diff --git a/docs/initial-app.md b/docs/initial-app.md
index 42ff87e..2aae390 100644
--- a/docs/initial-app.md
+++ b/docs/initial-app.md
@@ -2315,12 +2315,18 @@ _Can run parallel to H after F1 is done_
 
 _Depends on: D1 (auth middleware)_
 
-- [ ] **J1**: Implement org middleware (slug lookup, membership check)
-- [ ] **J2**: Implement `orgs.list`, `orgs.create`, `orgs.get`
-- [ ] **J3**: Implement `orgs.update`, `orgs.delete`, `orgs.leave`
-- [ ] **J4**: Implement `orgs.members.list`, `orgs.members.updateRole`, `orgs.members.remove`
-- [ ] **J5**: Implement `orgs.invites.list`, `orgs.invites.create`, `orgs.invites.cancel`, `orgs.invites.accept`
-- [ ] **J6**: Implement `orgs.sites.list`
+- [x] **J1**: Implement org middleware (slug lookup, membership check)
+- [x] **J2**: Implement `orgs.list`, `orgs.create`, `orgs.get`
+- [x] **J3**: Implement `orgs.update`, `orgs.delete`, `orgs.leave`
+- [x] **J4**: Implement `orgs.members.list`, `orgs.members.updateRole`, `orgs.members.remove`
+- [x] **J5**: Implement `orgs.invites.list`, `orgs.invites.create`, `orgs.invites.cancel`, `orgs.invites.accept`
+- [x] **J6**: Implement `orgs.sites.list`
+
+_Implementation notes:_
+- Files in `procedures/orgs/` with `index.ts` for consolidated exports
+- Helper functions in `helpers.ts`: `lookupOrgBySlug`, `getMembership`, `requireRole`, `countOwners`
+- Race conditions prevented via Kysely transactions for owner count checks
+- Privilege escalation prevented: only owners can invite new owners
 
 #### Workstream K: Admin Procedures (Backend)