Authorization Discipline: The Missing Layer in Institutional Governance

This paper introduces authorization discipline — the requirement that governing decisions be translated into explicit, verifiable, enforceable constraints before execution proceeds. Institutions do not typically fail because decisions are absent. They fail because decisions remain informal: untranslated into declared assumptions, enforceable constraint boundaries, evidence requirements, ownership assignments, or defined failure states. The result is governed execution of informally authorized action — procedurally defensible at every stage, verifiable at none. The paper makes three contributions. First, it defines five structural preconditions for governable action — the minimum formalization required before the question "is execution consistent with the decision?" has a verifiable answer. Second, it presents a three-stage governance model distinguishing competent governing judgment (irreducible, not addressable by technology), constraint articulation (the missing institutional layer), and codification with deterministic enforcement (where governance becomes binding at runtime). Third, it argues that no amount of downstream execution governance — compliance review, risk assessment, audit — compensates for upstream informality, because execution governance operates within a frame it cannot examine. The paper applies this framework to a concrete institutional pattern: the federal President's Management Agenda cycle, in which directives are issued, agencies produce alignment artifacts, procurements follow formal process, and every step is procedurally correct — while the authorizing frame itself was never decomposed into components that permit verification. Authorization discipline is positioned as the missing layer between human judgment and runtime enforcement. The paper distinguishes what technology cannot fix (the irreducibility of competent judgment) from what it can (the codification and deterministic enforcement of articulated constraints). FERZ, Inc. operates at the enforcement boundary — translating articulated constraints into executable, versioned, fail-closed rule sets and enforcing them at runtime with signed provenance of every constraint applied. Part of the FERZ deterministic governance research corpus. Extends prior work on enforcement architecture (LASO(f), DELIA, Proof-Carrying Decisions) and governance taxonomy into institutional governance theory.