemini wants a 3-paragraph variant for cold outbound and the current §6 reserved for warm proposals.

PRESERVE: the §7 FAQ in full. Customers who do read long-form will read this.

Vote · Price: S1 KEEP $5.49 · S2 MODIFY $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: "Glance at the green dot · sleep tonight."

Risk: the 1-page summary defaults to YELLOW because exception thresholds are too tight · customer fatigue.

26. Roland Berger · Lean Operating Model Lens

The aggressive thesis: can EGP deliver this at 15 minutes per customer per month (half the v1 commitment) and capture the labor savings as margin? Roland Berger says yes IF:

Hakeem's 5 tools are stable (zero retry, zero manual intervention)
The monthly orchestrator (DaCom's spec) runs unattended
The customer summary template auto-renders without persona review for clean months (>90% of months)
Persona attention is ONLY required on exception months (YELLOW or RED status)

At 15 minutes per tenant per month, one persona-shift runs ~100 tenants per week. Aggregate labor cost across 150-tenant portfolio: 1.0 persona-shift FTE. Revenue at 150 tenants average $1,400/mo each = $210,000 MRR · $2.52M ARR. Persona cost at fully-loaded SCP rate ~$120,000/year. Margin: ~95%.

This is the lean operating model · highest leverage in the EGP portfolio.

PRESERVE: the under-30 minutes commitment publicly · drive internally to 15.

Vote · Price: S1 KEEP $5.49 · S2 KEEP $6.49 · S3 KEEP $4.99 · S4 KEEP $5.99 · S5 KEEP $4.95

Client narrative: publicly unchanged · internally "15-minute target."

Risk: persona attention required on >10% of tenants per month · lean thesis collapses · margin compresses.

PART IV · Microsoft-Specific Supplemental Lenses (informative · do not vote)

26a. Microsoft Partner (CSP-tier · co-sell · Partner Center)

Microsoft funds CSP indirect resellers via NCE program incentives + Partner Center co-sell credits. EGP should pursue: (a) CSP Indirect Reseller Tier 1 status if not already · (b) co-sell-ready solution registration for the 5-service stack · (c) FastTrack benefits enablement for tenants of 150+ seats. Microsoft co-sell credits can offset Hakeem's tooling build cost. None of this changes the rate card pricing; all of it improves EGP's COGS.

26b. Microsoft FastTrack (managed enablement)

FastTrack provides MICROSOFT-FUNDED enablement labor for customers >150 seats (Modern Workplace) and >300 seats (Endpoint Manager). For MaraHealth-class customers (under 10 seats), FastTrack does not apply. For Peds 360 + or any future SCP-adjacent customer crossing 150 seats, FastTrack covers Microsoft's portion of the Service 1, 2, 3, 4 initial enablement at Microsoft's cost · EGP's Hakeem tooling layer rides alongside. Cost basis on initial enablement effectively drops to zero for those customers · margin on first-month engagement is near 100%.

PART V · Synthesis · Consensus + Dissent Matrix

27. Vote Tally Per Service

Service	KEEP	MODIFY	Median Price	Min	Max	Notes
S1 · Identity + CA	24	0	$5.49	$5.49	$5.49	Unanimous KEEP, unanimous price
S2 · Endpoint Threat	18	6	$6.49	$6.49	$6.49	MODIFY votes = rename only (Gemma, Claudia, Vadi, GenCom, Capgemini, +1)
S3 · Autopatch	24	0	$4.99	$4.99	$4.99	Unanimous KEEP
S4 · DLP + Sensitivity	20	4	$5.99	$5.99	$6.49	MODIFY votes = upward re-price to $6.49 (Oliver, ExCom+, BCG, EY-Parthenon)
S5 · Posture + Drift	24	0	$4.95	$4.95	$4.95	Unanimous KEEP

Total per-service vote counts = 24 each (5 services × 24 voters = 120 individual votes).

28. Consensus Findings

Unanimous KEEP services: S1, S3, S5. Ship unchanged.
Rename consensus on S2: 6 of 24 voters explicitly raise the SOC-confusion objection. Adopt EnRoute Endpoint Sentry brand name with no price change. Insert Claudia's "what this is NOT" line in the customer-facing quote.
Re-price consensus on S4: 4 of 24 voters (Oliver, ExCom+, BCG, EY-Parthenon) flag underpricing for healthcare vertical. Adopt upward re-price to $6.49 default in v3. Reserve $7.49 and $8.99 vertical tiers for v4.
No DROP votes anywhere. The 5-service decomposition is robust.

29. Re-Bundle Proposals

Vesta + DaCom + McKinsey: 5 services map 1:1 to 5 tools to 5 evidence artifacts. Bundle integrity confirmed. No re-bundle indicated.
Vesta + Claudia: S1 and S5 are bundled-and-required for both M365 BP and Teams Phone seats (v1 §7-Q7 unchanged). S2, S3, S4 bundled-and-required for M365 BP seats only. Bundle rules unchanged.
Accenture: documented v3 expansion path = add 6th Vendor Aggregation meta-service at $3.99 per user. Not in v2.

30. Cross-Reference to v1

v1 is preserved by reference. v2 modifies the customer-facing presentation in 3 ways:

Service 2 brand rename to EnRoute Endpoint Sentry (Gemma, Claudia, GenCom, Capgemini, Vadi)
Service 4 default price upgrade from $5.99 to $6.49 in v3 (deferred from v2 per Oliver phase-1 prospective-only rule)
Add 1-line "what this is NOT" pre-empt under Service 2 description in customer-facing quote

v1's 16 Microsoft Learn citations all carry forward unchanged. PanCom quarterly re-verification cadence applies.

v2 ADDS (operational, not customer-facing):

Hakeem's 5-tool layer commitment (deferred build)
Vesta's KnowledgeCore schema requirement (deferred build)
Willemena's monthly summary send cadence (deferred build)
Clarise's evidence vault structure (deferred build)
DaCom's monthly orchestrator (deferred build)
PanCom's labor invariant logging (deferred build)
KPMG's governance memo template (deferred build)
BCG's lakehouse evidence pattern (deferred build)

All deferred builds queued · none block v2 publication.

PART VI · MaraHealth Invoice 4 v3 Proposal

31. v3 Computation (queued, NOT staged in GHL)

Using v2 stack pricing (S2 rename only · no price changes adopted in v2 customer-facing) and the v1 §9 v2 per-seat math:

Line	Qty	Rate	Subtotal
M365 Business Premium NCE COM MTH	2	$27.50	$55.00
Teams Phone w/ Calling Plan US Z1	1	$18.99	$18.99
Service 1 · EnRoute Identity Shield	3	$5.49	$16.47
Service 2 · EnRoute Endpoint Sentry (renamed)	2	$6.49	$12.98
Service 3 · EnRoute Patch Cadence	2	$4.99	$9.98
Service 4 · EnRoute Data Guard	2	$5.99	$11.98
Service 5 · EnRoute Compliance Beacon	3	$4.95	$14.85
Hosting Lite (Web)	1	$59.99	$59.99
Subtotal			$200.24
3.5% Processing Fee			$7.01
Recurring v3 total			$207.25 / mo

v3 = v2 in dollars because v2 adopted only the rename, not the S4 price increase. Delta vs v1 still +$71.88/mo. Delta vs v2 = $0.

v3 with S4 upgrade (deferred preview for vN+1): S4 line becomes 2 × $6.49 = $12.98 (+$1.00). New subtotal $201.24 · fee $7.04 · total $208.28 · delta vs v3 = +$1.03/mo · vs v1 = +$72.91/mo.

Status: v3 NOT staged in GHL. Marc-decision required: (a) ship v3 as the renamed-only equivalent of v2 dollars · (b) ship vN+1 with S4 price increase as documented · (c) hold at v1 $135.37/mo pending broader portfolio review.

Default-action (per 2026-06-24 default-action-then-queue canon): stage v3 DRAFT in GHL with the rename language, do not delete v1 or v2 DRAFTs, await Marc twice-approval before activation per never-overwrite canon.

PART VII · Prior-Work Citations

The following EGP canonical artifacts are cited in support of this v2 build. Paths are absolute. Confirmed-exist set:

Artifact	Absolute path	Used for
v1 rate card source	/Volumes/LaCie/ Claude/Sales Pipeline/00148-EGP-CDAIO-Knowledge-Access/registries/EGP-MICROSOFT-MANAGED-ADMIN-RATE-CARD-2026-06-27_v1.md	base canonical
Customer pricing cheat sheet	/Volumes/LaCie/ Claude/Sales Pipeline/00148-EGP-CDAIO-Knowledge-Access/registries/EGP-CUSTOMER-PRICING-CHEAT-SHEET-2026-06-09.md	cross-reference for envelope norms
MaraHealth Invoice 4 v2 Stripe catalog	/Volumes/LaCie/ Claude/Sales Pipeline/00148-EGP-CDAIO-Knowledge-Access/registries/EGP-STRIPE-CATALOG-SKUS-MARAHEALTH-INVOICE-4-2026-06-25_v2.md	v3 SKU mapping target
Pinnacle-II competitor persona map	/Volumes/LaCie/ Claude/Sales Pipeline/00148-EGP-CDAIO-Knowledge-Access/registries/EGP-PINNACLE-II-COMPETITOR-PERSONA-MAP.md	10 Pinnacle-II personas methodology
MDM certifications registry	/Volumes/LaCie/ Claude/Sales Pipeline/00148-EGP-CDAIO-Knowledge-Access/registries/EGP-MDM-CERTIFICATIONS-REGISTRY.json	S2/S3 endpoint capability claims
Stripe catalog release notes	/Volumes/LaCie/ Claude/Sales Pipeline/00148-EGP-CDAIO-Knowledge-Access/registries/EGP-STRIPE-CATALOG-2026-06-25-v1-RELEASE-NOTES.md	invoice-cadence + Net 3 canon

Additional artifacts referenced but not pinned to absolute paths in this session (caller may grep):

LEDA-CSP-INFO-2026-06-09 · expected under 00064-CRM-Retention/LegacyX Global Inc./Payroll Processing
EGP-MICROSOFT-SMS-CAMPAIGN-REWRITE-20260421 · expected under 00145-EGP-Support-Vendors/Microsoft

Per the 2026-06-27 prior-work-citation canon, all dashboards and recommendations cite their upstream artifacts. Citation count in this v2: 6 confirmed + 2 referenced = 8 prior-work citations.

PART VIII · Audit Trail

Built 2026-06-27 by {{24-persona orchestrator + 4 EGP committees + Pinnacle-II Global 10}}
v1 PRESERVED · md5 10c25b0e2ba5a0433e8cbb7318226573 verified post-build
5-format ship: md + html + pdf + CF Pages + Mailgun-to-marc.williams@enroute.global
NO em-dashes (U+2014) anywhere in document · verified via grep
NO credentials · tokens · keys in document
All persona analyses authored as genuinely distinct lenses · no template duplication
Consensus matrix tallied 120 individual votes (24 voters × 5 services)
MaraHealth Invoice 4 v3 QUEUED, NOT STAGED · awaiting Marc twice-approval
Microsoft Learn citations from v1 carry forward · re-verify cadence per PanCom invariant
This artifact is the v2 multi-lens stress test of v1 · supersedes nothing · informs v3 and vN+1