arckit-cli 6.1.1__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (482) hide show
  1. arckit_cli/__init__.py +1120 -0
  2. arckit_cli-6.1.1.data/data/share/arckit/.arckit/memory/sessions.md +293 -0
  3. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/_partials/RENDERING.md +22 -0
  4. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/_partials/document-control-uae.md +20 -0
  5. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/_partials/document-control-uk.md +16 -0
  6. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/adm-preliminary-template.md +135 -0
  7. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/adr-template.md +588 -0
  8. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-design-template.md +390 -0
  9. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-governance-template.md +90 -0
  10. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-integration-template.md +159 -0
  11. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-inventory-template.md +108 -0
  12. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-maturity-template.md +388 -0
  13. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-security-template.md +213 -0
  14. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/analysis-report-template.md +323 -0
  15. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/application-inventory-template.md +221 -0
  16. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-board-template.md +194 -0
  17. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-change-template.md +205 -0
  18. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-diagram-template.md +610 -0
  19. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-principles-template.md +632 -0
  20. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-repository-template.md +107 -0
  21. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-strategy-template.md +666 -0
  22. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/at-bvergg-template.md +252 -0
  23. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/at-dsgvo-template.md +354 -0
  24. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/at-nisg-template.md +236 -0
  25. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-aescsf-template.md +189 -0
  26. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-ai-assurance-template.md +243 -0
  27. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-disp-attestation-template.md +297 -0
  28. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-dss-template.md +302 -0
  29. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-e8-posture-template.md +377 -0
  30. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-energy-compliance-template.md +189 -0
  31. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-ism-controls-template.md +462 -0
  32. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-ndb-playbook-template.md +288 -0
  33. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-ot-security-template.md +204 -0
  34. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-pia-template.md +394 -0
  35. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-pspf-template.md +380 -0
  36. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-soci-cirmp-template.md +206 -0
  37. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/aws-research-template.md +605 -0
  38. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/azure-research-template.md +559 -0
  39. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/backlog-template.md +465 -0
  40. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-aia-template.md +206 -0
  41. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-atip-template.md +192 -0
  42. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-charter-template.md +190 -0
  43. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-cloud-residency-template.md +173 -0
  44. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-fitaa-template.md +156 -0
  45. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-gc-digital-standards-template.md +208 -0
  46. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-itsg-33-template.md +228 -0
  47. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-ocap-template.md +205 -0
  48. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-ola-template.md +171 -0
  49. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-pia-template.md +193 -0
  50. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-pspc-template.md +214 -0
  51. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-soia-template.md +219 -0
  52. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/capability-map-template.md +125 -0
  53. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/competitors-template.md +113 -0
  54. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/conformance-assessment-template.md +507 -0
  55. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/data-mesh-contract-template.md +851 -0
  56. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/data-model-template.md +1043 -0
  57. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/data-source-profile-template.md +80 -0
  58. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/datascout-template.md +546 -0
  59. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/devops-template.md +961 -0
  60. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/dfd-template.md +161 -0
  61. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/dld-review-template.md +427 -0
  62. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/dos-requirements-template.md +506 -0
  63. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/dpia-template.md +1200 -0
  64. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-ai-act-template.md +227 -0
  65. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-cra-template.md +176 -0
  66. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-data-act-template.md +175 -0
  67. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-dora-template.md +197 -0
  68. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-dsa-template.md +183 -0
  69. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-nis2-template.md +196 -0
  70. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-rgpd-template.md +198 -0
  71. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/evaluation-criteria-template.md +719 -0
  72. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/finops-template.md +662 -0
  73. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-algorithme-public-template.md +162 -0
  74. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-anssi-carto-template.md +196 -0
  75. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-anssi-template.md +190 -0
  76. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-code-reuse-template.md +190 -0
  77. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-dinum-template.md +195 -0
  78. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-dr-template.md +187 -0
  79. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-ebios-template.md +209 -0
  80. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-irn-template.md +311 -0
  81. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-marche-public-template.md +178 -0
  82. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-pssi-template.md +270 -0
  83. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-rgpd-template.md +195 -0
  84. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-secnumcloud-template.md +188 -0
  85. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/framework-overview-template.md +247 -0
  86. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gap-analysis-template.md +198 -0
  87. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gcloud-clarify-template.md +340 -0
  88. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gcloud-requirements-template.md +370 -0
  89. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gcp-research-template.md +585 -0
  90. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/glossary-template.md +117 -0
  91. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gov-code-search-template.md +213 -0
  92. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gov-landscape-template.md +271 -0
  93. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gov-reuse-template.md +214 -0
  94. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/grants-template.md +131 -0
  95. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/hld-review-template.md +760 -0
  96. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/jsp-936-template.md +1394 -0
  97. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/maturity-model-template.md +297 -0
  98. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/mlops-template.md +720 -0
  99. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/mod-secure-by-design-template.md +784 -0
  100. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/operationalize-template.md +1016 -0
  101. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/pages-template.html +5121 -0
  102. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/platform-design-template.md +1610 -0
  103. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/presentation-template.md +270 -0
  104. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/principles-compliance-assessment-template.md +389 -0
  105. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/project-plan-template.md +421 -0
  106. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/rationalization-template.md +208 -0
  107. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/requirements-template.md +1026 -0
  108. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/research-findings-template.md +939 -0
  109. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/risk-register-template.md +883 -0
  110. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/roadmap-template.md +787 -0
  111. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/service-assessment-prep-template.md +448 -0
  112. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/servicenow-design-template.md +273 -0
  113. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/sobc-template.md +1127 -0
  114. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/sow-template.md +785 -0
  115. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/stakeholder-drivers-template.md +493 -0
  116. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/story-template.md +889 -0
  117. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/tcop-review-template.md +593 -0
  118. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/tech-note-template.md +59 -0
  119. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/tenders-template.md +124 -0
  120. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/traceability-matrix-template.md +360 -0
  121. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/transition-architecture-template.md +286 -0
  122. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-ai-autonomy-tier-template.md +97 -0
  123. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-ai-charter-template.md +81 -0
  124. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-classification-template.md +86 -0
  125. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-cloud-residency-template.md +136 -0
  126. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-data-sharing-template.md +105 -0
  127. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-digital-records-template.md +97 -0
  128. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-ias-template.md +109 -0
  129. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-pdpl-template.md +105 -0
  130. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-priorities-alignment-template.md +99 -0
  131. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-procurement-template.md +115 -0
  132. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-uaepass-template.md +129 -0
  133. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-zero-bureaucracy-template.md +85 -0
  134. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-consumer-duty-board-report-template.md +49 -0
  135. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-consumer-duty-template.md +362 -0
  136. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-ctp-dependency-register-template.md +24 -0
  137. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-ctp-dependency-template.md +321 -0
  138. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-safeguarding-reconciliation-template.md +77 -0
  139. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-safeguarding-template.md +348 -0
  140. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-sca-rts-exemption-matrix-template.md +47 -0
  141. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-sca-rts-template.md +273 -0
  142. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-gov-ai-playbook-template.md +942 -0
  143. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-gov-atrs-template.md +1087 -0
  144. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-mdr-classification-template.md +307 -0
  145. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0129-case-template.md +214 -0
  146. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0129-hazard-template.md +217 -0
  147. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0129-safety-template.md +78 -0
  148. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0129-template.md +13 -0
  149. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0160-deployment-case-template.md +207 -0
  150. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0160-deployment-hazard-template.md +290 -0
  151. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0160-deployment-safety-template.md +81 -0
  152. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0160-template.md +13 -0
  153. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dtac-template.md +341 -0
  154. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ukgov-secure-by-design-template.md +1031 -0
  155. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-ai-impact-template.md +212 -0
  156. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-ai-rmf-template.md +232 -0
  157. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-fedramp-readiness-template.md +209 -0
  158. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-fedramp-ssp-template.md +352 -0
  159. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-fisma-categorization-template.md +145 -0
  160. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-icam-template.md +216 -0
  161. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-nist-800-53-template.md +222 -0
  162. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-privacy-pia-template.md +191 -0
  163. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-sbom-eo-14028-template.md +253 -0
  164. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-zero-trust-template.md +234 -0
  165. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/vendor-profile-template.md +88 -0
  166. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/vendor-scoring-template.md +332 -0
  167. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-climate-template.md +269 -0
  168. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-doctrine-template.md +299 -0
  169. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-gameplay-template.md +346 -0
  170. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-map-template.md +587 -0
  171. arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-value-chain-template.md +256 -0
  172. arckit_cli-6.1.1.data/data/share/arckit/CHANGELOG.md +3554 -0
  173. arckit_cli-6.1.1.data/data/share/arckit/VERSION +1 -0
  174. arckit_cli-6.1.1.data/data/share/arckit/docs/DEPENDENCY-MATRIX.md +929 -0
  175. arckit_cli-6.1.1.data/data/share/arckit/docs/README.md +322 -0
  176. arckit_cli-6.1.1.data/data/share/arckit/docs/WORKFLOW-DIAGRAMS.md +1088 -0
  177. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/adm-preliminary.md +72 -0
  178. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/adr.md +60 -0
  179. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-design.md +71 -0
  180. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-governance.md +61 -0
  181. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-integration.md +59 -0
  182. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-inventory.md +60 -0
  183. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-maturity.md +84 -0
  184. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-security.md +63 -0
  185. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ai-playbook.md +103 -0
  186. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/analyze.md +57 -0
  187. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/application-inventory.md +71 -0
  188. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/application-rationalization.md +71 -0
  189. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/architecture-board.md +60 -0
  190. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/architecture-change.md +73 -0
  191. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/architecture-repository.md +62 -0
  192. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/artifact-health.md +228 -0
  193. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/at-bvergg.md +86 -0
  194. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/at-dsgvo.md +75 -0
  195. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/at-nisg.md +94 -0
  196. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/atrs.md +98 -0
  197. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-aescsf.md +45 -0
  198. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-ai-assurance.md +84 -0
  199. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-disp-attestation.md +90 -0
  200. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-dss.md +76 -0
  201. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-e8-posture.md +73 -0
  202. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-energy-compliance.md +47 -0
  203. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-federal-overlay.md +199 -0
  204. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-ism-controls.md +78 -0
  205. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-ndb-playbook.md +80 -0
  206. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-ot-security.md +39 -0
  207. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-pia.md +72 -0
  208. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-pspf.md +81 -0
  209. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-soci-cirmp.md +40 -0
  210. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/autoresearch.md +334 -0
  211. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/aws-research.md +160 -0
  212. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/azure-research.md +157 -0
  213. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/backlog.md +58 -0
  214. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/build.md +132 -0
  215. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/business-capability-map.md +68 -0
  216. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/business-case.md +68 -0
  217. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/c4-layout-science.md +280 -0
  218. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-aia.md +81 -0
  219. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-atip.md +79 -0
  220. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-charter.md +81 -0
  221. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-cloud-residency.md +91 -0
  222. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-fitaa.md +81 -0
  223. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-gc-digital-standards.md +93 -0
  224. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-itsg-33.md +80 -0
  225. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-ocap.md +91 -0
  226. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-ola.md +80 -0
  227. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-pia.md +83 -0
  228. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-pspc.md +96 -0
  229. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-soia.md +87 -0
  230. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/codes-of-practice.md +154 -0
  231. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/competitors.md +202 -0
  232. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/conformance.md +153 -0
  233. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/create.md +61 -0
  234. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/custom-commands.md +236 -0
  235. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/customize.md +108 -0
  236. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/data-mesh-contract.md +239 -0
  237. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/data-model.md +69 -0
  238. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/data-quality-framework.md +118 -0
  239. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/datascout.md +162 -0
  240. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/declaration.md +59 -0
  241. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/design-review.md +66 -0
  242. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/devops.md +96 -0
  243. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/dfd.md +187 -0
  244. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/diagram.md +118 -0
  245. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/dld-review.md +102 -0
  246. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/dos.md +109 -0
  247. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/dpia.md +80 -0
  248. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/enterprise-scale.md +260 -0
  249. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-ai-act.md +82 -0
  250. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-cra.md +90 -0
  251. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-data-act.md +85 -0
  252. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-dora.md +83 -0
  253. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-dsa.md +85 -0
  254. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-nis2.md +82 -0
  255. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-rgpd.md +76 -0
  256. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/evaluate.md +115 -0
  257. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/export-okf.md +70 -0
  258. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/finops.md +117 -0
  259. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-algorithme-public.md +86 -0
  260. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-anssi-carto.md +69 -0
  261. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-anssi.md +79 -0
  262. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-code-reuse.md +86 -0
  263. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-dinum.md +83 -0
  264. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-dr.md +88 -0
  265. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-ebios.md +84 -0
  266. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-irn.md +103 -0
  267. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-marche-public.md +94 -0
  268. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-pssi.md +87 -0
  269. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-rgpd.md +75 -0
  270. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-secnumcloud.md +80 -0
  271. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/framework.md +234 -0
  272. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gap-analysis.md +70 -0
  273. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gcloud-clarify.md +108 -0
  274. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gcloud-competitors.md +61 -0
  275. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gcloud-search.md +106 -0
  276. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gcp-research.md +169 -0
  277. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/glossary.md +190 -0
  278. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gov-code-search.md +119 -0
  279. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gov-landscape.md +114 -0
  280. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gov-reuse.md +112 -0
  281. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/govs-007-security.md +93 -0
  282. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/grants.md +106 -0
  283. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/graph-report.md +77 -0
  284. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/health.md +234 -0
  285. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/hld-review.md +110 -0
  286. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/hooks.md +121 -0
  287. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/impact.md +68 -0
  288. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/import-okf.md +67 -0
  289. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/init.md +159 -0
  290. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/jsp-936.md +60 -0
  291. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/knowledge-compounding.md +140 -0
  292. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/maturity-model.md +186 -0
  293. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/mcp-servers.md +329 -0
  294. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/migration.md +333 -0
  295. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/mlops.md +126 -0
  296. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/mod-secure.md +124 -0
  297. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/national-data-strategy.md +115 -0
  298. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/navigator.md +86 -0
  299. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/operationalize.md +143 -0
  300. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/pages.md +227 -0
  301. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/pinecone-mcp.md +128 -0
  302. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/plan.md +66 -0
  303. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/platform-design.md +600 -0
  304. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/presentation.md +137 -0
  305. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/pricing.md +62 -0
  306. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/principles-compliance.md +63 -0
  307. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/principles.md +55 -0
  308. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/procurement.md +57 -0
  309. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/productivity.md +217 -0
  310. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/remote-control.md +151 -0
  311. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/requirements.md +61 -0
  312. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/research.md +65 -0
  313. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/review.md +61 -0
  314. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/risk-management.md +70 -0
  315. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/risk.md +132 -0
  316. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roadmap.md +58 -0
  317. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/README.md +68 -0
  318. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/business-analyst.md +70 -0
  319. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/business-architect.md +70 -0
  320. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/cdo.md +59 -0
  321. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/ciso.md +61 -0
  322. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/cto-cdio.md +59 -0
  323. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/data-architect.md +68 -0
  324. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/data-governance-manager.md +59 -0
  325. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/delivery-manager.md +63 -0
  326. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/devops-engineer.md +55 -0
  327. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/enterprise-architect.md +84 -0
  328. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/it-service-manager.md +55 -0
  329. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/network-architect.md +58 -0
  330. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/performance-analyst.md +67 -0
  331. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/product-manager.md +62 -0
  332. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/security-architect.md +78 -0
  333. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/service-owner.md +58 -0
  334. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/solution-architect.md +75 -0
  335. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/technical-architect.md +68 -0
  336. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/score.md +91 -0
  337. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sdd-lot1.md +61 -0
  338. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sdd-lot2.md +62 -0
  339. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sdd-lot3.md +62 -0
  340. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/search.md +71 -0
  341. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/secure.md +181 -0
  342. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/security-hooks.md +200 -0
  343. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/security.md +62 -0
  344. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/service-assessment.md +47 -0
  345. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/service-design.md +71 -0
  346. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/servicenow.md +152 -0
  347. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/session-memory.md +100 -0
  348. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sobc.md +129 -0
  349. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sow.md +125 -0
  350. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/stakeholder-analysis.md +51 -0
  351. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/stakeholders.md +138 -0
  352. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/start.md +276 -0
  353. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/story.md +61 -0
  354. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/strategy.md +211 -0
  355. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/submission-pack.md +72 -0
  356. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/supplier-profile.md +70 -0
  357. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/tcop.md +124 -0
  358. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/template-builder.md +125 -0
  359. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/tenders.md +193 -0
  360. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/testing-plugin-branches.md +79 -0
  361. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/traceability.md +58 -0
  362. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/transition-architecture.md +69 -0
  363. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/trello.md +139 -0
  364. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-ai-autonomy-tier.md +84 -0
  365. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-ai-charter.md +89 -0
  366. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-classification.md +73 -0
  367. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-cloud-residency.md +84 -0
  368. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-data-sharing.md +84 -0
  369. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-digital-records.md +71 -0
  370. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-ias.md +93 -0
  371. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-overlay-maintenance.md +154 -0
  372. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-overlay.md +208 -0
  373. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-pdpl.md +73 -0
  374. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-priorities-alignment.md +82 -0
  375. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-procurement.md +71 -0
  376. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-uaepass.md +83 -0
  377. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-zero-bureaucracy.md +80 -0
  378. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-consumer-duty.md +178 -0
  379. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-ctp-dependency.md +181 -0
  380. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-payments-overlay.md +216 -0
  381. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-safeguarding.md +176 -0
  382. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-sca-rts.md +164 -0
  383. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/ai-playbook.md +56 -0
  384. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/algorithmic-transparency.md +44 -0
  385. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/digital-marketplace.md +55 -0
  386. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/secure-by-design.md +51 -0
  387. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/standards-map.md +108 -0
  388. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/technology-code-of-practice.md +63 -0
  389. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-mdr-classification.md +59 -0
  390. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-mod/secure-by-design.md +54 -0
  391. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-nhs-clinical-safety-overlay.md +214 -0
  392. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-nhs-dcb0129.md +64 -0
  393. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-nhs-dcb0160.md +62 -0
  394. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-nhs-dtac.md +55 -0
  395. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/upgrading.md +130 -0
  396. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-ai-impact.md +71 -0
  397. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-ai-rmf.md +70 -0
  398. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-federal-overlay.md +111 -0
  399. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-fedramp-readiness.md +69 -0
  400. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-fedramp-ssp.md +71 -0
  401. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-fisma-categorization.md +68 -0
  402. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-icam.md +70 -0
  403. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-nist-800-53.md +70 -0
  404. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-privacy-pia.md +74 -0
  405. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-sbom-eo-14028.md +71 -0
  406. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-zero-trust.md +68 -0
  407. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley-climate.md +122 -0
  408. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley-doctrine.md +120 -0
  409. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley-gameplay.md +123 -0
  410. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley-value-chain.md +130 -0
  411. arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley.md +173 -0
  412. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/.agents/plugins/marketplace.json +20 -0
  413. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/README.md +325 -0
  414. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/VERSION +1 -0
  415. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/docs/DEPENDENCY-MATRIX.md +616 -0
  416. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/arckit-codex-hook.mjs +1270 -0
  417. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/graph-inject.mjs +1497 -0
  418. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/graph-rollups.mjs +247 -0
  419. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/graph-utils.mjs +363 -0
  420. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/hook-utils.mjs +383 -0
  421. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/hooks.json +80 -0
  422. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/okf-frontmatter.mjs +279 -0
  423. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/project-context-builder.mjs +168 -0
  424. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/sync-guides.mjs +1120 -0
  425. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-copilot/README.md +68 -0
  426. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-copilot/VERSION +1 -0
  427. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-copilot/docs/DEPENDENCY-MATRIX.md +616 -0
  428. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/LICENSE +21 -0
  429. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/README.md +65 -0
  430. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/VERSION +1 -0
  431. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/docs/DEPENDENCY-MATRIX.md +616 -0
  432. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/opencode.json +25 -0
  433. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/.mcp.json +63 -0
  434. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/LICENSE +26 -0
  435. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/README.md +407 -0
  436. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/VERSION +1 -0
  437. arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/vibe-config.toml +62 -0
  438. arckit_cli-6.1.1.data/data/share/arckit/scripts/README.md +680 -0
  439. arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/fixtures/000-global/ARC-000-PRIN-v1.0.md +120 -0
  440. arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/fixtures/001-test-project/ARC-001-STKE-v1.0.md +100 -0
  441. arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/fixtures/001-test-project/README.md +15 -0
  442. arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/program-selfharness.md +748 -0
  443. arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/program.md +269 -0
  444. arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/check-prerequisites.sh +250 -0
  445. arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/common.sh +359 -0
  446. arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/create-project.sh +408 -0
  447. arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/generate-document-id.sh +146 -0
  448. arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/list-projects.sh +359 -0
  449. arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/migrate-filenames.sh +553 -0
  450. arckit_cli-6.1.1.data/data/share/arckit/scripts/bump-version.sh +293 -0
  451. arckit_cli-6.1.1.data/data/share/arckit/scripts/check_doctype_collisions.py +30 -0
  452. arckit_cli-6.1.1.data/data/share/arckit/scripts/check_recipes.py +94 -0
  453. arckit_cli-6.1.1.data/data/share/arckit/scripts/check_references.py +144 -0
  454. arckit_cli-6.1.1.data/data/share/arckit/scripts/convert_vibe_agents.py +198 -0
  455. arckit_cli-6.1.1.data/data/share/arckit/scripts/convert_vibe_skills.py +499 -0
  456. arckit_cli-6.1.1.data/data/share/arckit/scripts/converter.py +2002 -0
  457. arckit_cli-6.1.1.data/data/share/arckit/scripts/create-sdg-repo.py +820 -0
  458. arckit_cli-6.1.1.data/data/share/arckit/scripts/generate-arckit-architecture-hero.py +317 -0
  459. arckit_cli-6.1.1.data/data/share/arckit/scripts/generate-arckit-hero.py +278 -0
  460. arckit_cli-6.1.1.data/data/share/arckit/scripts/generate-release-notes.sh +112 -0
  461. arckit_cli-6.1.1.data/data/share/arckit/scripts/managed-agents/README.md +105 -0
  462. arckit_cli-6.1.1.data/data/share/arckit/scripts/managed-agents/arckit-agent.py +418 -0
  463. arckit_cli-6.1.1.data/data/share/arckit/scripts/push-extensions.sh +424 -0
  464. arckit_cli-6.1.1.data/data/share/arckit/scripts/python/apply_doc_control_marker.py +50 -0
  465. arckit_cli-6.1.1.data/data/share/arckit/scripts/python/common.py +288 -0
  466. arckit_cli-6.1.1.data/data/share/arckit/scripts/python/create-project.py +373 -0
  467. arckit_cli-6.1.1.data/data/share/arckit/scripts/python/generate-document-id.py +96 -0
  468. arckit_cli-6.1.1.data/data/share/arckit/scripts/python/list-projects.py +238 -0
  469. arckit_cli-6.1.1.data/data/share/arckit/scripts/python/migrate_classification.py +94 -0
  470. arckit_cli-6.1.1.data/data/share/arckit/scripts/render-brand-pngs.py +72 -0
  471. arckit_cli-6.1.1.data/data/share/arckit/scripts/standardise-colon.py +128 -0
  472. arckit_cli-6.1.1.data/data/share/arckit/scripts/sync-claude-plugin-layout.py +159 -0
  473. arckit_cli-6.1.1.data/data/share/arckit/scripts/sync-shared-assets.py +132 -0
  474. arckit_cli-6.1.1.data/data/share/arckit/scripts/tag-plugins.sh +65 -0
  475. arckit_cli-6.1.1.data/data/share/arckit/scripts/tests/test-doc-types-dual-registration.mjs +57 -0
  476. arckit_cli-6.1.1.data/data/share/arckit/scripts/tests/test-fde-templates.mjs +100 -0
  477. arckit_cli-6.1.1.data/data/share/arckit/scripts/tests/test-regime-registration.mjs +65 -0
  478. arckit_cli-6.1.1.dist-info/METADATA +1966 -0
  479. arckit_cli-6.1.1.dist-info/RECORD +482 -0
  480. arckit_cli-6.1.1.dist-info/WHEEL +4 -0
  481. arckit_cli-6.1.1.dist-info/entry_points.txt +2 -0
  482. arckit_cli-6.1.1.dist-info/licenses/LICENSE +26 -0
@@ -0,0 +1,81 @@
1
+ # Canada FITAA Compliance Playbook
2
+
3
+ > **Guide Origin**: Community | **ArcKit Version**: [VERSION]
4
+
5
+ `/arckit:ca-fitaa` generates a Canada Foreign Influence Transparency and Accountability Act (FITAA) compliance assessment under Bill C-70 (2024). It scopes registrable activity, designs the public-vs-protected arrangement register, lays out the registration workflow and severance rules, captures the Commissioner liaison protocol, and surfaces a Charter §2 risk register.
6
+
7
+ The Office of the Commissioner of Foreign Influence Transparency is newly stood up. Regulations are still being made through 2025–2026, so this command treats unsettled section numbers and offence references as `<TBC at draft time>` placeholders that the reviewer must reconcile against the consolidated Justice Laws Website text before relying on the output.
8
+
9
+ ---
10
+
11
+ ## Inputs
12
+
13
+ | Artefact | Purpose |
14
+ |----------|---------|
15
+ | Requirements (`ARC-<id>-REQ-v1.0.md`) | Activity description and arrangement triggers |
16
+ | Stakeholders (`ARC-<id>-STKE-v1.0.md`) | Foreign principals, registrants, civil-society stakeholders |
17
+ | Data requirements (`ARC-<id>-DR-v1.0.md`) | Register data fields, public vs protected flags |
18
+ | Data model (`ARC-<id>-DMOD-v1.0.md`) | Arrangement / registrant / foreign-principal entities |
19
+
20
+ ---
21
+
22
+ ## Command
23
+
24
+ ```bash
25
+ /arckit:ca-fitaa <project ID or service description>
26
+ ```
27
+
28
+ Output: `projects/<id>/ARC-<id>-FITAA-v1.0.md`
29
+
30
+ ---
31
+
32
+ ## Assessment Structure
33
+
34
+ | Section | Contents |
35
+ |---------|----------|
36
+ | Document Control | Canadian classification (UNCLASSIFIED / Protected A–C / CONFIDENTIAL / SECRET / TOP SECRET) |
37
+ | Revision History | Version, date, author, changes, approvals |
38
+ | Executive Summary | FITAA exposure, registration model, headline Charter §2 findings |
39
+ | Activity Scoping | Statutory triggers, exclusions, decision tree mapped to project activities |
40
+ | Arrangement Register Design | Per-field schema with Public / Protected flag, 14-day update cadence |
41
+ | Registration Workflow | Submission, identity verification, acknowledgement, material-change update |
42
+ | Public Register vs Protected Investigative Data | Data flow, severance rules, withdrawal / correction process |
43
+ | Commissioner Liaison Protocol | Triggers, cadence, contacts, RCMP / CSIS coordination |
44
+ | Charter Risk Register | s.2(b) chilling-effect and s.2(d) association mitigations with residual rating |
45
+ | Compliance Schedule | Registrant-side triggers, 14-day clock, penalty exposures |
46
+ | Open Items | Statutory currency caveats with `<TBC>` markers |
47
+ | External References | Document Register, Citations, Unreferenced |
48
+
49
+ ---
50
+
51
+ ## When to run
52
+
53
+ - A project introduces a registration or transparency scheme for arrangements with foreign principals.
54
+ - A federal department is designing the public-facing FITAA register or its protected investigative back-end.
55
+ - A programme touches advocacy, journalism, diaspora engagement, or political activity and needs to assess registrability.
56
+ - A reviewer needs a structured Charter §2 risk register before service-design sign-off.
57
+
58
+ ---
59
+
60
+ ## Common pitfalls
61
+
62
+ - **Confusing FITAA with the Lobbying Act or Conflict of Interest Act.** These are separate transparency regimes with different scopes and registrars; FITAA targets foreign-principal arrangements, not domestic lobbying.
63
+ - **Treating Charter analysis as optional.** Any registration scheme that captures advocacy, journalism, or political activity is presumptively engaging Charter §2(b) and §2(d). The `ca-charter` handoff is unconditional.
64
+ - **Conflating public and protected views.** The public register and the investigative back-end must be designed as separate logical systems with audited severance rules. Mixing them creates ATIP-Act exposure under §15 (national security) and §16 (law enforcement).
65
+ - **Using stale statutory cites.** FITAA section numbering and offence references are still settling. Treat any unconfirmed cite as `<TBC at draft time>` and reconcile against the current Justice Laws text before publication.
66
+ - **Skipping bilingual review.** The public-facing register, registration forms, acknowledgements, and notices must be available in both official languages. Skipping `ca-ola` produces a non-compliant artefact.
67
+
68
+ ---
69
+
70
+ ## Handoffs
71
+
72
+ - **`ca-charter`** — Charter §2 expression and association analysis is required for any registration scheme that engages protected speech or association. Treat as unconditional after FITAA.
73
+ - **`ca-pia`** — Privacy Impact Assessment for personal information collected during arrangement registration. Required before the system collects or processes registrant or foreign-principal personal data.
74
+ - **`ca-atip`** — Reconciles the public-facing register against the protected investigative dataset; required severance design for hybrid public / protected views.
75
+ - **`ca-aia`** — Algorithmic Impact Assessment is triggered when registration triage uses any automated decision-making, scoring, or risk classification.
76
+
77
+ ---
78
+
79
+ ## Statutory currency
80
+
81
+ FITAA was enacted in June 2024 with regulations still emerging through 2025–2026. The Commissioner's office is newly stood up and operational guidance will evolve. Verify all citations against the current Justice Laws Website text and the Commissioner's published guidance before relying on this output. Where section numbers or offence references are unsettled, the template uses `<TBC at draft time>` placeholders that the reviewer must reconcile before publication.
@@ -0,0 +1,93 @@
1
+ # Canada GC Digital Standards Conformance Playbook
2
+
3
+ > **Guide Origin**: Community | **ArcKit Version**: [VERSION]
4
+
5
+ `/arckit:ca-gc-digital-standards` generates a Government of Canada Digital Standards conformance scorecard for a federal digital service. It assesses the service against the 10 Digital Standards individually, surfaces evidence and gaps per standard, captures remediation actions with owners and target dates, and produces a per-standard maturity roadmap. Cross-cutting themes — accessibility, open data and code, ethical AI, user research practice — are scored once across the standards they touch.
6
+
7
+ The Digital Standards are not aspirational principles. They sit under the TBS *Policy on Service and Digital* and the *Directive on Service and Digital*; ADMs are accountable for adherence and TBS audits conformance through the digital reporting cycle. Standard 6 is reinforced by the *Accessible Canada Act* and the *Accessible Canada Regulations*, which set the statutory floor regardless of how the digital scorecard reads. Treat this artefact as a delivery and governance gate — not a self-assessment exercise.
8
+
9
+ ---
10
+
11
+ ## Inputs
12
+
13
+ | Artefact | Purpose |
14
+ |----------|---------|
15
+ | Requirements (`ARC-<id>-REQ-v1.0.md`) | Service description, user populations, intended outcomes |
16
+ | Service assessment (`ARC-<id>-SAS-v1.0.md`) | GDS-style evidence base — many points map onto Digital Standards |
17
+ | Retrospective notes | Iteration cadence, learning loops, team practices |
18
+ | Accessibility audits | WCAG 2.1 AA / 2.2 AA conformance, manual and assistive-tech reviews |
19
+ | PIA / AIA artefacts | Standard 5 (security and privacy) and Standard 9 (ethical) evidence |
20
+
21
+ ---
22
+
23
+ ## Command
24
+
25
+ ```bash
26
+ /arckit:ca-gc-digital-standards <project ID or service description>
27
+ ```
28
+
29
+ Output: `projects/<id>/ARC-<id>-DIGSTD-v1.0.md`
30
+
31
+ ---
32
+
33
+ ## Assessment Structure
34
+
35
+ | Section | Contents |
36
+ |---------|----------|
37
+ | Document Control | Canadian classification (UNCLASSIFIED / Protected A–C / CONFIDENTIAL / SECRET / TOP SECRET) |
38
+ | Revision History | Version, date, author, changes, approvals |
39
+ | Executive Summary | Conformance posture across the 10 standards, top remediation actions, maturity headline |
40
+ | Service Description | Service, owner, user populations, lifecycle stage, key artefacts |
41
+ | Per-Standard Assessment | One sub-table per standard with Evidence, Gaps, Remediation, Owner, Target date, Maturity |
42
+ | Cross-Cutting Themes | Accessibility, open data and code, ethical AI, user research — scored across the standards they touch |
43
+ | Maturity Roadmap | Current vs target maturity per standard, milestones, owners, dates |
44
+ | Open Items | Outstanding decisions, blocked remediations, deferred standards work |
45
+ | External References | Document Register, Citations, Unreferenced |
46
+
47
+ ---
48
+
49
+ ## Maturity scale
50
+
51
+ The scorecard uses a CMMI-style 5-level progression for each standard:
52
+
53
+ | Level | Meaning |
54
+ |-------|---------|
55
+ | Initial | Practice is ad hoc, undocumented, or absent. Conformance is incidental rather than designed. |
56
+ | Repeatable | Practice happens consistently on this service, but is informal and dependent on the current team. |
57
+ | Defined | Practice is documented, standardised across the team, and onboarded into team rituals. |
58
+ | Measured | Outcomes are instrumented; the team has metrics that prove conformance, not just activity. |
59
+ | Optimising | The team uses the metrics to iterate the practice itself. Conformance improves over time without prompting. |
60
+
61
+ Score each standard independently. Do not collapse the 10 dimensions into a single overall maturity number — that loses the per-standard signal TBS reviewers need.
62
+
63
+ ---
64
+
65
+ ## When to run
66
+
67
+ - Pre-launch — before go-live for a new federal digital service to evidence conformance to all 10 standards.
68
+ - ATO renewal — pair with `ca-itsg-33` and `ca-pia` so the security, privacy, and digital scorecards refresh together.
69
+ - Quarterly governance review — TBS reporting cycles surface conformance gaps, so refresh the scorecard ahead of each cycle.
70
+ - Substantive service change — new audience, new channel, new automated decision, new processor, or change of jurisdiction.
71
+
72
+ ---
73
+
74
+ ## Common pitfalls
75
+
76
+ - **Treating the standards as advisory.** The Digital Standards are policy under the *Policy on Service and Digital*; non-conformance has audit consequences. Do not write the scorecard as a discretionary self-rating.
77
+ - **Missing the WCAG / Accessible Canada Act floor.** Standard 6 is anchored in statute. WCAG 2.1 AA / 2.2 AA conformance is the operational target, and statutory accessibility plans, feedback processes, and progress reports are mandatory regardless of how the scorecard reads.
78
+ - **Default-private working when "Work in the open" is the rule.** Standard 3 requires open-by-default. Reasons not to publish must be explicit, narrow, and time-boxed. Default-private is itself a non-conformance — remediate it, do not rationalise it.
79
+ - **Uniform maturity claims rather than per-standard.** A service can be advanced on accessibility and immature on open code. The scorecard MUST report dimension-by-dimension; an aggregated overall maturity number is misleading and is not accepted by TBS reviewers.
80
+ - **Confusing this with the GDS Service Standard.** The two regimes overlap conceptually but are governed differently. Use `service-assessment` for the GDS regime; this command is the GC-specific complement.
81
+
82
+ ---
83
+
84
+ ## Handoffs
85
+
86
+ - **`service-assessment`** — Many of the GDS Service Standard points overlap with the GC Digital Standards (user research, accessibility, iteration, openness). The Digital Standards scorecard feeds the broader service-assessment evidence base directly; cross-link the same evidence rather than duplicating it. Where the regimes diverge (e.g. open-by-default, ethical AI), keep the per-standard treatment authoritative here.
87
+ - **`roadmap`** — Identified gaps and remediation actions become roadmap milestones with owners, dates, and dependencies. Carry the per-standard maturity progression forward so the strategic roadmap shows how conformance improves over the planning horizon, not just feature delivery.
88
+
89
+ ---
90
+
91
+ ## Statutory currency
92
+
93
+ The Digital Standards may be revised by TBS — the standards themselves and the *Directive on Service and Digital* both evolve, and the *Digital Operations Strategic Plan* is updated annually. The *Accessible Canada Regulations* expand in tranches across federal entities and reporting categories. Cite the version verified at the verification date in the Document Register, and re-verify on every refresh of the scorecard. Provincial accessibility regimes (AODA in Ontario, the BC Accessibility Act, Loi visant à favoriser l'intégration in Quebec) layer on top where the service has provincial reach — they require their own assessments and are out of scope here.
@@ -0,0 +1,80 @@
1
+ # Canada ITSG-33 Statement of Applicability Playbook
2
+
3
+ > **Guide Origin**: Community | **ArcKit Version**: [VERSION]
4
+
5
+ `/arckit:ca-itsg-33` generates an ITSG-33 Statement of Applicability for a Canadian federal information system. ITSG-33 is the *IT Security Risk Management: A Lifecycle Approach* publication issued by the Communications Security Establishment / Canadian Centre for Cyber Security and is the federal baseline for security control selection. The artefact this command produces walks through information-asset categorisation, control-profile selection, per-family applicability, cryptographic module validation, supply-chain screening, continuous monitoring, and the authorisation chain.
6
+
7
+ The TBS *Standard on Security Categorization* sits upstream of ITSG-33 — it is the source of the injury-based Confidentiality / Integrity / Availability scoring matrix that produces the system-level categorisation (UNCLASSIFIED / Protected A / Protected B / Protected C / CONFIDENTIAL / SECRET / TOP SECRET). The categorisation drives every downstream choice, so the categorisation section is the load-bearing part of the artefact: get it wrong and the chosen control profile, the tailoring envelope, and the authorisation cycle all propagate the error.
8
+
9
+ ---
10
+
11
+ ## Inputs
12
+
13
+ | Artefact | Purpose |
14
+ |----------|---------|
15
+ | Requirements (`ARC-<id>-REQ-v1.0.md`) | Functional context and NFR-SEC-* security requirements |
16
+ | Data requirements (`ARC-<id>-DR-v1.0.md`) | Per-element sensitivity classifications feeding categorisation |
17
+ | Privacy Impact Assessment (`ARC-<id>-PIA-v1.0.md`) | Personal-information drivers for the categorisation, especially Confidentiality scoring |
18
+ | Statement of Initial Authority (`ARC-<id>-SOIA-v1.0.md`, if classified) | Classified-information envelope and lawful-handling chain |
19
+
20
+ ---
21
+
22
+ ## Command
23
+
24
+ ```bash
25
+ /arckit:ca-itsg-33 <project ID or service description>
26
+ ```
27
+
28
+ Output: `projects/<id>/ARC-<id>-ITSG-v1.0.md`
29
+
30
+ ---
31
+
32
+ ## Assessment Structure
33
+
34
+ | Section | Contents |
35
+ |---------|----------|
36
+ | Document Control | Canadian classification (UNCLASSIFIED / Protected A–C / CONFIDENTIAL / SECRET / TOP SECRET) |
37
+ | Revision History | Version, date, author, changes, approvals |
38
+ | Executive Summary | System-level categorisation, chosen profile, tailoring posture, CMVP / supply-chain status |
39
+ | Information Asset Categorisation | Per-asset C / I / A scores (Low / Medium / High), aggregated to system-level categorisation |
40
+ | Control Profile Selection | PBMM / PBMM-Cloud / Secret-High / Top-Secret-High with rationale and tailoring summary |
41
+ | Statement of Applicability | Per-family applicability across all 16 ITSG-33 control families (AC, AU, CA, CM, CP, IA, IR, MA, MP, PE, PL, PS, RA, SA, SC, SI) |
42
+ | Cryptographic Module Validation | CMVP / FIPS 140-3 certificate per module, validation level, algorithm scope, status |
43
+ | Supply Chain Security | Vulnerable Suppliers and sanctioned-entities screen across prime, sub-processors, equipment, managed services |
44
+ | Continuous Monitoring Plan | Frequency, tooling, reporting cadence, re-categorisation triggers |
45
+ | Authorisation Chain | System Owner → Security Authority → Authorising Official with cycle and conditions |
46
+ | Open Items | Outstanding tailoring, unfinished CMVP checks, unresolved supplier flags |
47
+ | External References | Document Register, Citations, Unreferenced |
48
+
49
+ ---
50
+
51
+ ## When to run
52
+
53
+ - Pre-authorisation — generate the Statement of Applicability before the authorising official considers the package; an Authority to Operate cannot be granted without it.
54
+ - ATO renewal — re-run at the published re-authorisation cycle (typical federal cycle is annual or triennial depending on categorisation).
55
+ - Substantive change to the system or its operating environment — new data elements, new processing purposes, new operating environment (on-prem to cloud, region change), new supplier, or a security incident that materially changes the threat picture.
56
+
57
+ ---
58
+
59
+ ## Common pitfalls
60
+
61
+ - **Under-scoring categorisation.** The temptation is to score down to keep the control envelope manageable. The TBS Standard is injury-based — score the realistic worst-case injury, not the convenient one. Under-scoring is the failure mode that propagates the furthest.
62
+ - **Tailoring-by-preference.** Every deviation from the published CSE profile must be justified with a residual-risk statement and named acceptance. "We don't want to do this" is not a tailoring rationale; "the compensating control delivers equivalent or greater assurance because X" is.
63
+ - **Non-CMVP cryptography slipping in.** Modules drift to *Historical* status on the CMVP list without a code change in the system. Verify each module against the active list at generation time, not the list that was current at procurement.
64
+ - **Missing the Vulnerable Suppliers screen.** The *Direction on Vulnerable Suppliers* attaches to sub-processors and telecommunications equipment, not just the prime contractor. A clean prime with a flagged sub-processor is still flagged.
65
+ - **Categorisation that does not match the PIA.** Personal-information sensitivity in the PIA must reconcile with the Confidentiality score in the ITSG-33 categorisation. Divergence is a finding by inspection.
66
+ - **Continuous monitoring as a sign-off, not an operating mode.** Authorisation is conditional on the monitoring plan actually running. List the tooling, the cadence, and the role accountable for the evidence — otherwise the authorisation is brittle.
67
+
68
+ ---
69
+
70
+ ## Handoffs
71
+
72
+ - **`ca-cloud-residency`** — The system-level categorisation and the chosen control profile are direct inputs to the sovereign cloud residency assessment. Cloud-hosted Protected B and above attracts a tighter residency envelope under the TBS *Direction on the Secure Use of Commercial Cloud Services*.
73
+ - **`risk`** — Residual security risks from the SoA (Compensating Controls with residual risk, supplier flags with mitigation in place, cryptographic-module gaps awaiting resolution) flow into the operational risk register. Carry the same risk IDs forward so the residual posture is traceable.
74
+ - **`adr`** — Material control tailoring decisions, compensating-control choices, and supplier-of-concern accommodations warrant Architecture Decision Records. The SoA captures the decision; the ADR captures the architectural rationale and the alternatives considered.
75
+
76
+ ---
77
+
78
+ ## Statutory currency
79
+
80
+ ITSG-33 itself is comparatively stable but the surrounding TBS guidance moves: the *Direction on the Secure Use of Commercial Cloud Services* and the *Direction on Vulnerable Suppliers* both update on TBS cycles, and the CMVP active-modules list churns continuously. Cite the current versions of TBS guidance and verify each cryptographic module against the live CMVP list at the time of generation. Record the verification date in the Document Register so a reviewer can audit currency.
@@ -0,0 +1,91 @@
1
+ # Canada First Nations OCAP® Sovereignty Playbook
2
+
3
+ > **Guide Origin**: Community | **ArcKit Version**: [VERSION]
4
+
5
+ `/arckit:ca-ocap` generates a First Nations OCAP® (Ownership, Control, Access, Possession) sovereignty assessment for any federal information system that processes Indigenous data. The output is a per-dataset OCAP mapping anchored on the First Nations Information Governance Centre (FNIGC) framework, with separate tracks for Métis data (USAI principles) and Inuit data (ITK *National Inuit Strategy on Research*). It is not a substitute for direct engagement with FNIGC, the affected First Nation(s), Métis Nation governing members, or Inuit organisations.
6
+
7
+ The command enforces a structural FNIGC pre-engagement gate. If the architect cannot confirm that an FNIGC pre-engagement is booked or in progress, the artefact remains a planning scaffold only — the per-dataset OCAP register, USAI / ITK considerations, DSA terms, repatriation plan, and co-governance arrangement are deferred until engagement is confirmed. OCAP is a relationship; the artefact records and supports the relationship rather than substituting for it.
8
+
9
+ ---
10
+
11
+ ## Inputs
12
+
13
+ | Artefact | Purpose |
14
+ |----------|---------|
15
+ | Requirements (`ARC-<id>-REQ-v1.0.md`) | System scope and Indigenous-data triggers |
16
+ | Data requirements (`ARC-<id>-DR-v1.0.md`) | Per-element collection / use / disclosure |
17
+ | Data model (`ARC-<id>-DMOD-v1.0.md`) | Entity-level data classifications |
18
+ | Privacy Impact Assessment (`ARC-<id>-PIA-v*.md`) | Privacy controls inherited; OCAP layers community sovereignty over the PIA's federal privacy posture |
19
+
20
+ ---
21
+
22
+ ## Command
23
+
24
+ ```bash
25
+ /arckit:ca-ocap <project ID or service description>
26
+ ```
27
+
28
+ Output: `projects/<id>/ARC-<id>-OCAP-v1.0.md`
29
+
30
+ ---
31
+
32
+ ## Assessment Structure
33
+
34
+ | Section | Contents |
35
+ |---------|----------|
36
+ | Document Control | Canadian classification with community-protected override note |
37
+ | Revision History | Version, date, author, changes, approvals |
38
+ | Executive Summary | Indigenous data in scope, FNIGC engagement status, headline OCAP findings or planning-scaffold flag |
39
+ | FNIGC Pre-Engagement Confirmation | Engagement status, contacts, nature; Planning Scaffold Mode checkbox; engagement-letter scaffold |
40
+ | Indigenous Data Inventory | Per dataset: First Nation(s) of origin, data nature, custodianship, transfer history, sensitivity |
41
+ | OCAP Principles Mapping | Per dataset: Ownership / Control / Access / Possession sub-tables |
42
+ | USAI Considerations | Métis data: Utility, Self-Determination, Access, Inter-relationships |
43
+ | ITK Principles Considerations | Inuit data: NISR principles per Inuit Nunangat region |
44
+ | Data Sharing Agreement Terms | Indigenous co-signatory, purpose limitation, time-bound, revocability, audit rights, sub-processor restrictions |
45
+ | Repatriation Plan | Per dataset: historical context, return / destroy decision, method, owner, date |
46
+ | Co-Governance Arrangements | Body, Indigenous representation, decision rule, appeal pathway |
47
+ | Risks and Mitigation Register | Cultural, legal, reputational risks with residual rating |
48
+ | Open Items | FNIGC follow-up, classification overrides, USAI / ITK engagement gaps, DSA signatures, UNDRIP review |
49
+ | External References | Document Register (FNIGC OCAP®, UNDRIP Act, USAI, ITK NISR, Privacy Act), Citations, Unreferenced |
50
+
51
+ ---
52
+
53
+ ## When to run
54
+
55
+ - Any federal system processes administrative, statistical, traditional-knowledge, biological, image, audio, or video data originating from First Nations, Métis, or Inuit populations.
56
+ - A project is in pre-engagement scoping and needs a planning scaffold to brief FNIGC and community contacts.
57
+ - Pre-launch of any service that will hold Indigenous data, before the system goes live.
58
+ - A substantive change to the data, custodianship arrangement, or sharing scope of an existing system holding Indigenous data.
59
+ - A repatriation request or community-led review prompts a re-assessment of an existing system's OCAP posture.
60
+
61
+ The earlier this command is run, the more useful the planning scaffold becomes — running `ca-ocap` once design is locked-in tends to surface community-protected classifications and possession arrangements that should have shaped the design itself.
62
+
63
+ If the assessment exists in planning-scaffold mode for an extended period, treat the engagement gap itself as a delivery risk and escalate it through the project's risk register.
64
+
65
+ ---
66
+
67
+ ## Common pitfalls
68
+
69
+ - **Treating OCAP as a checklist.** OCAP is a relationship. The artefact supports the relationship; it does not replace direct engagement with FNIGC and the affected nation.
70
+ - **Collapsing First Nations, Métis, and Inuit into one regime.** OCAP applies to First Nations data; Métis data is governed by USAI; Inuit data follows ITK NISR. Maintain distinct engagement tracks and contacts.
71
+ - **Skipping FNIGC pre-engagement.** The gate in step 5.1 is mandatory. If engagement is not confirmed, the artefact must remain a planning scaffold.
72
+ - **Assuming federal authority overrides community sovereignty.** It does not. Community-protected classifications can exceed the federal scheme; record the override and raise an Open Item.
73
+ - **Permitting secondary analysis without renewed consent.** Each new use requires a renewed community consent path; do not rely on the original collection consent.
74
+
75
+ ---
76
+
77
+ ## Handoffs
78
+
79
+ - **`data-model`** — OCAP-mapped data classifications and access controls feed the data model's stewardship and access policies. Where a dataset is community-controlled, the data model must record the controlling body and the access tier.
80
+ - **`ca-pia`** — Personal-information processing of Indigenous data inherits the federal PIA controls plus OCAP-derived restrictions. Run `ca-pia` if any personal information is in scope; the OCAP register layers community sovereignty on top of the PIA's federal privacy posture.
81
+ - **`ca-atip`** — ATIP severance design must reflect OCAP access and control determinations for Indigenous datasets. Where access is community-controlled, ATIP exemptions and severance must align so federal access requests do not bypass community decision authority.
82
+
83
+ ---
84
+
85
+ ## Statutory currency
86
+
87
+ The *United Nations Declaration on the Rights of Indigenous Peoples Act* (S.C. 2021, c. 14) commits the Crown to align federal laws with the Declaration through an evolving Action Plan. Cite the current Action Plan version published by the Department of Justice. FNIGC training and guidance is the authoritative source on OCAP® application; verify the current FNIGC course and guidance pages before relying on the output. USAI guidance evolves through the Métis Nation Council and provincial governing members; ITK guidance evolves through the *National Inuit Strategy on Research* and the Inuit-Crown Partnership Committee.
88
+
89
+ ---
90
+
91
+ OCAP® is a registered trademark of the First Nations Information Governance Centre. This command and the artefacts it produces support — but do not substitute for — direct, respectful engagement with FNIGC, the affected First Nation(s), Métis Nation governing members, and Inuit organisations. Treat every assessment as a record of an ongoing relationship rather than a one-time governance checkpoint.
@@ -0,0 +1,80 @@
1
+ # Canada Official Languages Act Review Playbook
2
+
3
+ > **Guide Origin**: Community | **ArcKit Version**: [VERSION]
4
+
5
+ `/arckit:ca-ola` generates an Official Languages Act review for a federal digital service. It builds a service surface inventory across every user-facing channel, scores Parts IV (services), V (language of work), and VI (federal language obligations) of the *Official Languages Act* (R.S.C., 1985, c. 31 (4th Supp.)), captures the active-offer mechanism per surface, runs an equivalent-quality assessment to surface "translation lag" risk, documents the Translation Bureau pipeline, and acknowledges OQLF *Charter of the French Language* considerations where the service has Quebec exposure.
6
+
7
+ The Act was substantively amended by *An Act for the Substantive Equality of Canada's Official Languages* (S.C. 2023, c. 15) — Bill C-13. The amendments expand the *Air Canada Public Participation Act*, sharpen federal-undertaking employer rules, and reinforce Part VII positive measures. Several provisions are still phasing in via Order in Council, so cite the consolidated post-2023 text and track outstanding commencements at every refresh. Treat this artefact as a delivery and governance gate — Part IV obligations attach to public-facing surfaces, Part V to internal tooling in designated bilingual regions, and Part VI to staffing impact wherever the system supports HR or staffing decisions.
8
+
9
+ ---
10
+
11
+ ## Inputs
12
+
13
+ | Artefact | Purpose |
14
+ |----------|---------|
15
+ | Requirements (`ARC-<id>-REQ-v1.0.md`) | Service description, user populations, surfaces in scope |
16
+ | Service assessment (`ARC-<id>-SAS-v1.0.md`) | Bilingualism evidence and active-offer posture |
17
+ | FITAA assessment (`ARC-<id>-FITAA-v1.0.md`) | Any public register triggers Part IV bilingual obligations |
18
+
19
+ ---
20
+
21
+ ## Command
22
+
23
+ ```bash
24
+ /arckit:ca-ola <project ID or service description>
25
+ ```
26
+
27
+ Output: `projects/<id>/ARC-<id>-OLA-v1.0.md`
28
+
29
+ ---
30
+
31
+ ## Assessment Structure
32
+
33
+ | Section | Contents |
34
+ |---------|----------|
35
+ | Document Control | Canadian classification (UNCLASSIFIED / Protected A–C / CONFIDENTIAL / SECRET / TOP SECRET) |
36
+ | Revision History | Version, date, author, changes, approvals |
37
+ | Executive Summary | OLA posture across Parts IV/V/VI, active-offer mechanism, top remediation actions |
38
+ | Service Description | Service, owner, audience, lifecycle stage, bilingual designation basis |
39
+ | Service Surface Inventory | Every user-facing surface with language posture, audience, channel, and active-offer mechanism |
40
+ | Part IV — Communications and Services | Bilingual obligation rationale, active offer, bilingual capacity, status |
41
+ | Part V — Language of Work | Tool / system per region, designated language posture, supervision language |
42
+ | Part VI — Federal Language Obligations | Equitable participation, non-discrimination, staffing, career development |
43
+ | Equivalent Quality Assessment | Content depth, usability, response time, release cadence per surface |
44
+ | Translation Pipeline | Lead time, cadence, owner, release-gate per content class |
45
+ | OQLF Acknowledgement | Quebec exposure, OQLF consideration, federal supremacy note |
46
+ | Risk and Mitigation Register | Complaint exposure, court remedies under Part X, reputational risk |
47
+ | Open Items | Outstanding decisions, deferred remediations, owners, review dates |
48
+ | External References | Document Register, Citations, Unreferenced |
49
+
50
+ ---
51
+
52
+ ## When to run
53
+
54
+ - Pre-launch — before go-live for any new federal digital service that has public-facing surfaces or internal tooling in a designated bilingual region.
55
+ - Pre-major-release — any substantive change to surfaces, content models, IVR scripts, or release cadence.
56
+ - New region of operation — when the service starts operating in a designated bilingual region or in Quebec, where OQLF acknowledgement attaches.
57
+ - Quarterly governance review — refresh the active-offer evidence and the Translation Bureau lead times so the pipeline remains predictable.
58
+
59
+ ---
60
+
61
+ ## Common pitfalls
62
+
63
+ - **Passive signage as active offer.** A bilingual sign on the wall is not active offer. The greeting, the screen, the IVR opening, and the written initiation must all extend the offer before the user has to ask. Active offer is a verb.
64
+ - **"Translation lag" releases.** Shipping the English version first and promising the French version "soon" violates the OLA. Equal quality means release-gating in both languages — same content depth, same usability, same response times, same release cadence.
65
+ - **Part V invisibility for internal tooling.** Public-facing surfaces dominate the conversation, but Part V obligations attach to internal tools in designated bilingual regions and to the language of supervision. Audit the back office, not only the storefront.
66
+ - **Missing OQLF acknowledgement for Quebec-located services.** OQLF does not bind federal entities, but it does bind their Quebec-based suppliers. Document the parallel obligation in the supplier brief; do not assume federal supremacy makes the OQLF question disappear.
67
+ - **Treating Bill C-13 as fully in force.** The substantive-equality amendments include provisions still phasing in via Order in Council. Cite the consolidated post-2023 text and track the commencement schedule at every refresh.
68
+
69
+ ---
70
+
71
+ ## Handoffs
72
+
73
+ - **`ca-gc-digital-standards`** — OLA service equivalence is a baseline expectation under the GC Digital Standards conformance scorecard. Cross-link the Part IV active-offer evidence and the equivalent-quality assessment into the digital-standards artefact so the two regimes share evidence rather than duplicating it.
74
+ - **`service-assessment`** — The OLA review feeds the service assessment evidence base for bilingualism and active offer. The same surface inventory and active-offer mechanism populate the GDS-style assessment for the user-research and accessibility points; carry the per-surface posture forward.
75
+
76
+ ---
77
+
78
+ ## Statutory currency
79
+
80
+ Bill C-13 (2023) commencements are still phasing in via Order in Council, so cite the consolidated post-2023 text of the *Official Languages Act* and record any provisions not yet in force at the verification date in the Document Register. The Commissioner of Official Languages publishes operational guidance regularly and adjusts complaint patterns in response — refresh the OLA review on every substantive surface change, and at every quarterly governance review cycle. The OQLF *Charter of the French Language* evolves independently of federal law; track Quebec-side amendments where the service has Quebec exposure even though the federal entity is not directly bound.
@@ -0,0 +1,83 @@
1
+ # Canada Privacy Impact Assessment Playbook
2
+
3
+ > **Guide Origin**: Community | **ArcKit Version**: [VERSION]
4
+
5
+ `/arckit:ca-pia` generates a Canada federal Privacy Impact Assessment (PIA) under the Privacy Act (R.S.C., 1985, c. P-21) and the TBS Directive on Privacy Impact Assessment. It scopes the programme, establishes lawful authority for collection, builds a per-element personal information inventory, runs an Oakes-derived necessity and proportionality analysis, registers privacy risks with mitigations, captures Privacy Act §7/§8 disclosure rationale, and surfaces the OPC notification decision.
6
+
7
+ A federal PIA is mandatory for any new programme or substantial modification involving personal information, and the TBS Directive requires notification of the Office of the Privacy Commissioner at least 30 days before launch. The artefact this command produces is therefore not optional — treat it as a delivery gate, not a sign-off formality. Where lawful authority is unclear, mark it `<TBC>` and resolve before launch: collection without statutory authority is not lawful under §4 of the Privacy Act.
8
+
9
+ ---
10
+
11
+ ## Inputs
12
+
13
+ | Artefact | Purpose |
14
+ |----------|---------|
15
+ | Requirements (`ARC-<id>-REQ-v1.0.md`) | Programme description, processing activities, decision logic |
16
+ | Data requirements (`ARC-<id>-DR-v1.0.md`) | Per-element personal information inventory and sensitivity flags |
17
+ | Data model (`ARC-<id>-DMOD-v1.0.md`) | Entities and relationships carrying personal information |
18
+ | Stakeholders (`ARC-<id>-STKE-v1.0.md`) | Subject populations, partner agencies, processors |
19
+
20
+ ---
21
+
22
+ ## Command
23
+
24
+ ```bash
25
+ /arckit:ca-pia <project ID or service description>
26
+ ```
27
+
28
+ Output: `projects/<id>/ARC-<id>-PIA-v1.0.md`
29
+
30
+ ---
31
+
32
+ ## Assessment Structure
33
+
34
+ | Section | Contents |
35
+ |---------|----------|
36
+ | Document Control | Canadian classification (UNCLASSIFIED / Protected A–C / CONFIDENTIAL / SECRET / TOP SECRET) |
37
+ | Revision History | Version, date, author, changes, approvals |
38
+ | Executive Summary | Programme, lawful authority posture, headline privacy risks, OPC notification decision |
39
+ | Programme / System Description | Description, owner, subject populations, lifecycle stage, personal information lifecycle |
40
+ | Lawful Authority | Privacy Act §4 collection authority and the enabling statute or regulation |
41
+ | Personal Information Inventory | Per-element source, purpose, sensitivity, retention, disclosure recipients, PIB ref |
42
+ | Necessity and Proportionality | Oakes four-step: pressing and substantial objective, rational connection, minimal impairment, proportional effects |
43
+ | Privacy Risks and Mitigations | Risk register with likelihood, impact, mitigations, residual |
44
+ | Transfers and Disclosures | §7 use, §8 disclosure with §8(2)(a)–(m) routine-use mapping, cross-border flags |
45
+ | Individual Rights | §12 access, §13 PIB registration, correction, complaint to OPC |
46
+ | OPC Notification Trigger Analysis | Trigger-by-trigger NOTIFY / N/A decision and date |
47
+ | PIA Approval Chain | ATIP coordinator → ADM → head of institution, OPC and TBS notifications |
48
+ | Action Tracker | Open mitigations with owner, due date, status |
49
+ | External References | Document Register, Citations, Unreferenced |
50
+
51
+ ---
52
+
53
+ ## When to run
54
+
55
+ - A new federal programme or service is being designed and personal information will be collected, used, or disclosed.
56
+ - A substantial modification is proposed: new data elements, new purposes, new disclosure recipients, change of contractor or processor, change of jurisdiction (including cloud region).
57
+ - Pre-launch — at least 30 days before go-live to satisfy the TBS Directive's OPC notification window.
58
+ - A previous PIA needs to be refreshed because the programme has materially evolved or sensitivity classification has changed.
59
+
60
+ ---
61
+
62
+ ## Common pitfalls
63
+
64
+ - **Treating PIA as a one-shot artefact.** The PIA is a living document. Re-trigger it on substantial modifications — new data, new purpose, new recipient, new processor, new jurisdiction.
65
+ - **Missing the OPC 30-day window.** The TBS Directive requires notification at least 30 days before launch for new programmes or substantial modifications. Build the OPC review window into the delivery plan from the start.
66
+ - **Using PIPEDA framing for a federal programme.** PIPEDA is the federal private-sector regime. The Privacy Act governs federal public-sector institutions. They have different lawful-basis structures, different disclosure rules, and different oversight bodies — do not cross-cite them as if interchangeable.
67
+ - **Under-citing lawful authority.** A vague reference to a programme name is not statutory authority. Cite the enabling statute or regulation that authorises collection. If there is none, mark `<TBC>` and treat it as a launch blocker.
68
+ - **Forgetting the Personal Information Bank.** PIB registration in TBS InfoSource is required under §13. An unregistered PIB undermines the §12 access right and exposes the institution.
69
+ - **Conflating §7 and §8.** §7 governs use after collection; §8 governs disclosure to third parties. Each §8(2)(a)–(m) routine-use letter must match the actual disclosure scenario — do not aggregate dissimilar disclosures under one letter.
70
+
71
+ ---
72
+
73
+ ## Handoffs
74
+
75
+ - **`risk`** — PIA findings feed the privacy and regulatory entries in the project-level risk register. Carry the Privacy Risks and Mitigations table forward with the same risk IDs so the residual posture is traceable.
76
+ - **`ca-atip`** — The personal-information disclosure register continues into the Access to Information / Privacy Act reconciliation. The same severance and disclosure rules drive both the §12 access response and the broader ATIP regime.
77
+ - **`ca-aia`** — Required when automated decision-making touches personal information. The Algorithmic Impact Assessment inherits the PIA personal-information inventory; do not duplicate, link.
78
+
79
+ ---
80
+
81
+ ## Statutory currency
82
+
83
+ The Privacy Act is comparatively stable, but the TBS Directive on Privacy Impact Assessment evolves and the OPC issues operational guidance regularly. Cite the current version of the Directive (TBS Doc ID 18308) and the most recent OPC guidance documents at the time of generation, and record the verification date in the Document Register. Provincial privacy regimes (Loi 25 in Quebec, FIPPA in Ontario, BC PIPA, etc.) layer on top where the programme involves provincial or private-sector partners — those require their own assessments and are out of scope for this PIA.
@@ -0,0 +1,96 @@
1
+ # Canada Federal Procurement Strategy Playbook
2
+
3
+ > **Guide Origin**: Community | **ArcKit Version**: [VERSION]
4
+
5
+ `/arckit:ca-pspc` generates a federal Canadian procurement strategy under the Public Services and Procurement Canada (PSPC) *Supply Manual*. It scopes the procurement, applies the *Canadian Free Trade Agreement* (CFTA), CETA, CPTPP, and WTO-AGP threshold matrix, evaluates the Standing Offer / Supply Arrangement / AgileIQ / bespoke RFP / set-aside route landscape, captures the Procurement Strategy for Indigenous Business (PSAB) contribution to the departmental 5% rolling target, builds the security-clearance lead-time picture, sets out the evaluation-framework dimensions, and lays a bid-solicitation schedule consistent with Supply Manual standstill and debriefing rules.
6
+
7
+ PSPC is the federal contracting authority for most goods and services procurements above departmental delegations. Federal procurement operates under a layered set of trade-agreement obligations — CFTA domestically, CETA / CPTPP / WTO-AGP internationally — and a Procurement Strategy for Indigenous Business that targets a 5% rolling departmental contribution to Indigenous-business procurement. Treat this artefact as a delivery gate: the route, the trade-agreement coverage, the PSAB posture, and the clearance-lead-time picture must be set before market engagement, because reversing them after a posting attracts CITT review and rework cost.
8
+
9
+ ---
10
+
11
+ ## Inputs
12
+
13
+ | Artefact | Purpose |
14
+ |----------|---------|
15
+ | Requirements (`ARC-<id>-REQ-v1.0.md`) | Scope, value drivers, integration surface |
16
+ | Strategic outline business case (`ARC-<id>-SOBC-v1.0.md`) | Affordability envelope, commercial case, route hypothesis |
17
+ | ITSG-33 control profile (`ARC-<id>-ITSG-v1.0.md`) | Security control profile drives clearance posture and supplier security obligations |
18
+ | Cloud residency assessment (`ARC-<id>-CACR-v1.0.md`) | Sub-processor analysis and CSP shortlist where cloud is in scope of the procurement |
19
+
20
+ ---
21
+
22
+ ## Command
23
+
24
+ ```bash
25
+ /arckit:ca-pspc <project ID or service description>
26
+ ```
27
+
28
+ Output: `projects/<id>/ARC-<id>-PROC-v1.0.md`
29
+
30
+ ---
31
+
32
+ ## Assessment Structure
33
+
34
+ | Section | Contents |
35
+ |---------|----------|
36
+ | Document Control | Canadian classification (UNCLASSIFIED / Protected A–C / CONFIDENTIAL / SECRET / TOP SECRET) |
37
+ | Revision History | Version, date, author, changes, approvals |
38
+ | Executive Summary | Recommended route, binding trade agreements, PSAB posture, longest clearance lead time, blocking open items |
39
+ | Procurement Scope | Goods/services breakdown, estimated value, term, options |
40
+ | Threshold Analysis | CFTA, CETA, CPTPP, WTO-AGP coverage and open-tendering obligations; set-aside carve-outs |
41
+ | Route Selection | Standing Offer / Supply Arrangement / AgileIQ / RFP / set-aside fit, risk, timeline |
42
+ | Procurement Strategy for Indigenous Business | Set-aside decision, sub-contracting plan, departmental 5% contribution |
43
+ | Security Clearance Requirements | Per-role clearance level, lead time, critical-path posture |
44
+ | Evaluation Framework Outline | Mandatory / point-rated / financial dimensions and weight envelope |
45
+ | Bid Solicitation Schedule | Milestones from market engagement to award, with standstill and debriefing |
46
+ | Risks | Supplier-pool, clearance, threshold, instrument-shape, CITT, residency, OLA / accessibility risks |
47
+ | Open Items | Outstanding decisions, instrument confirmations, owners, review dates |
48
+ | External References | Document Register, Citations, Unreferenced |
49
+
50
+ ---
51
+
52
+ ## When to run
53
+
54
+ - After SOBC — once the affordability envelope and commercial case are set, the route and instrument can be sized.
55
+ - Before market engagement — the route, the trade-agreement coverage, and the PSAB posture must be set before any RFI / Industry Day to avoid contradictory market signals.
56
+ - After a material scope or value change — a procurement designed against last quarter's scope can fall on the wrong side of a CFTA / CETA / CPTPP / WTO-AGP threshold when value moves.
57
+ - Pre-posting refresh — re-verify thresholds at posting; thresholds adjust biennially and trade-agreement coverage evolves.
58
+ - Before contract extension or option exercise — option years roll value past thresholds and may re-trigger trade-agreement obligations even when the base award sat below them.
59
+
60
+ ---
61
+
62
+ ## Route shortlist at a glance
63
+
64
+ | Need | First-look instrument | Notes |
65
+ |------|-----------------------|-------|
66
+ | Outcome-based informatics solution | SBIPS | Confirm scope notice covers the deliverable shape |
67
+ | Resource-based informatics task | TBIPS | Resource-classification stream and security clearance must match |
68
+ | Multi-disciplinary professional services | ProServices | Useful when scope spans multiple professional categories |
69
+ | AI / data professional services | SA-AIDP | Newer instrument; confirm currency and renewal status |
70
+ | Cybersecurity services | SA-Cyber | Confirm clearance prerequisites in the supply arrangement |
71
+ | Iterative scope, rapid award | AgileIQ / Agile Procurement Process | Requires scope expressible as iterative task statements |
72
+ | No instrument fits | Bespoke RFP / RFSO / RFSA | Justify against the scope, value, and evaluation model in the route-selection table |
73
+ | Indigenous-business participation | PSAB set-aside or sub-contracting plan | Validate supplier pool through Indigenous Services Canada directory |
74
+
75
+ ---
76
+
77
+ ## Common pitfalls
78
+
79
+ - **Defaulting to a Standing Offer without CFTA analysis.** A Standing Offer is still subject to trade-agreement obligations and CITT review. Choose the instrument by fit to scope, value, and evaluation model, not by the convenience of an existing call-up mechanism.
80
+ - **Missing PSAB consideration entirely.** Even where a set-aside is not used, the PSAB analysis must be documented — the supplier-pool assessment, the carve-out reasoning, and the contribution to the departmental rolling 5% target. Silence on PSAB reads as oversight.
81
+ - **Under-budgeting clearance lead time.** Top Secret and SCI clearances commonly take 6 to 12 or more months for new applicants. A schedule that assumes weeks rather than months attracts a critical-path risk that can reset the whole award timeline.
82
+ - **Conflating ITQ, ITT, and RFP shapes.** Each solicitation form has different evaluation rules, different bidder rights, and different challenge pathways. Choose the form against the route-selection table; do not mix vocabulary across the artefact.
83
+ - **Treating PSAB 5% as a per-procurement target.** The 5% is a department-level rolling target. Any one procurement contributes to it; no single procurement is judged against 5% in isolation. Document the contribution explicitly so the departmental return rolls up correctly.
84
+
85
+ ---
86
+
87
+ ## Handoffs
88
+
89
+ - **`evaluate`** — PSPC route selection feeds the vendor evaluation framework's scoring rubric. The high-level mandatory / point-rated / financial dimensions and weight envelope set here are inherited by the detailed evaluation rubric, where per-criterion scoring guidance and mandatory-evidence requirements live.
90
+ - **`sobc`** — The procurement strategy feeds the Strategic Outline Business Case's procurement and commercial pillars. The recommended route, the trade-agreement coverage, the PSAB posture, and the clearance-lead-time picture inform the affordability envelope and the commercial-case narrative; cross-link rather than duplicate.
91
+
92
+ ---
93
+
94
+ ## Statutory currency
95
+
96
+ CFTA thresholds adjust biennially and the international agreements (CETA, CPTPP, WTO-AGP) carry their own coverage schedules and threshold cycles. Re-verify the current thresholds at the verification date in the Document Register; a procurement designed against last year's thresholds can fall on the wrong side of an obligation when posted. PSPC Standing Offers and Supply Arrangements cycle through renewals — re-verify the current instrument numbers (SBIPS, TBIPS, ProServices, SA-AIDP, SA-Cyber, and others) at posting, since a lapsed instrument reference invalidates the call-up. The PSAB is administered by Indigenous Services Canada and the registered supplier directory evolves; check the directory before relying on supplier-pool sufficiency for a set-aside decision.