One architecture. Three actors. Three distinct outcomes – because each sits differently relative to the consequence the boundary governs.
The outcomes below follow from applying the series to an industrial estate. They are universal in the sense that any enterprise that implements the governance framework and architectural specification should see them. They are structural in the sense that each is a consequence of how the architecture works, not a target the organisation pursues separately.
Architecture governs the boundary three governance logics could not. The governed boundary does not extend enterprise security into OT; it governs the consequence of what crosses.
The boundary holds under attack, vendor compromise, and partial failure – degrading conservatively, not catastrophically – and evaluates not only individual interactions but their combined effect across the system.
Resilience becomes a property of the whole estate, not of individual sites or vendor relationships.
NIS2, the Cyber Resilience Act, IEC 62443, and sector-specific frameworks are satisfied as a consequence of being structurally sound.
The architecture opens a third option – admit-and-govern – replacing the current choice between refusing innovation and accepting it ungoverned.
Structural evidence replaces compliance attestation and trust. Monitoring at the boundary is corroborated evidence – no single component is trusted to assert its own correctness.
Governance intent is encoded into architecture, not carried in individual vigilance.
Your people carry the work. The architecture is operated, not bought.
The architecture is one thing. What it delivers to each actor depends on where that actor sits relative to consequence.
The Operator recovers architectural authority over the domain in which consequence concentrates. Vendor asymmetry is rebalanced. Regulatory scrutiny is met with structural evidence, not policy documentation. Under NIS2's personal-liability regime, the Board gains a defensible position. Vendor innovation becomes usable under governed terms. Cross-domain decisions return to named owners exercising allocated authority.
Corporate IT receives a clear mandate in the converged space: provide the enterprise digital services the converged estate requires, with consequence-awareness. Implicit ownership of problems Corporate IT cannot solve is lifted. TGB-AUTHORITY sits in the Corporate IT domain – a substantial role, clearly scoped. Enterprise services extend safely into the operational domain.
Access conditions become standing rules across the customer estate, not case-by-case negotiations. Incident exposure is bounded by what the product did, not by everything that happened through the connectivity. Vendors who build to the south-side governance interface gain deployment velocity and commercial differentiation in regulated sectors.
These outcomes are not negotiated trade-offs between the three actors. They are what happens when the structural condition of convergence is governed through architecture instead of left to accumulate through default. Each actor's position improves because the ungoverned condition was worse for each of them than the governed one is.
Governance does not add difficulty to convergence. It resolves the difficulty that ungoverned convergence creates.
The Series Recap – Structural Deliverables develops the outcomes above in detail: universal outcomes, per-actor benefits for the Operator, Corporate IT, and the Vendor ecosystem, and where to start.
The three-book series is the argument. The engagement tracks are the work. A reader who wants the full treatment can begin with The Structural Diagnosis – or, if the structural argument is already accepted, with the engagement overview directly.