arckit-cli 6.1.1__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (482) hide show
  1. arckit_cli/__init__.py +1120 -0
  2. arckit_cli-6.1.1.data/data/share/arckit/.arckit/memory/sessions.md +293 -0
  3. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/_partials/RENDERING.md +22 -0
  4. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/_partials/document-control-uae.md +20 -0
  5. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/_partials/document-control-uk.md +16 -0
  6. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/adm-preliminary-template.md +135 -0
  7. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/adr-template.md +588 -0
  8. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-design-template.md +390 -0
  9. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-governance-template.md +90 -0
  10. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-integration-template.md +159 -0
  11. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-inventory-template.md +108 -0
  12. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-maturity-template.md +388 -0
  13. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-security-template.md +213 -0
  14. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/analysis-report-template.md +323 -0
  15. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/application-inventory-template.md +221 -0
  16. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-board-template.md +194 -0
  17. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-change-template.md +205 -0
  18. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-diagram-template.md +610 -0
  19. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-principles-template.md +632 -0
  20. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-repository-template.md +107 -0
  21. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-strategy-template.md +666 -0
  22. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/at-bvergg-template.md +252 -0
  23. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/at-dsgvo-template.md +354 -0
  24. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/at-nisg-template.md +236 -0
  25. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-aescsf-template.md +189 -0
  26. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-ai-assurance-template.md +243 -0
  27. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-disp-attestation-template.md +297 -0
  28. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-dss-template.md +302 -0
  29. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-e8-posture-template.md +377 -0
  30. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-energy-compliance-template.md +189 -0
  31. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-ism-controls-template.md +462 -0
  32. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-ndb-playbook-template.md +288 -0
  33. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-ot-security-template.md +204 -0
  34. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-pia-template.md +394 -0
  35. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-pspf-template.md +380 -0
  36. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-soci-cirmp-template.md +206 -0
  37. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/aws-research-template.md +605 -0
  38. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/azure-research-template.md +559 -0
  39. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/backlog-template.md +465 -0
  40. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-aia-template.md +206 -0
  41. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-atip-template.md +192 -0
  42. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-charter-template.md +190 -0
  43. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-cloud-residency-template.md +173 -0
  44. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-fitaa-template.md +156 -0
  45. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-gc-digital-standards-template.md +208 -0
  46. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-itsg-33-template.md +228 -0
  47. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-ocap-template.md +205 -0
  48. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-ola-template.md +171 -0
  49. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-pia-template.md +193 -0
  50. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-pspc-template.md +214 -0
  51. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-soia-template.md +219 -0
  52. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/capability-map-template.md +125 -0
  53. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/competitors-template.md +113 -0
  54. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/conformance-assessment-template.md +507 -0
  55. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/data-mesh-contract-template.md +851 -0
  56. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/data-model-template.md +1043 -0
  57. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/data-source-profile-template.md +80 -0
  58. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/datascout-template.md +546 -0
  59. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/devops-template.md +961 -0
  60. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/dfd-template.md +161 -0
  61. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/dld-review-template.md +427 -0
  62. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/dos-requirements-template.md +506 -0
  63. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/dpia-template.md +1200 -0
  64. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-ai-act-template.md +227 -0
  65. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-cra-template.md +176 -0
  66. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-data-act-template.md +175 -0
  67. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-dora-template.md +197 -0
  68. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-dsa-template.md +183 -0
  69. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-nis2-template.md +196 -0
  70. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-rgpd-template.md +198 -0
  71. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/evaluation-criteria-template.md +719 -0
  72. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/finops-template.md +662 -0
  73. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-algorithme-public-template.md +162 -0
  74. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-anssi-carto-template.md +196 -0
  75. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-anssi-template.md +190 -0
  76. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-code-reuse-template.md +190 -0
  77. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-dinum-template.md +195 -0
  78. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-dr-template.md +187 -0
  79. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-ebios-template.md +209 -0
  80. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-irn-template.md +311 -0
  81. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-marche-public-template.md +178 -0
  82. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-pssi-template.md +270 -0
  83. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-rgpd-template.md +195 -0
  84. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-secnumcloud-template.md +188 -0
  85. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/framework-overview-template.md +247 -0
  86. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gap-analysis-template.md +198 -0
  87. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gcloud-clarify-template.md +340 -0
  88. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gcloud-requirements-template.md +370 -0
  89. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gcp-research-template.md +585 -0
  90. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/glossary-template.md +117 -0
  91. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gov-code-search-template.md +213 -0
  92. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gov-landscape-template.md +271 -0
  93. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gov-reuse-template.md +214 -0
  94. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/grants-template.md +131 -0
  95. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/hld-review-template.md +760 -0
  96. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/jsp-936-template.md +1394 -0
  97. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/maturity-model-template.md +297 -0
  98. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/mlops-template.md +720 -0
  99. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/mod-secure-by-design-template.md +784 -0
  100. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/operationalize-template.md +1016 -0
  101. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/pages-template.html +5121 -0
  102. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/platform-design-template.md +1610 -0
  103. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/presentation-template.md +270 -0
  104. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/principles-compliance-assessment-template.md +389 -0
  105. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/project-plan-template.md +421 -0
  106. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/rationalization-template.md +208 -0
  107. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/requirements-template.md +1026 -0
  108. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/research-findings-template.md +939 -0
  109. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/risk-register-template.md +883 -0
  110. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/roadmap-template.md +787 -0
  111. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/service-assessment-prep-template.md +448 -0
  112. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/servicenow-design-template.md +273 -0
  113. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/sobc-template.md +1127 -0
  114. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/sow-template.md +785 -0
  115. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/stakeholder-drivers-template.md +493 -0
  116. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/story-template.md +889 -0
  117. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/tcop-review-template.md +593 -0
  118. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/tech-note-template.md +59 -0
  119. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/tenders-template.md +124 -0
  120. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/traceability-matrix-template.md +360 -0
  121. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/transition-architecture-template.md +286 -0
  122. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-ai-autonomy-tier-template.md +97 -0
  123. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-ai-charter-template.md +81 -0
  124. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-classification-template.md +86 -0
  125. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-cloud-residency-template.md +136 -0
  126. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-data-sharing-template.md +105 -0
  127. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-digital-records-template.md +97 -0
  128. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-ias-template.md +109 -0
  129. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-pdpl-template.md +105 -0
  130. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-priorities-alignment-template.md +99 -0
  131. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-procurement-template.md +115 -0
  132. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-uaepass-template.md +129 -0
  133. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-zero-bureaucracy-template.md +85 -0
  134. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-consumer-duty-board-report-template.md +49 -0
  135. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-consumer-duty-template.md +362 -0
  136. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-ctp-dependency-register-template.md +24 -0
  137. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-ctp-dependency-template.md +321 -0
  138. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-safeguarding-reconciliation-template.md +77 -0
  139. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-safeguarding-template.md +348 -0
  140. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-sca-rts-exemption-matrix-template.md +47 -0
  141. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-sca-rts-template.md +273 -0
  142. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-gov-ai-playbook-template.md +942 -0
  143. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-gov-atrs-template.md +1087 -0
  144. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-mdr-classification-template.md +307 -0
  145. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0129-case-template.md +214 -0
  146. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0129-hazard-template.md +217 -0
  147. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0129-safety-template.md +78 -0
  148. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0129-template.md +13 -0
  149. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0160-deployment-case-template.md +207 -0
  150. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0160-deployment-hazard-template.md +290 -0
  151. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0160-deployment-safety-template.md +81 -0
  152. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0160-template.md +13 -0
  153. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dtac-template.md +341 -0
  154. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ukgov-secure-by-design-template.md +1031 -0
  155. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-ai-impact-template.md +212 -0
  156. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-ai-rmf-template.md +232 -0
  157. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-fedramp-readiness-template.md +209 -0
  158. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-fedramp-ssp-template.md +352 -0
  159. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-fisma-categorization-template.md +145 -0
  160. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-icam-template.md +216 -0
  161. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-nist-800-53-template.md +222 -0
  162. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-privacy-pia-template.md +191 -0
  163. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-sbom-eo-14028-template.md +253 -0
  164. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-zero-trust-template.md +234 -0
  165. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/vendor-profile-template.md +88 -0
  166. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/vendor-scoring-template.md +332 -0
  167. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-climate-template.md +269 -0
  168. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-doctrine-template.md +299 -0
  169. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-gameplay-template.md +346 -0
  170. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-map-template.md +587 -0
  171. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-value-chain-template.md +256 -0
  172. arckit_cli-6.1.1.data/data/share/arckit/CHANGELOG.md +3554 -0
  173. arckit_cli-6.1.1.data/data/share/arckit/VERSION +1 -0
  174. arckit_cli-6.1.1.data/data/share/arckit/docs/DEPENDENCY-MATRIX.md +929 -0
  175. arckit_cli-6.1.1.data/data/share/arckit/docs/README.md +322 -0
  176. arckit_cli-6.1.1.data/data/share/arckit/docs/WORKFLOW-DIAGRAMS.md +1088 -0
  177. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/adm-preliminary.md +72 -0
  178. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/adr.md +60 -0
  179. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-design.md +71 -0
  180. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-governance.md +61 -0
  181. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-integration.md +59 -0
  182. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-inventory.md +60 -0
  183. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-maturity.md +84 -0
  184. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-security.md +63 -0
  185. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ai-playbook.md +103 -0
  186. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/analyze.md +57 -0
  187. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/application-inventory.md +71 -0
  188. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/application-rationalization.md +71 -0
  189. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/architecture-board.md +60 -0
  190. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/architecture-change.md +73 -0
  191. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/architecture-repository.md +62 -0
  192. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/artifact-health.md +228 -0
  193. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/at-bvergg.md +86 -0
  194. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/at-dsgvo.md +75 -0
  195. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/at-nisg.md +94 -0
  196. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/atrs.md +98 -0
  197. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-aescsf.md +45 -0
  198. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-ai-assurance.md +84 -0
  199. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-disp-attestation.md +90 -0
  200. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-dss.md +76 -0
  201. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-e8-posture.md +73 -0
  202. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-energy-compliance.md +47 -0
  203. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-federal-overlay.md +199 -0
  204. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-ism-controls.md +78 -0
  205. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-ndb-playbook.md +80 -0
  206. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-ot-security.md +39 -0
  207. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-pia.md +72 -0
  208. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-pspf.md +81 -0
  209. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-soci-cirmp.md +40 -0
  210. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/autoresearch.md +334 -0
  211. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/aws-research.md +160 -0
  212. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/azure-research.md +157 -0
  213. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/backlog.md +58 -0
  214. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/build.md +132 -0
  215. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/business-capability-map.md +68 -0
  216. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/business-case.md +68 -0
  217. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/c4-layout-science.md +280 -0
  218. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-aia.md +81 -0
  219. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-atip.md +79 -0
  220. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-charter.md +81 -0
  221. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-cloud-residency.md +91 -0
  222. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-fitaa.md +81 -0
  223. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-gc-digital-standards.md +93 -0
  224. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-itsg-33.md +80 -0
  225. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-ocap.md +91 -0
  226. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-ola.md +80 -0
  227. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-pia.md +83 -0
  228. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-pspc.md +96 -0
  229. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-soia.md +87 -0
  230. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/codes-of-practice.md +154 -0
  231. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/competitors.md +202 -0
  232. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/conformance.md +153 -0
  233. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/create.md +61 -0
  234. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/custom-commands.md +236 -0
  235. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/customize.md +108 -0
  236. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/data-mesh-contract.md +239 -0
  237. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/data-model.md +69 -0
  238. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/data-quality-framework.md +118 -0
  239. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/datascout.md +162 -0
  240. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/declaration.md +59 -0
  241. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/design-review.md +66 -0
  242. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/devops.md +96 -0
  243. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/dfd.md +187 -0
  244. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/diagram.md +118 -0
  245. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/dld-review.md +102 -0
  246. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/dos.md +109 -0
  247. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/dpia.md +80 -0
  248. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/enterprise-scale.md +260 -0
  249. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-ai-act.md +82 -0
  250. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-cra.md +90 -0
  251. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-data-act.md +85 -0
  252. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-dora.md +83 -0
  253. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-dsa.md +85 -0
  254. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-nis2.md +82 -0
  255. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-rgpd.md +76 -0
  256. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/evaluate.md +115 -0
  257. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/export-okf.md +70 -0
  258. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/finops.md +117 -0
  259. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-algorithme-public.md +86 -0
  260. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-anssi-carto.md +69 -0
  261. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-anssi.md +79 -0
  262. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-code-reuse.md +86 -0
  263. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-dinum.md +83 -0
  264. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-dr.md +88 -0
  265. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-ebios.md +84 -0
  266. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-irn.md +103 -0
  267. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-marche-public.md +94 -0
  268. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-pssi.md +87 -0
  269. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-rgpd.md +75 -0
  270. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-secnumcloud.md +80 -0
  271. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/framework.md +234 -0
  272. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gap-analysis.md +70 -0
  273. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gcloud-clarify.md +108 -0
  274. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gcloud-competitors.md +61 -0
  275. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gcloud-search.md +106 -0
  276. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gcp-research.md +169 -0
  277. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/glossary.md +190 -0
  278. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gov-code-search.md +119 -0
  279. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gov-landscape.md +114 -0
  280. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gov-reuse.md +112 -0
  281. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/govs-007-security.md +93 -0
  282. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/grants.md +106 -0
  283. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/graph-report.md +77 -0
  284. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/health.md +234 -0
  285. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/hld-review.md +110 -0
  286. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/hooks.md +121 -0
  287. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/impact.md +68 -0
  288. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/import-okf.md +67 -0
  289. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/init.md +159 -0
  290. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/jsp-936.md +60 -0
  291. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/knowledge-compounding.md +140 -0
  292. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/maturity-model.md +186 -0
  293. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/mcp-servers.md +329 -0
  294. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/migration.md +333 -0
  295. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/mlops.md +126 -0
  296. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/mod-secure.md +124 -0
  297. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/national-data-strategy.md +115 -0
  298. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/navigator.md +86 -0
  299. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/operationalize.md +143 -0
  300. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/pages.md +227 -0
  301. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/pinecone-mcp.md +128 -0
  302. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/plan.md +66 -0
  303. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/platform-design.md +600 -0
  304. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/presentation.md +137 -0
  305. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/pricing.md +62 -0
  306. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/principles-compliance.md +63 -0
  307. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/principles.md +55 -0
  308. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/procurement.md +57 -0
  309. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/productivity.md +217 -0
  310. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/remote-control.md +151 -0
  311. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/requirements.md +61 -0
  312. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/research.md +65 -0
  313. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/review.md +61 -0
  314. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/risk-management.md +70 -0
  315. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/risk.md +132 -0
  316. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roadmap.md +58 -0
  317. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/README.md +68 -0
  318. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/business-analyst.md +70 -0
  319. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/business-architect.md +70 -0
  320. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/cdo.md +59 -0
  321. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/ciso.md +61 -0
  322. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/cto-cdio.md +59 -0
  323. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/data-architect.md +68 -0
  324. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/data-governance-manager.md +59 -0
  325. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/delivery-manager.md +63 -0
  326. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/devops-engineer.md +55 -0
  327. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/enterprise-architect.md +84 -0
  328. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/it-service-manager.md +55 -0
  329. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/network-architect.md +58 -0
  330. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/performance-analyst.md +67 -0
  331. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/product-manager.md +62 -0
  332. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/security-architect.md +78 -0
  333. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/service-owner.md +58 -0
  334. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/solution-architect.md +75 -0
  335. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/technical-architect.md +68 -0
  336. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/score.md +91 -0
  337. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sdd-lot1.md +61 -0
  338. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sdd-lot2.md +62 -0
  339. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sdd-lot3.md +62 -0
  340. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/search.md +71 -0
  341. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/secure.md +181 -0
  342. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/security-hooks.md +200 -0
  343. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/security.md +62 -0
  344. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/service-assessment.md +47 -0
  345. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/service-design.md +71 -0
  346. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/servicenow.md +152 -0
  347. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/session-memory.md +100 -0
  348. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sobc.md +129 -0
  349. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sow.md +125 -0
  350. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/stakeholder-analysis.md +51 -0
  351. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/stakeholders.md +138 -0
  352. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/start.md +276 -0
  353. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/story.md +61 -0
  354. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/strategy.md +211 -0
  355. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/submission-pack.md +72 -0
  356. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/supplier-profile.md +70 -0
  357. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/tcop.md +124 -0
  358. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/template-builder.md +125 -0
  359. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/tenders.md +193 -0
  360. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/testing-plugin-branches.md +79 -0
  361. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/traceability.md +58 -0
  362. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/transition-architecture.md +69 -0
  363. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/trello.md +139 -0
  364. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-ai-autonomy-tier.md +84 -0
  365. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-ai-charter.md +89 -0
  366. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-classification.md +73 -0
  367. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-cloud-residency.md +84 -0
  368. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-data-sharing.md +84 -0
  369. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-digital-records.md +71 -0
  370. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-ias.md +93 -0
  371. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-overlay-maintenance.md +154 -0
  372. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-overlay.md +208 -0
  373. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-pdpl.md +73 -0
  374. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-priorities-alignment.md +82 -0
  375. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-procurement.md +71 -0
  376. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-uaepass.md +83 -0
  377. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-zero-bureaucracy.md +80 -0
  378. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-consumer-duty.md +178 -0
  379. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-ctp-dependency.md +181 -0
  380. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-payments-overlay.md +216 -0
  381. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-safeguarding.md +176 -0
  382. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-sca-rts.md +164 -0
  383. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/ai-playbook.md +56 -0
  384. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/algorithmic-transparency.md +44 -0
  385. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/digital-marketplace.md +55 -0
  386. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/secure-by-design.md +51 -0
  387. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/standards-map.md +108 -0
  388. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/technology-code-of-practice.md +63 -0
  389. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-mdr-classification.md +59 -0
  390. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-mod/secure-by-design.md +54 -0
  391. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-nhs-clinical-safety-overlay.md +214 -0
  392. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-nhs-dcb0129.md +64 -0
  393. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-nhs-dcb0160.md +62 -0
  394. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-nhs-dtac.md +55 -0
  395. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/upgrading.md +130 -0
  396. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-ai-impact.md +71 -0
  397. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-ai-rmf.md +70 -0
  398. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-federal-overlay.md +111 -0
  399. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-fedramp-readiness.md +69 -0
  400. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-fedramp-ssp.md +71 -0
  401. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-fisma-categorization.md +68 -0
  402. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-icam.md +70 -0
  403. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-nist-800-53.md +70 -0
  404. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-privacy-pia.md +74 -0
  405. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-sbom-eo-14028.md +71 -0
  406. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-zero-trust.md +68 -0
  407. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley-climate.md +122 -0
  408. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley-doctrine.md +120 -0
  409. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley-gameplay.md +123 -0
  410. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley-value-chain.md +130 -0
  411. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley.md +173 -0
  412. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/.agents/plugins/marketplace.json +20 -0
  413. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/README.md +325 -0
  414. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/VERSION +1 -0
  415. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/docs/DEPENDENCY-MATRIX.md +616 -0
  416. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/arckit-codex-hook.mjs +1270 -0
  417. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/graph-inject.mjs +1497 -0
  418. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/graph-rollups.mjs +247 -0
  419. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/graph-utils.mjs +363 -0
  420. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/hook-utils.mjs +383 -0
  421. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/hooks.json +80 -0
  422. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/okf-frontmatter.mjs +279 -0
  423. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/project-context-builder.mjs +168 -0
  424. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/sync-guides.mjs +1120 -0
  425. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-copilot/README.md +68 -0
  426. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-copilot/VERSION +1 -0
  427. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-copilot/docs/DEPENDENCY-MATRIX.md +616 -0
  428. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/LICENSE +21 -0
  429. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/README.md +65 -0
  430. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/VERSION +1 -0
  431. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/docs/DEPENDENCY-MATRIX.md +616 -0
  432. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/opencode.json +25 -0
  433. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/.mcp.json +63 -0
  434. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/LICENSE +26 -0
  435. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/README.md +407 -0
  436. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/VERSION +1 -0
  437. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/vibe-config.toml +62 -0
  438. arckit_cli-6.1.1.data/data/share/arckit/scripts/README.md +680 -0
  439. arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/fixtures/000-global/ARC-000-PRIN-v1.0.md +120 -0
  440. arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/fixtures/001-test-project/ARC-001-STKE-v1.0.md +100 -0
  441. arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/fixtures/001-test-project/README.md +15 -0
  442. arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/program-selfharness.md +748 -0
  443. arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/program.md +269 -0
  444. arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/check-prerequisites.sh +250 -0
  445. arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/common.sh +359 -0
  446. arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/create-project.sh +408 -0
  447. arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/generate-document-id.sh +146 -0
  448. arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/list-projects.sh +359 -0
  449. arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/migrate-filenames.sh +553 -0
  450. arckit_cli-6.1.1.data/data/share/arckit/scripts/bump-version.sh +293 -0
  451. arckit_cli-6.1.1.data/data/share/arckit/scripts/check_doctype_collisions.py +30 -0
  452. arckit_cli-6.1.1.data/data/share/arckit/scripts/check_recipes.py +94 -0
  453. arckit_cli-6.1.1.data/data/share/arckit/scripts/check_references.py +144 -0
  454. arckit_cli-6.1.1.data/data/share/arckit/scripts/convert_vibe_agents.py +198 -0
  455. arckit_cli-6.1.1.data/data/share/arckit/scripts/convert_vibe_skills.py +499 -0
  456. arckit_cli-6.1.1.data/data/share/arckit/scripts/converter.py +2002 -0
  457. arckit_cli-6.1.1.data/data/share/arckit/scripts/create-sdg-repo.py +820 -0
  458. arckit_cli-6.1.1.data/data/share/arckit/scripts/generate-arckit-architecture-hero.py +317 -0
  459. arckit_cli-6.1.1.data/data/share/arckit/scripts/generate-arckit-hero.py +278 -0
  460. arckit_cli-6.1.1.data/data/share/arckit/scripts/generate-release-notes.sh +112 -0
  461. arckit_cli-6.1.1.data/data/share/arckit/scripts/managed-agents/README.md +105 -0
  462. arckit_cli-6.1.1.data/data/share/arckit/scripts/managed-agents/arckit-agent.py +418 -0
  463. arckit_cli-6.1.1.data/data/share/arckit/scripts/push-extensions.sh +424 -0
  464. arckit_cli-6.1.1.data/data/share/arckit/scripts/python/apply_doc_control_marker.py +50 -0
  465. arckit_cli-6.1.1.data/data/share/arckit/scripts/python/common.py +288 -0
  466. arckit_cli-6.1.1.data/data/share/arckit/scripts/python/create-project.py +373 -0
  467. arckit_cli-6.1.1.data/data/share/arckit/scripts/python/generate-document-id.py +96 -0
  468. arckit_cli-6.1.1.data/data/share/arckit/scripts/python/list-projects.py +238 -0
  469. arckit_cli-6.1.1.data/data/share/arckit/scripts/python/migrate_classification.py +94 -0
  470. arckit_cli-6.1.1.data/data/share/arckit/scripts/render-brand-pngs.py +72 -0
  471. arckit_cli-6.1.1.data/data/share/arckit/scripts/standardise-colon.py +128 -0
  472. arckit_cli-6.1.1.data/data/share/arckit/scripts/sync-claude-plugin-layout.py +159 -0
  473. arckit_cli-6.1.1.data/data/share/arckit/scripts/sync-shared-assets.py +132 -0
  474. arckit_cli-6.1.1.data/data/share/arckit/scripts/tag-plugins.sh +65 -0
  475. arckit_cli-6.1.1.data/data/share/arckit/scripts/tests/test-doc-types-dual-registration.mjs +57 -0
  476. arckit_cli-6.1.1.data/data/share/arckit/scripts/tests/test-fde-templates.mjs +100 -0
  477. arckit_cli-6.1.1.data/data/share/arckit/scripts/tests/test-regime-registration.mjs +65 -0
  478. arckit_cli-6.1.1.dist-info/METADATA +1966 -0
  479. arckit_cli-6.1.1.dist-info/RECORD +482 -0
  480. arckit_cli-6.1.1.dist-info/WHEEL +4 -0
  481. arckit_cli-6.1.1.dist-info/entry_points.txt +2 -0
  482. arckit_cli-6.1.1.dist-info/licenses/LICENSE +26 -0
@@ -0,0 +1,280 @@
1
+ # C4 Layout Science Guide
2
+
3
+ > **Guide Origin**: Official | **ArcKit Version**: [VERSION]
4
+
5
+ A research-backed guide to creating readable C4 architecture diagrams with minimal edge crossings and clear visual hierarchy. This guide covers the graph drawing theory behind layout engines, practical declaration ordering strategies, quality targets from empirical research, and a structured validation checklist.
6
+
7
+ For the full reference used by the `/arckit:diagram` command, see `plugins/arckit-claude/skills/mermaid-syntax/references/c4-layout-science.md`.
8
+
9
+ ---
10
+
11
+ ## Graph Drawing Theory
12
+
13
+ ### The Sugiyama Algorithm
14
+
15
+ Mermaid's layout engine uses Dagre, which implements the **Sugiyama hierarchical layout algorithm** — the most widely-used method for drawing directed graphs in layers. Understanding how this algorithm works explains why certain authoring choices produce better diagrams.
16
+
17
+ The algorithm proceeds in four stages:
18
+
19
+ **Stage 1: Cycle Removal**
20
+ The algorithm temporarily reverses edges that create cycles in the graph. This ensures the graph can be processed as a directed acyclic graph (DAG). Reversed edges are restored with their original direction after layout is complete.
21
+
22
+ **Stage 2: Layer Assignment**
23
+ Each node is assigned to a horizontal or vertical layer (rank). Nodes that depend on other nodes are placed in later layers, creating the top-to-bottom or left-to-right hierarchy. Long edges that span multiple layers are broken into segments with invisible intermediate nodes.
24
+
25
+ **Stage 3: Crossing Minimisation**
26
+ This is the critical stage where declaration order matters. The algorithm reorders nodes within each layer to minimise the number of edge crossings. The most common technique is the **barycentric method**: for each node, compute the average position of its connected neighbours in the adjacent layer, then sort nodes by this average.
27
+
28
+ The barycentric method is a local optimisation heuristic — it improves an initial ordering but does not guarantee a global optimum. This means the initial order (determined by the order nodes appear in the source code) significantly affects the final result. A good starting order produces fewer crossings.
29
+
30
+ **Stage 4: Coordinate Assignment**
31
+ Final x/y coordinates are calculated for each node, respecting minimum spacing, edge routing, and the layer assignments from Stage 2.
32
+
33
+ ### Why This Matters for Architecture Diagrams
34
+
35
+ When you write a Mermaid or PlantUML diagram, you are providing the initial ordering for Stage 3. If your declaration order already matches the intended visual layout, the crossing minimisation heuristic starts from a near-optimal position and produces a clean diagram. If elements are declared in random order, the heuristic starts from a poor position and may converge to a layout with unnecessary crossings.
36
+
37
+ ---
38
+
39
+ ## Declaration Ordering
40
+
41
+ ### The Tier-Based Strategy
42
+
43
+ For architecture diagrams, the most effective declaration strategy is **tier-based ordering**: declare elements in the order they should appear visually, following the natural data flow of the system.
44
+
45
+ For a `flowchart LR` (left-to-right) diagram:
46
+
47
+ | Order | Tier | Examples | Position |
48
+ |-------|------|----------|----------|
49
+ | 1 | Actors | Citizens, administrators, operators | Leftmost |
50
+ | 2 | Presentation | Web applications, mobile apps, portals | Left |
51
+ | 3 | API | API gateways, load balancers, BFF services | Centre-left |
52
+ | 4 | Service | Business logic, orchestrators, workers | Centre |
53
+ | 5 | Data | Databases, caches, queues, object stores | Centre-right |
54
+ | 6 | External systems | Third-party APIs, GOV.UK services, banks | Rightmost |
55
+
56
+ For a `flowchart TB` (top-to-bottom) diagram, the same tiers apply vertically: actors at the top, external systems at the bottom.
57
+
58
+ ### Three Rules
59
+
60
+ 1. **Declare ALL elements before ANY relationships.** The layout engine positions nodes as it encounters them. If a relationship references an undeclared node, the engine creates it at that point, often in a suboptimal position.
61
+
62
+ 2. **Within each tier, declare elements in the order you want them to appear.** For a horizontal layout, declare left-to-right. For a vertical layout, declare top-to-bottom.
63
+
64
+ 3. **Group related elements with `subgraph`.** This constrains the layout engine to keep grouped elements together, reinforcing the visual hierarchy.
65
+
66
+ ### C4-Specific Ordering
67
+
68
+ For C4 native syntax (`C4Context`, `C4Container`), the recommended declaration order is:
69
+
70
+ 1. `Person(...)` — all actors
71
+ 2. `System(...)` — the system being described
72
+ 3. `System_Boundary(...)` — system boundaries containing:
73
+ - `Container(...)` — in tier order within the boundary
74
+ - `ContainerDb(...)` — databases
75
+ - `ContainerQueue(...)` — queues (PlantUML only)
76
+ 4. `System_Ext(...)` — all external systems
77
+ 5. `Rel(...)` — all relationships last
78
+
79
+ ---
80
+
81
+ ## Edge Crossing Targets
82
+
83
+ ### The Research
84
+
85
+ Purchase et al. conducted empirical studies measuring how different graph aesthetics affect human comprehension. Their key finding: **edge crossings are the strongest negative predictor of diagram comprehension**, significantly more impactful than:
86
+
87
+ - Node overlap
88
+ - Edge bends
89
+ - Symmetry violations
90
+ - Minimum angle between edges
91
+
92
+ Participants shown diagrams with fewer crossings understood them faster, answered questions about them more accurately, and rated them as more readable.
93
+
94
+ ### Practical Targets
95
+
96
+ Based on this research and practical experience with architecture diagrams:
97
+
98
+ | Complexity | Element Count | Target Crossings | Notes |
99
+ |-----------|--------------|-----------------|-------|
100
+ | Simple | 6 or fewer | 0 | Easily achievable with tier-based ordering |
101
+ | Medium | 7-12 | Fewer than 3 | Requires careful ordering; subgraphs help |
102
+ | Complex | More than 12 | Fewer than 5 | May need diagram splitting or PlantUML hints |
103
+
104
+ ### Counting Crossings
105
+
106
+ When evaluating a rendered diagram:
107
+
108
+ - Count each point where two edges intersect (not at a node)
109
+ - Self-loops and edges to/from the same subgraph boundary do not count
110
+ - Edges that run parallel closely but do not intersect do not count
111
+ - If you cannot count crossings easily, the diagram is too complex — split it
112
+
113
+ ---
114
+
115
+ ## Visual Hierarchy
116
+
117
+ ### The Gestalt Proximity Principle
118
+
119
+ The Gestalt principle of proximity states that elements placed close together are perceived as belonging to the same group. In architecture diagrams, this principle supports two practices:
120
+
121
+ 1. **Use `subgraph` blocks** to visually group related elements. Mermaid draws a visible boundary around subgraph contents, creating an immediate visual grouping.
122
+
123
+ 2. **Nest subgraphs** to represent hierarchical containment. For example, a system boundary containing multiple subsystem boundaries containing individual containers.
124
+
125
+ ### Applying Visual Hierarchy in C4
126
+
127
+ | C4 Level | Visual Treatment | How to Achieve |
128
+ |----------|-----------------|----------------|
129
+ | Context | System boundary is the largest visual element | Single `subgraph` or `System_Boundary` containing all internal elements |
130
+ | Container | Containers grouped by architectural tier | Nested `subgraph` blocks for presentation, service, and data tiers |
131
+ | Component | Components grouped by responsibility | `subgraph` blocks for handlers, services, repositories |
132
+ | Deployment | Infrastructure zones (VPC, subnets, regions) | Deeply nested `subgraph` blocks matching network topology |
133
+
134
+ ### Boundary Styling
135
+
136
+ Use dashed borders for trust boundaries and solid borders for system boundaries:
137
+
138
+ ```mermaid
139
+ %% Trust boundary (dashed)
140
+ subgraph TrustBoundary["DMZ"]
141
+ style TrustBoundary stroke:#1168BD,stroke-dasharray:5 5,fill:none
142
+ end
143
+
144
+ %% System boundary (solid)
145
+ subgraph SystemBoundary["Payment Gateway"]
146
+ style SystemBoundary stroke:#1168BD,stroke-width:2px,fill:#E8F0FE
147
+ end
148
+ ```
149
+
150
+ ---
151
+
152
+ ## Validation Checklist
153
+
154
+ After generating any architecture diagram, evaluate it against these six criteria:
155
+
156
+ | # | Criterion | Target | How to Evaluate |
157
+ |---|-----------|--------|----------------|
158
+ | 1 | **Edge crossings** | 0 for simple, fewer than 3 for medium, fewer than 5 for complex | Count intersection points of edges (not at nodes) |
159
+ | 2 | **Visual hierarchy** | System boundary is the most prominent visual element | Check that the main system boundary is immediately identifiable |
160
+ | 3 | **Grouping** | Related elements are proximate | Verify that architecturally-related elements appear visually close |
161
+ | 4 | **Flow direction** | Consistent left-to-right or top-to-bottom | Check that the primary data flow follows one consistent direction |
162
+ | 5 | **Relationship traceability** | Each line can be followed from source to target | Trace each edge visually — if any edge is ambiguous, the diagram needs improvement |
163
+ | 6 | **Abstraction level** | One C4 level per diagram | Verify that the diagram does not mix context-level and container-level elements |
164
+
165
+ ### Quality Gate Integration
166
+
167
+ The `/arckit:diagram` command includes a **Step 5b: Diagram Quality Gate** that automatically evaluates generated diagrams against these criteria and reports results in a structured table. Any failing criterion triggers an iterative refinement cycle.
168
+
169
+ ---
170
+
171
+ ## Iterative Refinement
172
+
173
+ When a diagram fails one or more validation criteria, follow this systematic process:
174
+
175
+ ### Step 1: Reorder Declarations
176
+
177
+ The most common fix. Rearrange element declarations to match the intended tier layout:
178
+
179
+ - Actors first (leftmost or topmost)
180
+ - Internal elements in data-flow order
181
+ - External systems last (rightmost or bottommost)
182
+
183
+ This alone resolves most edge crossing issues.
184
+
185
+ ### Step 2: Add Subgraph Grouping
186
+
187
+ Group related elements using `subgraph` blocks:
188
+
189
+ ```mermaid
190
+ subgraph Services["Business Services"]
191
+ PaymentService["Payment Service"]
192
+ NotificationService["Notification Service"]
193
+ AuditService["Audit Service"]
194
+ end
195
+ ```
196
+
197
+ This constrains the layout engine to keep grouped elements together, reducing crossings between unrelated edges.
198
+
199
+ ### Step 3: Reorder Within Subgraphs
200
+
201
+ The same tier-ordering principle applies within each subgraph. If elements within a group produce crossings, reorder their declarations.
202
+
203
+ ### Step 4: Change Orientation
204
+
205
+ Try switching between `flowchart LR` and `flowchart TB`. Some architectures produce fewer crossings in one orientation than the other:
206
+
207
+ - **Horizontal (LR)** works well for data-flow architectures (request flows left to right)
208
+ - **Vertical (TB)** works well for hierarchical architectures (users at top, infrastructure at bottom)
209
+
210
+ ### Step 5: Use PlantUML Directional Hints
211
+
212
+ If Mermaid cannot achieve acceptable results, switch to PlantUML with the C4-PlantUML library and use directional hints:
213
+
214
+ | Hint | Effect |
215
+ |------|--------|
216
+ | `Rel_Down(a, b, ...)` | Places a above b |
217
+ | `Rel_Right(a, b, ...)` | Places a left of b |
218
+ | `Lay_Right(a, b)` | Forces a left of b (invisible) |
219
+ | `Lay_Down(a, b)` | Forces a above b (invisible) |
220
+
221
+ ### Step 6: Split the Diagram
222
+
223
+ If the element count exceeds 15 or crossings remain above the target after all other refinements, split the diagram at a natural boundary:
224
+
225
+ - **System boundary** — separate context from internal structure
226
+ - **Trust boundary** — separate public-facing from internal components
227
+ - **Domain boundary** — separate bounded contexts
228
+ - **Deployment boundary** — separate cloud regions or availability zones
229
+
230
+ ### Step 7: Document Trade-Offs
231
+
232
+ If a crossing or layout imperfection cannot be eliminated without sacrificing clarity elsewhere, document it explicitly in the diagram's architecture decisions section.
233
+
234
+ ---
235
+
236
+ ## Format Selection Guide
237
+
238
+ Choose the right format based on diagram complexity and requirements:
239
+
240
+ | Scenario | Format | Reason |
241
+ |----------|--------|--------|
242
+ | Simple C4 (12 or fewer elements) | Mermaid `C4Context` / `C4Container` | Native C4 syntax, renders in GitHub markdown and VS Code |
243
+ | Complex C4 (more than 12 elements) | PlantUML with C4-PlantUML | Directional hints (`Rel_Right`, `Lay_Down`) for precise crossing control |
244
+ | Deployment diagrams | Mermaid `flowchart` | `subgraph` nesting maps naturally to infrastructure zones (VPC, subnets, AZs) |
245
+ | Sequence diagrams | Mermaid `sequenceDiagram` | Native support for request/response flows, alt/opt blocks, participant ordering |
246
+ | Data flow diagrams | Mermaid `flowchart` | PII annotations, data classification labels, retention metadata in node labels |
247
+ | Wardley Maps | Online Wardley Mapping (OWM) | Specialised positioning by evolution and value chain; not achievable in Mermaid |
248
+
249
+ ### Rendering Environments
250
+
251
+ | Environment | Mermaid Support | PlantUML Support |
252
+ |-------------|----------------|-----------------|
253
+ | GitHub markdown | Native rendering | Requires image embedding |
254
+ | VS Code | Mermaid Preview extension | PlantUML extension |
255
+ | mermaid.live | Full interactive editor | N/A |
256
+ | PlantUML Server | N/A | Full rendering |
257
+ | Confluence | Mermaid plugin (varies) | PlantUML plugin |
258
+ | PDF export | Via Mermaid CLI (`mmdc`) | Via PlantUML JAR |
259
+
260
+ ---
261
+
262
+ ## References
263
+
264
+ 1. **Purchase, H.C., Cohen, R.F., and James, M.I.** (1997). "An Experimental Study of the Basis for Graph Drawing Aesthetics." *Journal of Visual Languages and Computing*, 8(1), 32-50.
265
+
266
+ 2. **Purchase, H.C.** (2002). "Metrics for Graph Drawing Aesthetics." *Journal of Visual Languages and Computing*, 13(5), 501-516. Establishes that edge crossings have the strongest negative effect on comprehension.
267
+
268
+ 3. **Sugiyama, K., Tagawa, S., and Toda, M.** (1981). "Methods for Visual Understanding of Hierarchical System Structures." *IEEE Transactions on Systems, Man, and Cybernetics*, 11(2), 109-125. The foundational algorithm for layered graph drawing.
269
+
270
+ 4. **Brown, S.** The C4 Model for Visualising Software Architecture. [https://c4model.com](https://c4model.com). Defines the four abstraction levels (Context, Container, Component, Code) and standard visual notation.
271
+
272
+ 5. **Wertheimer, M.** (1923). "Untersuchungen zur Lehre von der Gestalt II." *Psychologische Forschung*, 4(1), 301-350. Establishes the proximity principle used to justify subgraph grouping.
273
+
274
+ 6. **Mermaid Documentation** — Flowchart Syntax. [https://mermaid.js.org/syntax/flowchart.html](https://mermaid.js.org/syntax/flowchart.html).
275
+
276
+ 7. **C4-PlantUML** — PlantUML macros for C4 diagrams. [https://github.com/plantuml-stdlib/C4-PlantUML](https://github.com/plantuml-stdlib/C4-PlantUML).
277
+
278
+ ---
279
+
280
+ *This guide is part of the ArcKit documentation. For the reference used by the diagram command, see `plugins/arckit-claude/skills/mermaid-syntax/references/c4-layout-science.md`. For the diagram command itself, see `/arckit:diagram`.*
@@ -0,0 +1,81 @@
1
+ # Canada Algorithmic Impact Assessment Playbook
2
+
3
+ > **Guide Origin**: Community | **ArcKit Version**: [VERSION]
4
+
5
+ `/arckit:ca-aia` generates a Canada Algorithmic Impact Assessment under the TBS *Directive on Automated Decision-Making*. It scores the system against the six-dimension questionnaire (Project, System, Algorithm, Decision, Impact, Data), computes the Impact Level (I, II, III, or IV), and applies the Directive's mandated mitigations for that Level — peer review tier, bilingual transparency notice, human-in-the-loop design, quality assurance plan, and a recourse mechanism for affected individuals.
6
+
7
+ The AIA is mandatory for any federal automated decision-making system that produces administrative decisions about individuals or businesses. The computed Level gates the system: Level III/IV systems require external peer review and pre-launch publication 30 days ahead of go-live, and the AIA itself is published on the Open Government portal by default. AIDA (Bill C-27) was stalled in Parliament, so the TBS Directive remains the federal public-sector floor for algorithmic accountability.
8
+
9
+ ---
10
+
11
+ ## Inputs
12
+
13
+ | Artefact | Purpose |
14
+ |----------|---------|
15
+ | Requirements (`ARC-<id>-REQ-v1.0.md`) | Decisions automated, NFR-AI / NFR-DEC requirements covering bias, contestability, override |
16
+ | Data requirements (`ARC-<id>-DR-v1.0.md`) | Training-data lineage and decision boundary inputs |
17
+ | Data model (`ARC-<id>-DMOD-v1.0.md`) | Entity-level data structures feeding the model |
18
+ | Privacy Impact Assessment (`ARC-<id>-PIA-v1.0.md`) | Lawful authority and personal-information posture; AIA depth must match PIA depth |
19
+
20
+ ---
21
+
22
+ ## Command
23
+
24
+ ```bash
25
+ /arckit:ca-aia <project ID or service description>
26
+ ```
27
+
28
+ Output: `projects/<id>/ARC-<id>-AIA-v1.0.md`
29
+
30
+ ---
31
+
32
+ ## Assessment Structure
33
+
34
+ | Section | Contents |
35
+ |---------|----------|
36
+ | Document Control | Canadian classification (UNCLASSIFIED / Protected A–C / CONFIDENTIAL / SECRET / TOP SECRET) |
37
+ | Revision History | Version, date, author, changes, approvals |
38
+ | Executive Summary | Computed Impact Level, headline mitigations, residual risk posture |
39
+ | System Description | Purpose, decisions automated, training-data lineage, vendor / model provenance, stewardship |
40
+ | Levels I–IV Questionnaire Scoring | Six-dimension scoring tables (Project, System, Algorithm, Decision, Impact, Data) and computed Level |
41
+ | Per-Level Mitigation Requirements | Peer review, transparency notice, human-in-the-loop, QA, recourse — by Level |
42
+ | Algorithmic Risks Register | Bias, drift, proxies, contestability, fairness, severity with residual rating |
43
+ | Training-Data Provenance | Per-dataset source, licence, refresh cadence, drift trigger, steward |
44
+ | Disclosure Plan | Audience, channel, cadence, bilingual flag |
45
+ | Reassessment Triggers | Material-change triggers and periodic-reassessment cadence |
46
+ | Open Items | Pending peer-review nominations, publication, recourse, downstream artefacts |
47
+ | External References | Document Register, Citations, Unreferenced |
48
+
49
+ ---
50
+
51
+ ## When to run
52
+
53
+ - Any new automated decision-making system that touches individuals or businesses, before service launch.
54
+ - Vendor selection of an ML / AI tool that will be used in administrative decisions — the AIA validates Level and feeds procurement evaluation.
55
+ - Substantive change to training data, model architecture, decision boundary, or operating environment of a live system.
56
+ - Periodic reassessment — annual default, accelerated for Level III/IV systems.
57
+
58
+ ---
59
+
60
+ ## Common pitfalls
61
+
62
+ - **Self-declaring Level I to skip peer review.** The questionnaire output is the source of truth, not an architect's intuition. Reviewers will check the score-to-level mapping against the Directive's threshold matrix and a downward bias is a Directive breach.
63
+ - **Missing the 30-day pre-launch notification window.** Level III and IV systems require pre-launch publication 30 days before go-live and external peer review with realistic lead time. Booking these late forces a launch slip or a Directive non-conformance.
64
+ - **Treating the AIA as a launch artefact rather than a continuous compliance asset.** The Directive requires reassessment on material change to data, model, decision boundary, or operating environment, plus periodic reassessment. A static AIA produced once at launch is non-compliant over the system's lifecycle.
65
+ - **Conflating internal-productivity AI with decision-making AI.** Internal copilots that do not produce administrative decisions about individuals fall outside the Directive; running an AIA against them dilutes review capacity. Run the AIA where the Directive bites — automated administrative decisions — and pair internal-productivity AI with a separate posture (cross-reference `uae-ai-autonomy-tier` for a tiered model).
66
+
67
+ ---
68
+
69
+ ## Handoffs
70
+
71
+ - **`risk`** — AIA findings (bias, drift, contestability, fairness gaps) feed the operational risk register. Each algorithmic risk row in the AIA should map to a project-level risk entry with owner and review cadence.
72
+ - **`adr`** — Material AIA outcomes warrant Architecture Decision Records. Vendor selection of an ML model, autonomy tier (full automation vs decision-support vs human-only), and recourse-mechanism design are all ADR-worthy decisions with options analysis.
73
+ - **`ca-pia`** — Personal-information feeding the algorithmic system inherits the PIA controls. The AIA depth must match the PIA depth: a Level III/IV AIA against a thin PIA is a red flag, and vice versa.
74
+
75
+ ---
76
+
77
+ ## Statutory currency
78
+
79
+ The TBS *Directive on Automated Decision-Making* evolves on a published cadence; verify the current version on the TBS policy site before relying on threshold or mitigation cites. AIDA (Bill C-27) was stalled in Parliament, so the federal public-sector floor for algorithmic accountability remains the TBS Directive — not statutory AI legislation. The *Algorithmic Impact Assessment Tool* questionnaire is open-source and versioned on the Open Government portal; cite the specific release used to score the system.
80
+
81
+ The Directive is operational, not aspirational: the Treasury Board Secretariat tracks compliance through the AIA publications listed on the Open Government portal and through the policy suite's regular reviews. Architects should treat the published AIA as the single authoritative version of the assessment; severance of Protected B/C content for the public copy is acceptable, but withholding the whole assessment is not. Where a national-security exemption is claimed, document the exemption rationale and cross-reference `ca-soia` rather than silently dropping the publication step.
@@ -0,0 +1,79 @@
1
+ # Canada ATIP Reconciliation Playbook
2
+
3
+ > **Guide Origin**: Community | **ArcKit Version**: [VERSION]
4
+
5
+ `/arckit:ca-atip` generates a Canada federal ATIP (Access to Information / Privacy Act) Reconciliation under the Access to Information Act (R.S.C., 1985, c. A-1) and the Privacy Act (R.S.C., 1985, c. P-21). It produces an information holdings inventory categorised Public / Protected / Classified, an exemption mapping per holding under the ATI Act (§13, §14, §15, §16 and §16.1–§16.6, §19, §21, §23, §24), a Privacy Act §4–§8 use and disclosure register with §8(2)(a)–(m) routine-use letters individually analysed, a severance design with field-level rules and an audit log schema, the §7 30-day request workflow with §9 extension and §27 consultation handling, and the annual report mapping for OIC, OPC and TBS InfoSource.
6
+
7
+ ATIP reconciliation sits between the Privacy Impact Assessment and the data model. The PIA establishes lawful authority and the personal-information inventory; the data model carries the field-level structure and classification flags. ATIP reconciles the two against the disclosure regime — proving that every disclosure has a Privacy Act §8 basis, every redaction has an ATI Act exemption head, and every hybrid public/protected view has explicit severance rules with a per-field audit trail. Public/protected hybrid systems (e.g. registers carrying both a transparency view and an investigative back-end) are the most common pattern and the most common defect: if you cannot answer "what is suppressed in the public view, under which exemption, and how is the redaction logged?", you are not ATIP-ready.
8
+
9
+ ---
10
+
11
+ ## Inputs
12
+
13
+ | Artefact | Purpose |
14
+ |----------|---------|
15
+ | Requirements (`ARC-<id>-REQ-v1.0.md`) | Disclosure scenarios, programme description, third-party touchpoints |
16
+ | Data requirements (`ARC-<id>-DR-v1.0.md`) | Per-element sensitivity flags and disclosure recipients |
17
+ | Data model (`ARC-<id>-DMOD-v1.0.md`) | Field-level structure that the severance rules act on |
18
+ | Privacy Impact Assessment (`ARC-<id>-PIA-v1.0.md`) | Authoritative source for the §4–§8 register and PIB references |
19
+
20
+ ---
21
+
22
+ ## Command
23
+
24
+ ```bash
25
+ /arckit:ca-atip <project ID or service description>
26
+ ```
27
+
28
+ Output: `projects/<id>/ARC-<id>-ATIP-v1.0.md`
29
+
30
+ ---
31
+
32
+ ## Assessment Structure
33
+
34
+ | Section | Contents |
35
+ |---------|----------|
36
+ | Document Control | Canadian classification (UNCLASSIFIED / Protected A–C / CONFIDENTIAL / SECRET / TOP SECRET) |
37
+ | Revision History | Version, date, author, changes, approvals |
38
+ | Executive Summary | Holdings posture, headline exemptions, §8(2) letters in play, severance summary |
39
+ | Information Holdings Inventory | Per-holding category Public/Protected/Classified, PIB ref, owner, lifecycle |
40
+ | Access to Information Act Mapping | Exemption section per holding (§13, §14, §15, §16/§16.1–§16.6, §19, §21, §23, §24) with justification |
41
+ | Privacy Act §4–§8 Register | Collection (§4, §5/§5(2)(3)), use (§7/§7(a)), disclosure (§8 with §8(2)(a)–(m) individually) |
42
+ | Severance Design | Field-level rules table, audit log schema, re-identification risk register |
43
+ | ATIP Request Workflow | §7 30-day clock, §9 extensions, §27 consultation; SLA per step; extension justification template |
44
+ | Annual Report Mapping | OIC, OPC, TBS InfoSource feeds and reporting cadences |
45
+ | Open Issues | Unresolved exemption rationales, missing PIBs, pending consultations, severance `<TBC>` |
46
+ | External References | Document Register, Citations, Unreferenced |
47
+
48
+ ---
49
+
50
+ ## When to run
51
+
52
+ - After the PIA is drafted — the PIA's personal-information inventory is the authoritative source for the §4–§8 register here, and re-deriving it would create drift.
53
+ - Before launch — severance design, third-party consultation lists, and PIB updates must be signed off before the public register opens.
54
+ - After a substantial change to information holdings (new dataset, new disclosure recipient, new processor, new jurisdiction).
55
+ - After a change in disclosure recipients or routine-use letters — adding or removing a §8(2) letter is a substantial change.
56
+
57
+ ---
58
+
59
+ ## Common pitfalls
60
+
61
+ - **Treating §19 as automatic.** §19 (personal information) is not a blanket exemption. Privacy Act §8(2) routine-use disclosures may still apply, including §8(2)(a) consistent use, §8(2)(b) consent, and §8(2)(m) public-interest disclosure with notice to the OPC. Test §19 against §8(2)(a)–(m) before invoking.
62
+ - **Missing the 30-day clock.** §7 of the ATI Act starts the clock at receipt of the request (and any required fee). §9 extensions require written notice with reasons and a stated timeline before the clock expires. Failure exposes the institution to OIC complaints under §30 and Federal Court review under §41.
63
+ - **Under-modelling re-identification.** Hybrid public/protected systems can leak through cumulative disclosures, metadata gaps, and small-cell aggregates. Build a re-identification risk register; do not assert "anonymised" without a k-anonymity threshold or differential-privacy parameter.
64
+ - **Forgetting PIB updates.** Personal Information Bank registration in TBS InfoSource is required under §13 of the Privacy Act. New holdings or changed purposes require a PIB update; an unregistered or stale PIB undermines the §12 access right and is a §30 complaint waiting to happen.
65
+ - **Asserting §16 or §15 without identifying the head.** Each section has multiple heads (§16(1)(a) ongoing investigation, §16(1)(b) techniques, §16(1)(c) injurious-to-enforcement; §15 international affairs vs defence vs national security). Reviewers and the OIC expect the specific head, not the bare section number.
66
+ - **Aggregating dissimilar §8(2) disclosures.** Each §8(2)(a)–(m) routine-use letter must match the actual disclosure scenario. Do not group disclosures to different recipients or for different purposes under one letter.
67
+
68
+ ---
69
+
70
+ ## Handoffs
71
+
72
+ - **`data-model`** — Severance rules in this artefact feed back into the data model's classification flags, role-based access controls, and field-level masking. Update the data model with a `severance:` annotation per field that maps to the rules in the Severance Design section so the runtime enforcement is auditable against the policy.
73
+ - **`ca-pia`** — The PIA is the upstream artefact and the authoritative source for the §4–§8 register here. If a §8(2) letter is added or a recipient changes during ATIP reconciliation, push the change back into the PIA rather than letting the two artefacts drift.
74
+
75
+ ---
76
+
77
+ ## Statutory currency
78
+
79
+ The Access to Information Act was substantially amended by the Access to Information Modernization Act (Bill C-58, 2019), which introduced proactive publication obligations under Part 2 and expanded the OIC's order-making powers. Post-2019 jurisprudence is still being settled — cite carefully and check Federal Court / FCA decisions current at the date of generation. The Privacy Act is comparatively stable but is itself under reform consideration; cite the current consolidated text and verify against the Justice Laws Website. Record the verification date in the Document Register. Provincial access and privacy regimes (FIPPA in Ontario, Loi sur l'accès in Quebec, BC FIPPA, etc.) layer on top where the programme involves provincial or private-sector partners and are out of scope for this federal reconciliation.
@@ -0,0 +1,81 @@
1
+ # Canada Charter Rights Design Review Playbook
2
+
3
+ > **Guide Origin**: Community | **ArcKit Version**: [VERSION]
4
+
5
+ `/arckit:ca-charter` generates a Canada Charter Rights Design Review for a federal system that materially engages Charter-protected interests. It identifies which sections of the Canadian Charter of Rights and Freedoms are engaged (default for FITAA-class apps: s.2(b), s.2(d), s.7, s.8, s.15), runs the *Oakes* four-step proportionality test against each engaged right, registers risks and mitigations with residual posture, and captures the DOJ counsel sign-off block.
6
+
7
+ Charter review is mandatory for any federal system that limits a Charter-protected interest. *R v Oakes* structures the analysis: any limit must be prescribed by law and demonstrably justified through (1) a pressing and substantial objective, (2) a rational connection between the means and the objective, (3) minimal impairment of the right, and (4) proportional effects. The artefact this command produces is a design-stage instrument — DOJ counsel sign-off remains a delivery gate, not a sign-off formality.
8
+
9
+ ---
10
+
11
+ ## Inputs
12
+
13
+ | Artefact | Purpose |
14
+ |----------|---------|
15
+ | Requirements (`ARC-<id>-REQ-v1.0.md`) | Engagement surface — speech, association, liberty, search, equality requirements |
16
+ | Stakeholders (`ARC-<id>-STKE-v1.0.md`) | Subject populations, advocacy / journalism / diaspora stakeholders, protected-ground populations |
17
+ | Privacy Impact Assessment (`ARC-<id>-PIA-v1.0.md`) | s.8 reasonable-expectation-of-privacy analysis grounded in personal-information categories |
18
+ | FITAA Compliance Assessment (`ARC-<id>-FITAA-v1.0.md`) | s.2 expression and association engagement — Charter review is a mandatory companion to FITAA |
19
+
20
+ ---
21
+
22
+ ## Command
23
+
24
+ ```bash
25
+ /arckit:ca-charter <project ID or service description>
26
+ ```
27
+
28
+ Output: `projects/<id>/ARC-<id>-CHRT-v1.0.md`
29
+
30
+ ---
31
+
32
+ ## Assessment Structure
33
+
34
+ | Section | Contents |
35
+ |---------|----------|
36
+ | Document Control | Canadian classification (UNCLASSIFIED / Protected A–C / CONFIDENTIAL / SECRET / TOP SECRET) |
37
+ | Revision History | Version, date, author, changes, approvals |
38
+ | Executive Summary | Engaged Charter sections, headline risks per right, residual posture, DOJ counsel sign-off status |
39
+ | Charter Engagement Surface | Per-section engagement decision with reasoning; default-engaged for FITAA-class apps: s.2(b), s.2(d), s.7, s.8, s.15 |
40
+ | s.2 Analysis | Sub-section tables for 2(a) conscience and religion, 2(b) expression, 2(c) peaceful assembly, 2(d) association |
41
+ | s.7 Analysis | Engagement, deprivation, procedural safeguard, residual; principles of fundamental justice per *Carter* |
42
+ | s.8 Analysis | Reasonable-expectation-of-privacy analysis per *Hunter v Southam* and *R v Spencer*; warrant or production-order interface |
43
+ | s.15 Analysis | Protected grounds, differential impact, substantive-equality test, residual |
44
+ | Oakes Proportionality Analysis | Four-step test (pressing-and-substantial, rational connection, minimal impairment, proportional effects) for each engaged right |
45
+ | Mitigation Register | Charter risk, mitigation, owner, status, residual |
46
+ | DOJ Counsel Sign-Off Block | Departmental Justice counsel and DOJ HQ constitutional advisor where the risk warrants; date and conditions |
47
+ | External References | Document Register, Citations, Unreferenced |
48
+
49
+ ---
50
+
51
+ ## When to run
52
+
53
+ - A federal system introduces or modifies a registration scheme, surveillance capability, or automated decision-making process that touches Charter-protected interests.
54
+ - A FITAA-class app is being designed — Charter §2 expression and association analysis is unconditional after `/arckit:ca-fitaa`.
55
+ - A programme will collect, retain, or disclose personal information in a way that engages s.8 reasonable expectation of privacy — typically after the PIA has scoped the personal-information inventory.
56
+ - Pre-launch — before service-design sign-off and before any external-facing release of the system or its register.
57
+ - On material change — to data, decision boundary, disclosure regime, or operating environment that re-opens any of the engaged rights.
58
+
59
+ ---
60
+
61
+ ## Common pitfalls
62
+
63
+ - **Skipping Oakes steps.** Every engaged right requires the full four-step test (pressing-and-substantial, rational connection, minimal impairment, proportional effects). Partial proportionality analysis is the most common review failure and a reliable rejection trigger at DOJ review.
64
+ - **Treating s.15 as formal equality.** The substantive-equality test asks whether the design creates or perpetuates disadvantage for a protected group, not whether everyone is treated identically. A facially neutral design that lands harder on a protected group is a s.15 problem regardless of intent.
65
+ - **Under-citing technology-specific jurisprudence.** *R v Spencer* expanded s.8 to digital subscriber identifiers, and the s.8 jurisprudence continues to develop around metadata, cell-tower data, and platform-mediated communications. A Charter review that cites only *Hunter v Southam* without the modern digital line is incomplete.
66
+ - **Sidelining DOJ counsel.** Anything beyond a routine internal-tooling review requires departmental Justice counsel sign-off; constitutional matters route to DOJ HQ constitutional advisors. A Charter design review without named counsel sign-off is a draft, not an artefact.
67
+ - **Conflating engagement with limitation.** A Charter section can be engaged without being limited; the proportionality analysis only runs where the design imposes a limit. The engagement surface and the Oakes analysis are separate questions and must be answered separately.
68
+
69
+ ---
70
+
71
+ ## Handoffs
72
+
73
+ - **`ca-fitaa`** — Charter §2 expression and association analysis is a mandatory companion to FITAA; the FITAA artefact references this review and the public-vs-protected severance design feeds the s.2 mitigation register. If `/arckit:ca-fitaa` has been run, `/arckit:ca-charter` is not optional.
74
+ - **`ca-pia`** — §8 search-and-seizure analysis is grounded in the personal-information categories captured in the Privacy Impact Assessment. The PIA inventory drives the reasonable-expectation-of-privacy analysis; do not duplicate, link.
75
+ - **`risk`** — Residual Charter risks per right feed the operational risk register with appropriate severity. Carry the Mitigation Register entries forward with the same risk identifiers so the residual posture is traceable.
76
+
77
+ ---
78
+
79
+ ## Statutory currency
80
+
81
+ Charter jurisprudence is fast-moving in digital contexts. Cite the most recent SCC decisions on s.8 (digital privacy, metadata, cell-tower data), s.7 (procedural-fairness in administrative regimes touching liberty), s.15 (substantive-equality methodology), and s.1 (proportionality refinements) at the time of generation, and record the verification date in the Document Register. Section numbers are stable; the binding effect of jurisprudence is not. Treat any pre-2020 case as load-bearing only after checking subsequent SCC treatment, and re-verify before publication.
@@ -0,0 +1,91 @@
1
+ # Canada Sovereign Cloud Residency Playbook
2
+
3
+ > **Guide Origin**: Community | **ArcKit Version**: [VERSION]
4
+
5
+ `/arckit:ca-cloud-residency` generates a sovereign cloud residency assessment for a Canadian federal information system. The artefact reconciles the system-level Protected categorisation with the *Government of Canada Cloud Adoption Strategy* and the TBS *Direction on the Secure Use of Commercial Cloud Services*, then produces a sovereign-options matrix across AWS Canada, Azure Canada, and Google Cloud Canada. It records the foreign-government access exposure (US CLOUD Act, FISA-702 / EO-12333 reach for US-incorporated CSPs), captures the SSC cloud-brokering inheritance picture, and documents the exit and portability plan with a published dry-run cadence.
6
+
7
+ The Protected B threshold is the load-bearing line in this artefact. At Protected B and above the *Direction on the Secure Use of Commercial Cloud Services* tightens the residency envelope, and the choice of region, sub-processor inventory, encryption-key custody, and identity trust root all become assurance-relevant. The assessment is rationale-driven: every sovereign-option choice and every CLOUD-Act risk acceptance must be named, justified, and approved — sovereignty is a posture, not a checkbox.
8
+
9
+ This command does not replace the formal cloud authorisation packages (CSP-level CSEAP submission, departmental ATO, SSC inheritance memos). It produces the residency-decision artefact that sits alongside those packages: the document that captures *why this region, this CSP, this exit plan, this CLOUD-Act risk acceptance*, anchored to the categorisation and the data-class drivers. Reviewers — security authority, departmental privacy office, ATIP coordinator, CIO branch — read it to understand the residency choices before they read the SoA or the PIA.
10
+
11
+ ---
12
+
13
+ ## Inputs
14
+
15
+ | Artefact | Purpose |
16
+ |----------|---------|
17
+ | Requirements (`ARC-<id>-REQ-v1.0.md`) | NFR-AVL availability targets, NFR-LOC residency requirements, NFR-SEC data-handling expectations |
18
+ | ITSG-33 SoA (`ARC-<id>-ITSG-v1.0.md`) | System-level categorisation and chosen control profile (PBMM-Cloud, Secret-High) — drives the residency envelope |
19
+ | Data requirements (`ARC-<id>-DR-v1.0.md`) | Per-element sensitivity, including any Indigenous-data or personal-information flags |
20
+
21
+ ---
22
+
23
+ ## Command
24
+
25
+ ```bash
26
+ /arckit:ca-cloud-residency <project ID or service description>
27
+ ```
28
+
29
+ Output: `projects/<id>/ARC-<id>-CACR-v1.0.md`
30
+
31
+ ---
32
+
33
+ ## Assessment Structure
34
+
35
+ | Section | Contents |
36
+ |---------|----------|
37
+ | Document Control | Canadian classification (UNCLASSIFIED / Protected A–C / CONFIDENTIAL / SECRET / TOP SECRET) |
38
+ | Revision History | Version, date, author, changes, approvals |
39
+ | Executive Summary | Categorisation, recommended sovereign cloud option, CLOUD-Act exposure posture, exit cadence |
40
+ | Workload Categorisation | C / I / A scoring (or pull from ITSG SoA) and the resulting Protected level |
41
+ | Residency Requirement Statement | At rest, in transit, in processing; backup and DR location; policy and data-class constraints |
42
+ | Sovereign Cloud Options Matrix | AWS Canada, Azure Canada, Google Cloud Canada with regions, Protected B status, CLOUD-Act exposure, cost band, managed-services gaps |
43
+ | GC Cloud Brokering Service Path | SSC role, departmental role, inheritance of ATO components |
44
+ | Foreign Subprocessor Analysis | CSP supply-chain residency and named sub-processor jurisdictions |
45
+ | Exit / Portability Plan | Bulk-export plan, state replication, format portability, dry-run cadence |
46
+ | Cross-Border Transfer Analysis | Transfers, lawful authority cited, justification, CLOUD-Act exposure even for in-Canada workloads |
47
+ | Operational Topology | Regions, AZs, network paths, encryption-in-transit, peering, key custody |
48
+ | Open Items | Pending Protected B authorisations, unresolved sub-processor flags, exit-rehearsal schedule |
49
+ | External References | Document Register, Citations, Unreferenced |
50
+
51
+ The Shared Responsibility Matrix (within Operational Topology) crosswalks every residency-relevant control across CSP / SSC / departmental ownership, so reviewers can see who answers to TBS for which control surface.
52
+
53
+ ---
54
+
55
+ ## When to run
56
+
57
+ - Pre-deployment cloud strategy — generate the assessment before the cloud target is locked in, not after.
58
+ - Categorisation upgrade — any move from Protected A to Protected B, or Protected B to Protected C / SECRET, reshapes the eligible region set; re-run.
59
+ - CSP migration — moving between hyperscalers (or onto an SSC-brokered offering) requires a fresh sovereign-options matrix and a refreshed CLOUD-Act risk acceptance.
60
+ - ATO renewal — re-run on the published re-authorisation cycle; sub-processor inventories drift continuously and the verification dates expire.
61
+ - New managed-service adoption — when a workload picks up a managed observability, ML, or analytics service that brings its own sub-processor reach, re-run the foreign-subprocessor analysis.
62
+ - New CSP region or sovereign offering — Canadian cloud supply matures incrementally (e.g. AWS `ca-west-1` Calgary going GA, Azure regional expansions, GCP additional Toronto capacity). Re-run when a candidate region reaches the federal authorisation envelope, in case it changes the recommendation.
63
+ - Sub-processor change notice — most CSPs publish sub-processor lists with a notice cadence; treat any addition of a non-Canadian-jurisdiction sub-processor as a trigger for a focused re-assessment of the affected workloads.
64
+
65
+ ---
66
+
67
+ ## Common pitfalls
68
+
69
+ - **Treating a Canadian region as full sovereignty.** A US-incorporated CSP with `ca-central-1` or Canada Central is still subject to the US CLOUD Act for the data it processes. The region addresses operational residency; it does not neutralise the legal-conflict exposure.
70
+ - **Ignoring CLOUD Act on US-incorporated CSPs.** The risk acceptance must be named — recorded in an ADR, signed off by an accountable person, and visible to the authorising official. Silent acceptance fails on inspection.
71
+ - **Under-budgeting exit cost.** Bulk-egress fees, format-portability gaps, and operational-runbook coupling all add up. An exit budget that has not been tested by a dry-run is fiction; rehearse annually at minimum.
72
+ - **Assuming SSC brokering cancels departmental ATO obligations.** SSC publishes inherited ATO components but the departmental Authorising Official still issues the system ATO. Treat the inherited envelope as scaffolding, not a transfer.
73
+ - **Federating identity to a foreign tenant.** A workload whose IAM trust root sits in a foreign-hosted IdP is not residency-clean even if the data is in Canada. The identity plane is a residency surface.
74
+ - **Treating sub-processor lists as static.** CSPs update their sub-processor lists on their own cycle. Record the verification date and re-check at ATO renewal.
75
+ - **Conflating Canadian region with Canadian sovereign cloud.** AWS Canada, Azure Canada, and Google Cloud Canada are Canadian-region offerings of US-incorporated CSPs, not sovereign clouds in the sense some other jurisdictions use the term. Where a workload requires a sovereignty posture beyond what an in-Canada region of a US CSP can deliver, escalate to the security authority — the eligible-options set narrows materially.
76
+ - **Forgetting the backup region.** Disaster-recovery secondaries often quietly land in a foreign region under default cloud-provider patterns. Pin the DR target to a second Canadian region (or an in-Canada AZ topology) and verify the actual replication path against the residency requirement.
77
+
78
+ ---
79
+
80
+ ## Handoffs
81
+
82
+ - **`adr`** — Sovereign-cloud option choices (which region, which CSP, which encryption-key custody model) and CLOUD-Act risk acceptances are material architectural decisions. Each warrants an ADR with options analysed, the chosen path justified, and the named accepter recorded against the residual risk.
83
+ - **`ca-itsg-33`** — The cloud control-profile selection (PBMM-Cloud for the typical federal Protected B cloud-hosted baseline; Secret-High for higher-categorised workloads) is grounded in the ITSG-33 categorisation. Run `ca-itsg-33` before this assessment where possible — the categorisation flows in. Where this assessment is run first to inform a cloud decision, hand the categorisation forward to the SoA and reconcile both artefacts at the same review. Tailoring decisions in the SoA (key-custody parameters, network-segmentation parameters, audit retention) often have direct cloud-residency implications and should be revisited together.
84
+
85
+ ---
86
+
87
+ ## Statutory currency
88
+
89
+ The TBS *Direction on the Secure Use of Commercial Cloud Services* updates regularly as TBS guidance evolves and as new sovereign-cloud offerings reach federal authorisation. CSE sovereign-cloud guidance moves with regional supply maturity — Protected B authorisations, new Canadian regions (e.g. AWS `ca-west-1`), and new sovereign offerings (e.g. provider-specific sovereign clouds for Canada) all reshape the eligible-options set. Re-verify against the TBS and CSE primary sources at the verification date recorded in the Document Register, and treat any sub-processor list as time-bounded.
90
+
91
+ The CMVP active-modules list, the CSP-published sub-processor inventories, and the SSC cloud-brokering catalogue all churn on shorter cycles than the TBS Direction. Stamp the verification date against each table cell that reflects an external source, and surface anything that has gone stale at the next review gate. A residency assessment that has not been re-verified in the last review cycle is, for inspection purposes, not current — even if the underlying environment has not changed.