Optimi — CRM Architecture v2

Professional Services (Level I) · Consulting Services (Level II) · 13 Workflows

Core Principle: Products = menu, Deals = order, Services = the meal being served. Complexity divides Level I (operational) from Level II (expert). All security = Level II, always.

⚠️ Cloudflare Console Access
Not a product feature. It's a delivery model decision: Reselling → customer always gets it. MSP → Optimi decides. Never list on quotes as a service.

LI Professional Services

Operational, procedural, repeatable. Any competent engineer can execute following documentation. Customer could do it — we're faster.

THE TEST

"Can the customer do this with our documentation?" → YES = Level I

LII Consulting Services

Expert, analytical, judgment-required. Requires deep expertise. Customer cannot do this alone — even strong tech teams need specialist help.

THE PROOF

Oscaro: CDN ✅ Security ❌ — Rakuten: CDN ✅ Security ❌

🔒 The Security Rule: ALL security work is Consulting Services (Level II). No exceptions. WAF, Bot, DDoS, Rate Limiting, Access/Zero Trust — always Level II.

Overlap Prevention Matrix No "telescoping" — clear boundary

Task	LI	LII

Grey zone rule: If a Level I task reveals a Level II need (e.g., basic troubleshooting uncovers WAF misconfiguration), the engineer escalates. Work shifts to Consulting scope — consuming pre-purchased days or triggering a new proposal.

13 workflows connecting all layers. The Operational/Expert split from the CTO's framework drives routing, billing detection, and upsell triggers.

From	To	Type	Description

Company: Rakuten France
│
├── Deal: "Rakuten — Full 2026-2027" (€252,000)
│   ├── Line Item: RUN - CDN/Security (€9,000/mo)
│   ├── Line Item: RUN - Premium Support (€4,500/mo)
│   └── Line Item: BUILD - Security Deployment (€16,000) [Level II]
│
├── RUN Services
│   ├── "Rakuten — CDN Platform"         Active, Operational
│   ├── "Rakuten — Security Mgmt"        Active, Expert ⚠️
│   ├── "Rakuten — Bot Management"       Active, Expert ⚠️
│   └── "Rakuten — Premium Support"      Active, 2h SLA
│
├── BUILD Services
│   ├── "Rakuten — CDN Onboarding"       Completed, Level I
│   │   → Support engineer, 5 TJH budgeted
│   ├── "Rakuten — Security Deployment"  Completed, Level II
│   │   → Senior engineer, 8 TJH budgeted
│   └── "Rakuten — WAF Tuning Q1 2026"  In Progress, Level II
│       → Senior engineer, 5 TJH budget, 3 consumed
│
├── Tickets
│   ├── #1042 "Cache miss spike"     → CDN Platform (Operational)
│   ├── #1089 "WAF false positive"   → Security Mgmt (Expert)
│   │   └── ⚠️ Covered by WAF Tuning consulting engagement
│   └── #1103 "Bot threshold issue"  → Bot Mgmt (Expert)
│       └── ⚠️ No consulting engagement → flagged billable
│
├── Contact: Takeshi M. — DevOps Lead [Technical Contact]
└── Contact: Marie D. — IT Director [Decision Maker]

6 phases over 12 weeks. Start by activating Services and validating with top accounts manually before automating anything.

Prerequisites
✅ Super Admin access — confirmed
✅ HubSpot Workflows — Professional+
❓ Operations Hub Professional — needed for WF4 auto + WF6 sync
❓ Slack integration — recommended for notifications
⬜ CTO sign-off on Level I / II boundary document