Executive Summary

This document is the definitive technical execution plan for Robbins Research International. It covers 17 initiatives across three phases — DERISK (remove what can kill you), UNCLOG (remove what slows you down), SCALE (grow) — sequenced across four waves from March 2026 through Q1 2027. One initiative (U5, HubSpot Bypass) is already complete.

The plan addresses an engineering organization that is structurally broken: no sprint has closed in three weeks, the team burned out after a month of 10-hour days, two engineers are bus factor 1 on revenue-critical systems serving $180M in annual revenue, and a Heroku contract deadline in September 2026 has no migration started. Simultaneously, RRI has an extraordinary AI capability — 38+ agents and tools deployed across 11 departments — that is ungoverned and under-resourced.

Two resource scenarios frame the investment decision. Scenario A (current team only) delivers 11 of 17 initiatives, defers 6 SCALE products to 2027, and puts $4.3M-$12.8M of revenue at risk — including almost certainly missing the September Heroku deadline. Scenario B (fully resourced at $1.2-1.6M incremental across two quarters) delivers all 17 initiatives on schedule, unlocks $4.9M-$20.8M in new and protected revenue, and produces a 3:1 to 14:1 ROI on the investment. The checkout pre-fill initiative (U2) alone pays for Jay Lane’s entire full-time salary in two months.

Pre-UPW Emergency Actions

Six initiatives must complete before UPW. One immovable deadline.

Immediate Actions

Wave 0 Initiative Summary

Go/No-Go Checklist

Before UPW proceeds, the following must be confirmed:

• D4: Token caching active + guest checkout fallback tested
• D4: Guest checkout fallback deployed (3-second timeout → Stripe guest mode)
• D4: Chatot pre-warm cron configured (100-200 bot sessions 45min before each pitch window)
• D3: Cognito client IDs from rri-stress-test rotated
• U6: Blackthorn matching window extended from 5 min to exponential backoff
• U6: Blackthorn support contacted, High Volume Transaction Job enabled
• D6: Grafana dashboard showing live order-ingestion metrics
• D6: Checkly checkout monitoring active from 12 global regions
• U9: Obv.io sync interval reduced from 30s to 5s
• U9: SKIP LOCKED verified before dyno scaling

D1. Bus Factor Elimination Program

Three engineers each represent a single point of failure on systems that generate $180M/year. Zach Hardesty is the only person who can operate the K8s/GitOps/observability/data lake infrastructure. Johnny Yarlott holds 97% of commits on the core payments API. Nick Jensen owns TonyRobbins.com and is INACTIVE in Atlassian. If any one of them is hit by a bus — or just quits — RRI’s revenue infrastructure stops.

Technical Approach

• 6-week pairing sprint program: 2 weeks per critical engineer with a designated backup
• Driver-navigator model during live operations — backup learns by doing, not watching
• CODEOWNERS enforcement on 5 critical repos to distribute code review
• Migrate @alphonso77/rri-lifeforce to @rri npm org scope (Day 3, zero cost)
• Nick Jensen 1:1 with Lior required Week 1 before any sprint commitment

D2. Members Portal Migration (Node 11 → Node 22 LTS)

The Members Portal runs on Node 11, which has been end-of-life since April 2019. It uses abandoned dependencies (kue — last updated 2017, request — deprecated 2020) and has committed .env credentials in git history. This is the system where 200K+ customers manage their event tickets, coaching sessions, and product access.

Technical Approach

• Target Node 22 LTS (Node 20 enters Maintenance Oct 2025)
• Phase 0 credential rotation before any code changes
• Replace kue with BullMQ (standardizes with order-ingestion)
• Replace request with native fetch() (stable in Node 22)
• Upgrade Stripe SDK v6 → v12 → v17 incrementally (v12 is the API version pinning boundary)
• Kue → BullMQ: parallel queues with feature flag. Never cold-cutover a job queue.

D3. Secrets Audit & Credential Rotation

Six repos have committed secrets in git history. The Members Portal .env contents are unknown until git history is inspected. The rri-stress-test repo contains Cognito client IDs that compound with D4’s auth vulnerability. Credentials must be rotated first, then git history purged.

Technical Approach

• Two-layer scanning: TruffleHog (free, 800+ detectors) + GitHub Secret Protection ($19/committer/month)
• Rotate FIRST, purge SECOND — rotation closes the attack vector immediately
• git-filter-repo for history purge (Git project’s recommended tool)
• TruffleHog pre-commit hooks deployed globally

D4. Auth Load Capacity & Cognito Hardening

Cognito has a default rate limit of 120 RPS shared across ALL user pools. At scale this can bottleneck — but for UPW March 12 (virtual, ~20,000 participants, ~1,500 buyers across 4 sales moments over 4 days), peak concurrent auth load during the biggest pitch window is likely 1-3 RPS at checkout, 10-50 RPS including page loads. Well within the 120 RPS default limit.

Three-Layer Defense for UPW

At virtual UPW, participants join via Zoom/Obv.io (not Cognito). Only buyers hit the checkout auth path. The biggest pitch window might drive 400-800 checkout attempts over 5-10 minutes. Token caching + guest checkout fallback handle this comfortably.

D5. Redis Single Point of Failure

All BullMQ job queues — including the order-ingestion pipeline that processes every payment — run on a single unmanaged Redis instance on Linode. No redundancy. No failover. No monitoring. If that single VM goes down, every payment webhook stops processing.

Technical Approach

• Pre-UPW (quick fix): Linode Redis Sentinel — master + replica + 3 sentinels, 15-30s failover
• Post-UPW (permanent fix): Migrate to Upstash Redis Fixed 1GB plan ($15/month) — managed, Heroku-compatible, K8s-portable
• Circuit breaker: enableOfflineQueue: false on BullMQ. Redis down = 503 to Stripe. Stripe retries for 72 hours.
• Must use Upstash Fixed plan, NOT Pay-as-You-Go (BullMQ polls aggressively)

D6. Pre-Event Load Testing & Monitoring

RRI runs 9 major revenue events per year with no load testing, no synthetic monitoring, and no real-time operational dashboard. Leadership makes decisions during events on gut and panic because data is 3-4 hours delayed.

Technical Approach

• Load testing: k6 OSS (free) — 90% HTTP VUs + 10% browser VUs on Zach’s K8s
• Synthetic monitoring: Checkly Team ($64/month, 22 global locations, Playwright-based)
• Dashboard: Grafana (existing LGTM stack) — Business Metrics / Pipeline Health / Infrastructure

D7. CI/CD on Revenue-Critical Systems

The four Heroku apps that process every dollar of RRI revenue have no CI/CD pipeline. Engineers push directly to master. rri-order-ingestion has zero automated tests blocking deployment. One bad push during an event could halt revenue.

Technical Approach

• CI: lint → test with coverage threshold → TruffleHog secret scan → block merge if any fails
• CD: deploy to Heroku staging → smoke test /health → GitHub Environment approval gate → promote
• Reusable workflows: rri-dev/.github org repo with shared node-ci.yml and heroku-deploy.yml
• Branch protection: GitHub Rulesets at org level with Evaluate mode rollout

D8. Contractor Continuity Plan

Three contractors each sole-maintain critical systems with no documentation, no backup, and unknown contract notice periods. Federico Del Rio has 374 commits on the Members Portal — the only person who can operate it. Jonathan Perez sole-maintains the RPM Planner. The Nearsure contract notice period is unknown to the CTO.

Technical Approach

• 4-week documentation sprint: 6 artifacts per system (README, ADRs, Context Diagram, Env Manifest, Runbook, Dependency Map)
• Named backups: Josh Fuller (Members Portal), coordinate with Justin/Alex (RPM Planner), Jay + Johnny (AI tools)
• Doppler ($50/month) replaces .env files — architectural fix, not process fix

Team Structure & Process Design

The engineering organization needs a structural overhaul before any roadmap initiative can execute reliably. The current state: everyone does everything, no sprints close, engineers are burned out, and 5 people are bus factor 1 on revenue-critical systems.

Current Team (12 engineers/contractors)

Proposed Structure: Build vs. Run Separation

Run Team (Kanban) — Spork + new Run Team Lead + DevOps + Integration Engineer + Event Ops contractors. WIP limits, P1/P2/P3 tiers, OpsGenie on-call.
Build Team (Scrum) — Justin as VP/Head of Product + dedicated POs + PM/Scrum Master + Nick + Ken + Esmee + new Data Engineer. 2-week sprints, 20% interrupt buffer, 70%+ velocity target.
AI Team — Jay Lane (full-time) + Freddy + Daniel (under governance). BA Agent creates Jira tickets from meeting transcripts.

New Hires & Resources

The Core Problem: Justin & Spork in Meetings

Justin and Spork spend their days in requirements meetings and stakeholder updates instead of leading their teams. The PM / Scrum Master sits in those meetings so they don’t have to. Dedicated Product Owners for Tony AI and TR Experience mean Alex isn’t spread across everything. An AI Business Analyst Agent creates Jira tickets from meeting transcripts with acceptance criteria.

Process & Ceremonies

Build Team: Sprint Planning (biweekly, 2hr) → Daily Standup (15min) → Sprint Review (biweekly, 1hr) → Retrospective (biweekly, 45min) + weekly Backlog Refinement.
Run Team: Daily Ops Sync (15min) → Weekly Ops Review (30min) → Post-Mortems within 48hr of P1.
Cross-Team: Quarterly Roadmap Planning (half day) + Monthly Product Council (90min, SVPG model) + Monthly AI Governance + Monthly DORA Metrics Review.

Product Ownership: Justin Kahn as VP/Head of Product. Dedicated POs for Tony AI ($23M ARR) and TR Experience (portal + Mastery Path + Event Passport). PCR process with 30-day lead time. PAD (U4) enforces freeze windows in code, not policy.

U1. Build vs. Run Team Restructuring

RRI’s engineering team is structurally broken: everyone does everything, which means nothing gets done reliably. No sprint has closed in 3 weeks. Spork attends 6+ standing meetings daily, functioning as a human router. This is a systems failure, not a people failure. The fix: separate Run (Kanban, reactive, Spork) from Build (Scrum, planned, Justin).

Blocking Hire: Run Team Lead ($140-160K)

45-55 days post-to-offer. Must post within 5 days of announcement.

U2. Checkout Pre-fill & One-Click Purchase

During live events, upsell links send customers to a blank checkout form despite having portal accounts with stored Stripe cards. 30%+ checkout abandonment. Stripe Payment Element upgrade + CustomerSession API + signed JWT identity bridge.

U3. SSO Unification Across Systems

Customers interact with 11+ separate login systems. Each event purchase, portal visit, and content access requires a separate authentication. SSO is the foundation for Mastery Path (S3), Event Passport (S4), and Portal Unification (S5).

5-Phase Implementation

1. Phase 1: Cognito OIDC configuration (2 weeks)
2. Phase 2: Members Portal → Cognito integration (2 weeks, parallel with D2)
3. Phase 3: Tony AI + RPM → Cognito (2 weeks)
4. Phase 4: Obv.io SSO Bridge Service (3 weeks)
5. Phase 5: Experience API native OIDC (1 week design)

U4. Product Admin Dashboard

Every new product SKU, pricing phase change, and event configuration requires an engineer. Marketing changes things 5 minutes before go-live. A code freeze was attempted — it lasted 2 weeks. Without self-service tooling, code freeze is pure policy theater.

Key Unlock: BullMQ Phase Scheduler

Marketing schedules price transitions with dates. Scheduler fires at activation time, updates Stripe + Sanity + SF automatically. Zero engineering involvement. PAD “freeze mode” flag transforms policy into system-enforced guardrail.

U5. HubSpot Bypass for Transactional Emails

U6. Blackthorn Transaction Matching Window

After order-ingestion creates a Salesforce Opportunity, the link-opp-to-transaction job waits for Blackthorn’s record to appear. Current matching window: 5 minutes. During high-volume events, delays beyond 5 minutes cause “orphaned transactions.” There are currently 400K webhook events in the Blackthorn queue.

Technical Approach

• Extend matching window from 5 min to exponential backoff: 2min, 5min, 10min, 20min, 30min, 60min, 2hr
• Separate BullMQ reconciliation queue for orphan recovery (every 15min during events)
• Embed Opportunity external_id in PaymentIntent metadata for deterministic matching
• Deploy Spork’s async SF close-won trigger PR post-UPW

U7. Jay Lane Full-Time + AI ROI Framework

Jay Lane has deployed 30+ AI tools across 11 departments in 180 days — while working half-time. Proven impact: $670K+/year. Pipeline: $5M+/year. Despite this, Yogesh has throttled him to 4 projects/month because there’s no financial ROI framework. The business case: $670K proven / $175K full-time cost = 283% ROI with 3.1-month payback.

Framework

• Three-dimension ROI scoring: Cost Efficiency (35%) + Time Efficiency (35%) + Growth Impact (30%)
• Four-tier risk classification: Low / Medium / High / Unacceptable
• Agent Registry in SharePoint: 38+ agents catalogued with risk tier, ROI score, owner
• Monthly AI Governance Committee: Jay + Justin + Spork + Lior
• Selene generates monthly portfolio report for Yogesh

U8. Product Ownership Unification

Product ownership is fragmented across 6+ people. No one owns the full customer experience. This creates conflicting priorities, duplicated efforts, and SKU chaos that cascades through every system.

Approach

• Appoint Justin Kahn as unified product owner (VP/Head of Product)
• SVPG Product Council: quarterly strategy review + monthly operating review
• Product Change Request (PCR) process: 30-day lead time, engineering impact assessment
• North Star: Mastery Path progression — every product decision evaluated against it

U9. Obv.io Sync Acceleration

The rri-event-api worker runs in a 30-second polling loop with 1-second rate limits, using 1-2 workers. At peak, customers wait 45+ minutes for their magic link. Late buyers during Day 4’s final pitch don’t get links before the event ends.

Two Phases

• Phase 1 (pre-UPW): Reduce interval 30s → 5s, add Promise.all parallelism (10-20 concurrent), scale to 3-4 dynos
• Phase 2 (post-UPW): Replace polling with Postgres LISTEN/NOTIFY. Sub-second dispatch. HireFire autoscaling.

Throughput: Baseline: 25 min for 1,500 buyers. Phase 1: under 2 min. Phase 2: under 60 seconds.

S1. AI Agent Fleet Expansion & Governance

Unify Jay’s 30+ tools and Justin’s 8-agent bot fleet under a single governance framework. Deploy fleet registry, ROI tracking dashboard, and prioritized agent roadmap. Include Daniel’s parallel AI program from Day 1.

S2. Heroku to K8s Migration

Migrate all production services from Heroku to K8s (Talos Linux + ArgoCD + Cilium) before the September 2026 contract end. 3 of 27+ repos already run on K8s. 16-week phased migration.

S3. Mastery Path — Unified Subscription Progression

Structured post-event progression: Foundation ($149/mo) → Growth ($249/mo) → Mastery ($497/mo) → Leadership. Converts event-dependent revenue into compounding monthly subscriptions.

S4. Event Passport — Predictable Annual Revenue

Annual event subscription bundles: Base ($1,997/yr), + Mastery Path ($2,997/yr), VIP with 1 in-person ($7,997/yr). Revenue is predictable. Marketing sells once, not 5 separate events.

S5. Portal Unification — 11 Portals → 1

Replace 11 disconnected customer-facing portals with a single Tony Robbins portal built on Nick Jensen’s Experience API (Sanity + Next.js). One login, one home for all purchases, events, coaching, content, and Tony AI.

S6. Post-Coaching Call AI Phase 2

AI records coaching Zoom calls, transcribes through Tony’s coaching standards, emails branded recap to client — written as if from Tony. Every coaching session becomes a branded touchpoint; Tony AI accumulates real coaching data.

S7. Lead-to-Speed AI — Sub-60-Second Response

Replace the current 7-8 minute lead routing pipeline with sub-60-second AI response via Tony AI. Every lead gets personalized, qualifying interaction before a human rep touches them.

S8. Real-Time Event Intelligence Dashboard

Single dashboard during events: live orders/minute, revenue by SKU/geography/time, conversion funnel, auth success rate, pipeline health, magic link delivery rate. Selene delivers executive summaries. Builds on D6’s Grafana infrastructure.

Dependencies & Critical Path

Critical Paths

Hard Dependencies

Resource Scenarios

Scenario A: Current Team — No New Hires

All 17 initiatives sequenced against 12 available engineers/contractors. No approved hires. Burnout already active. Team at 120-130% of sustainable capacity.

Scenario B: Fully Resourced

All new hires approved. Jay Lane converted full-time. MSP and compliance engaged. All 17 initiatives execute on schedule across two quarters (Q2-Q3 2026).

Engineering Hires

PM, Product Ownership & Operations

Revenue Capture (Scenario B)

ROI Calculation

Quarterly Milestones

Q2 2026 (April - June): Wave 1-2 Delivery

Theme: Stabilize the foundation. Ship the highest-revenue initiative (U2). Build the safety nets.

Q3 2026 (July - September): Wave 3 + Heroku + Dreamforce

Theme: Ship SCALE products. Complete Heroku migration. Prepare for Dreamforce demo.

Q4 2026 (October - December): Wave 4 SCALE Products

Theme: Launch revenue products. Harvest the infrastructure investment.

Risk Register

Tool Recommendations & Cost Summary

Security & Secrets

Monitoring & Load Testing

Infrastructure

Team Operations

Total Tooling Cost

Full Cost Summary