arckit-cli 6.1.1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- arckit_cli/__init__.py +1120 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/memory/sessions.md +293 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/_partials/RENDERING.md +22 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/_partials/document-control-uae.md +20 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/_partials/document-control-uk.md +16 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/adm-preliminary-template.md +135 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/adr-template.md +588 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-design-template.md +390 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-governance-template.md +90 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-integration-template.md +159 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-inventory-template.md +108 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-maturity-template.md +388 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/agent-security-template.md +213 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/analysis-report-template.md +323 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/application-inventory-template.md +221 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-board-template.md +194 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-change-template.md +205 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-diagram-template.md +610 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-principles-template.md +632 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-repository-template.md +107 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/architecture-strategy-template.md +666 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/at-bvergg-template.md +252 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/at-dsgvo-template.md +354 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/at-nisg-template.md +236 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-aescsf-template.md +189 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-ai-assurance-template.md +243 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-disp-attestation-template.md +297 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-dss-template.md +302 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-e8-posture-template.md +377 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-energy-compliance-template.md +189 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-ism-controls-template.md +462 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-ndb-playbook-template.md +288 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-ot-security-template.md +204 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-pia-template.md +394 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-pspf-template.md +380 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/au-soci-cirmp-template.md +206 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/aws-research-template.md +605 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/azure-research-template.md +559 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/backlog-template.md +465 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-aia-template.md +206 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-atip-template.md +192 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-charter-template.md +190 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-cloud-residency-template.md +173 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-fitaa-template.md +156 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-gc-digital-standards-template.md +208 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-itsg-33-template.md +228 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-ocap-template.md +205 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-ola-template.md +171 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-pia-template.md +193 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-pspc-template.md +214 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ca-soia-template.md +219 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/capability-map-template.md +125 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/competitors-template.md +113 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/conformance-assessment-template.md +507 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/data-mesh-contract-template.md +851 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/data-model-template.md +1043 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/data-source-profile-template.md +80 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/datascout-template.md +546 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/devops-template.md +961 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/dfd-template.md +161 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/dld-review-template.md +427 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/dos-requirements-template.md +506 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/dpia-template.md +1200 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-ai-act-template.md +227 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-cra-template.md +176 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-data-act-template.md +175 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-dora-template.md +197 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-dsa-template.md +183 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-nis2-template.md +196 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/eu-rgpd-template.md +198 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/evaluation-criteria-template.md +719 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/finops-template.md +662 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-algorithme-public-template.md +162 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-anssi-carto-template.md +196 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-anssi-template.md +190 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-code-reuse-template.md +190 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-dinum-template.md +195 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-dr-template.md +187 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-ebios-template.md +209 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-irn-template.md +311 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-marche-public-template.md +178 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-pssi-template.md +270 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-rgpd-template.md +195 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/fr-secnumcloud-template.md +188 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/framework-overview-template.md +247 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gap-analysis-template.md +198 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gcloud-clarify-template.md +340 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gcloud-requirements-template.md +370 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gcp-research-template.md +585 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/glossary-template.md +117 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gov-code-search-template.md +213 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gov-landscape-template.md +271 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/gov-reuse-template.md +214 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/grants-template.md +131 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/hld-review-template.md +760 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/jsp-936-template.md +1394 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/maturity-model-template.md +297 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/mlops-template.md +720 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/mod-secure-by-design-template.md +784 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/operationalize-template.md +1016 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/pages-template.html +5121 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/platform-design-template.md +1610 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/presentation-template.md +270 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/principles-compliance-assessment-template.md +389 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/project-plan-template.md +421 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/rationalization-template.md +208 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/requirements-template.md +1026 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/research-findings-template.md +939 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/risk-register-template.md +883 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/roadmap-template.md +787 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/service-assessment-prep-template.md +448 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/servicenow-design-template.md +273 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/sobc-template.md +1127 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/sow-template.md +785 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/stakeholder-drivers-template.md +493 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/story-template.md +889 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/tcop-review-template.md +593 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/tech-note-template.md +59 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/tenders-template.md +124 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/traceability-matrix-template.md +360 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/transition-architecture-template.md +286 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-ai-autonomy-tier-template.md +97 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-ai-charter-template.md +81 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-classification-template.md +86 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-cloud-residency-template.md +136 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-data-sharing-template.md +105 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-digital-records-template.md +97 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-ias-template.md +109 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-pdpl-template.md +105 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-priorities-alignment-template.md +99 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-procurement-template.md +115 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-uaepass-template.md +129 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uae-zero-bureaucracy-template.md +85 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-consumer-duty-board-report-template.md +49 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-consumer-duty-template.md +362 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-ctp-dependency-register-template.md +24 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-ctp-dependency-template.md +321 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-safeguarding-reconciliation-template.md +77 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-safeguarding-template.md +348 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-sca-rts-exemption-matrix-template.md +47 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-fs-sca-rts-template.md +273 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-gov-ai-playbook-template.md +942 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-gov-atrs-template.md +1087 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-mdr-classification-template.md +307 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0129-case-template.md +214 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0129-hazard-template.md +217 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0129-safety-template.md +78 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0129-template.md +13 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0160-deployment-case-template.md +207 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0160-deployment-hazard-template.md +290 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0160-deployment-safety-template.md +81 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dcb0160-template.md +13 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/uk-nhs-dtac-template.md +341 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/ukgov-secure-by-design-template.md +1031 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-ai-impact-template.md +212 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-ai-rmf-template.md +232 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-fedramp-readiness-template.md +209 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-fedramp-ssp-template.md +352 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-fisma-categorization-template.md +145 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-icam-template.md +216 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-nist-800-53-template.md +222 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-privacy-pia-template.md +191 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-sbom-eo-14028-template.md +253 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/us-zero-trust-template.md +234 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/vendor-profile-template.md +88 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/vendor-scoring-template.md +332 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-climate-template.md +269 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-doctrine-template.md +299 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-gameplay-template.md +346 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-map-template.md +587 -0
- arckit_cli-6.1.1.data/data/share/arckit/.arckit/templates/wardley-value-chain-template.md +256 -0
- arckit_cli-6.1.1.data/data/share/arckit/CHANGELOG.md +3554 -0
- arckit_cli-6.1.1.data/data/share/arckit/VERSION +1 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/DEPENDENCY-MATRIX.md +929 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/README.md +322 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/WORKFLOW-DIAGRAMS.md +1088 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/adm-preliminary.md +72 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/adr.md +60 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-design.md +71 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-governance.md +61 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-integration.md +59 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-inventory.md +60 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-maturity.md +84 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/agent-security.md +63 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ai-playbook.md +103 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/analyze.md +57 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/application-inventory.md +71 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/application-rationalization.md +71 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/architecture-board.md +60 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/architecture-change.md +73 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/architecture-repository.md +62 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/artifact-health.md +228 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/at-bvergg.md +86 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/at-dsgvo.md +75 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/at-nisg.md +94 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/atrs.md +98 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-aescsf.md +45 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-ai-assurance.md +84 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-disp-attestation.md +90 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-dss.md +76 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-e8-posture.md +73 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-energy-compliance.md +47 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-federal-overlay.md +199 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-ism-controls.md +78 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-ndb-playbook.md +80 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-ot-security.md +39 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-pia.md +72 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-pspf.md +81 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/au-soci-cirmp.md +40 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/autoresearch.md +334 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/aws-research.md +160 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/azure-research.md +157 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/backlog.md +58 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/build.md +132 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/business-capability-map.md +68 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/business-case.md +68 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/c4-layout-science.md +280 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-aia.md +81 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-atip.md +79 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-charter.md +81 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-cloud-residency.md +91 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-fitaa.md +81 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-gc-digital-standards.md +93 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-itsg-33.md +80 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-ocap.md +91 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-ola.md +80 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-pia.md +83 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-pspc.md +96 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/ca-soia.md +87 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/codes-of-practice.md +154 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/competitors.md +202 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/conformance.md +153 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/create.md +61 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/custom-commands.md +236 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/customize.md +108 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/data-mesh-contract.md +239 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/data-model.md +69 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/data-quality-framework.md +118 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/datascout.md +162 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/declaration.md +59 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/design-review.md +66 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/devops.md +96 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/dfd.md +187 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/diagram.md +118 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/dld-review.md +102 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/dos.md +109 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/dpia.md +80 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/enterprise-scale.md +260 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-ai-act.md +82 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-cra.md +90 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-data-act.md +85 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-dora.md +83 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-dsa.md +85 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-nis2.md +82 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/eu-rgpd.md +76 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/evaluate.md +115 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/export-okf.md +70 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/finops.md +117 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-algorithme-public.md +86 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-anssi-carto.md +69 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-anssi.md +79 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-code-reuse.md +86 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-dinum.md +83 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-dr.md +88 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-ebios.md +84 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-irn.md +103 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-marche-public.md +94 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-pssi.md +87 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-rgpd.md +75 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/fr-secnumcloud.md +80 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/framework.md +234 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gap-analysis.md +70 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gcloud-clarify.md +108 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gcloud-competitors.md +61 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gcloud-search.md +106 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gcp-research.md +169 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/glossary.md +190 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gov-code-search.md +119 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gov-landscape.md +114 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/gov-reuse.md +112 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/govs-007-security.md +93 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/grants.md +106 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/graph-report.md +77 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/health.md +234 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/hld-review.md +110 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/hooks.md +121 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/impact.md +68 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/import-okf.md +67 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/init.md +159 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/jsp-936.md +60 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/knowledge-compounding.md +140 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/maturity-model.md +186 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/mcp-servers.md +329 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/migration.md +333 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/mlops.md +126 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/mod-secure.md +124 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/national-data-strategy.md +115 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/navigator.md +86 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/operationalize.md +143 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/pages.md +227 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/pinecone-mcp.md +128 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/plan.md +66 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/platform-design.md +600 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/presentation.md +137 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/pricing.md +62 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/principles-compliance.md +63 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/principles.md +55 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/procurement.md +57 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/productivity.md +217 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/remote-control.md +151 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/requirements.md +61 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/research.md +65 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/review.md +61 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/risk-management.md +70 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/risk.md +132 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roadmap.md +58 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/README.md +68 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/business-analyst.md +70 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/business-architect.md +70 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/cdo.md +59 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/ciso.md +61 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/cto-cdio.md +59 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/data-architect.md +68 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/data-governance-manager.md +59 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/delivery-manager.md +63 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/devops-engineer.md +55 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/enterprise-architect.md +84 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/it-service-manager.md +55 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/network-architect.md +58 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/performance-analyst.md +67 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/product-manager.md +62 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/security-architect.md +78 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/service-owner.md +58 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/solution-architect.md +75 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/roles/technical-architect.md +68 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/score.md +91 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sdd-lot1.md +61 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sdd-lot2.md +62 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sdd-lot3.md +62 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/search.md +71 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/secure.md +181 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/security-hooks.md +200 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/security.md +62 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/service-assessment.md +47 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/service-design.md +71 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/servicenow.md +152 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/session-memory.md +100 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sobc.md +129 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/sow.md +125 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/stakeholder-analysis.md +51 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/stakeholders.md +138 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/start.md +276 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/story.md +61 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/strategy.md +211 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/submission-pack.md +72 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/supplier-profile.md +70 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/tcop.md +124 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/template-builder.md +125 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/tenders.md +193 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/testing-plugin-branches.md +79 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/traceability.md +58 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/transition-architecture.md +69 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/trello.md +139 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-ai-autonomy-tier.md +84 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-ai-charter.md +89 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-classification.md +73 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-cloud-residency.md +84 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-data-sharing.md +84 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-digital-records.md +71 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-ias.md +93 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-overlay-maintenance.md +154 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-overlay.md +208 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-pdpl.md +73 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-priorities-alignment.md +82 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-procurement.md +71 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-uaepass.md +83 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uae-zero-bureaucracy.md +80 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-consumer-duty.md +178 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-ctp-dependency.md +181 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-payments-overlay.md +216 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-safeguarding.md +176 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-fs-sca-rts.md +164 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/ai-playbook.md +56 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/algorithmic-transparency.md +44 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/digital-marketplace.md +55 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/secure-by-design.md +51 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/standards-map.md +108 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-government/technology-code-of-practice.md +63 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-mdr-classification.md +59 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-mod/secure-by-design.md +54 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-nhs-clinical-safety-overlay.md +214 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-nhs-dcb0129.md +64 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-nhs-dcb0160.md +62 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/uk-nhs-dtac.md +55 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/upgrading.md +130 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-ai-impact.md +71 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-ai-rmf.md +70 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-federal-overlay.md +111 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-fedramp-readiness.md +69 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-fedramp-ssp.md +71 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-fisma-categorization.md +68 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-icam.md +70 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-nist-800-53.md +70 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-privacy-pia.md +74 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-sbom-eo-14028.md +71 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/us-zero-trust.md +68 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley-climate.md +122 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley-doctrine.md +120 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley-gameplay.md +123 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley-value-chain.md +130 -0
- arckit_cli-6.1.1.data/data/share/arckit/docs/guides/wardley.md +173 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/.agents/plugins/marketplace.json +20 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/README.md +325 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/VERSION +1 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/docs/DEPENDENCY-MATRIX.md +616 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/arckit-codex-hook.mjs +1270 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/graph-inject.mjs +1497 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/graph-rollups.mjs +247 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/graph-utils.mjs +363 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/hook-utils.mjs +383 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/hooks.json +80 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/okf-frontmatter.mjs +279 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/project-context-builder.mjs +168 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-codex/hooks/sync-guides.mjs +1120 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-copilot/README.md +68 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-copilot/VERSION +1 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-copilot/docs/DEPENDENCY-MATRIX.md +616 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/LICENSE +21 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/README.md +65 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/VERSION +1 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/docs/DEPENDENCY-MATRIX.md +616 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-opencode/opencode.json +25 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/.mcp.json +63 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/LICENSE +26 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/README.md +407 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/VERSION +1 -0
- arckit_cli-6.1.1.data/data/share/arckit/extensions/arckit-vibe/vibe-config.toml +62 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/README.md +680 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/fixtures/000-global/ARC-000-PRIN-v1.0.md +120 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/fixtures/001-test-project/ARC-001-STKE-v1.0.md +100 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/fixtures/001-test-project/README.md +15 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/program-selfharness.md +748 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/autoresearch/program.md +269 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/check-prerequisites.sh +250 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/common.sh +359 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/create-project.sh +408 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/generate-document-id.sh +146 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/list-projects.sh +359 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/bash/migrate-filenames.sh +553 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/bump-version.sh +293 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/check_doctype_collisions.py +30 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/check_recipes.py +94 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/check_references.py +144 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/convert_vibe_agents.py +198 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/convert_vibe_skills.py +499 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/converter.py +2002 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/create-sdg-repo.py +820 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/generate-arckit-architecture-hero.py +317 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/generate-arckit-hero.py +278 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/generate-release-notes.sh +112 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/managed-agents/README.md +105 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/managed-agents/arckit-agent.py +418 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/push-extensions.sh +424 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/python/apply_doc_control_marker.py +50 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/python/common.py +288 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/python/create-project.py +373 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/python/generate-document-id.py +96 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/python/list-projects.py +238 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/python/migrate_classification.py +94 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/render-brand-pngs.py +72 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/standardise-colon.py +128 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/sync-claude-plugin-layout.py +159 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/sync-shared-assets.py +132 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/tag-plugins.sh +65 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/tests/test-doc-types-dual-registration.mjs +57 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/tests/test-fde-templates.mjs +100 -0
- arckit_cli-6.1.1.data/data/share/arckit/scripts/tests/test-regime-registration.mjs +65 -0
- arckit_cli-6.1.1.dist-info/METADATA +1966 -0
- arckit_cli-6.1.1.dist-info/RECORD +482 -0
- arckit_cli-6.1.1.dist-info/WHEEL +4 -0
- arckit_cli-6.1.1.dist-info/entry_points.txt +2 -0
- arckit_cli-6.1.1.dist-info/licenses/LICENSE +26 -0
|
@@ -0,0 +1,192 @@
|
|
|
1
|
+
# Canada ATIP Reconciliation
|
|
2
|
+
|
|
3
|
+
> **Template Origin**: Community | **ArcKit Version**: [VERSION] | **Command**: `/arckit:ca-atip`
|
|
4
|
+
|
|
5
|
+
## Document Control
|
|
6
|
+
|
|
7
|
+
<!-- DOC-CONTROL-HEADER -->
|
|
8
|
+
<!-- Resolved at command-execution time per _partials/RENDERING.md. -->
|
|
9
|
+
<!-- Classification line MUST be: -->
|
|
10
|
+
<!-- | Classification | UNCLASSIFIED / Protected A / Protected B / Protected C / CONFIDENTIAL / SECRET / TOP SECRET | -->
|
|
11
|
+
|
|
12
|
+
## Revision History
|
|
13
|
+
|
|
14
|
+
| Version | Date | Author | Changes | Approved By | Approval Date |
|
|
15
|
+
|---------|------|--------|---------|-------------|---------------|
|
|
16
|
+
| [VERSION] | [YYYY-MM-DD] | ArcKit AI | Initial creation from `/arckit:ca-atip` | [PENDING] | [PENDING] |
|
|
17
|
+
|
|
18
|
+
## Executive Summary
|
|
19
|
+
|
|
20
|
+
[Two to three paragraphs describing the system's information holdings, the headline ATI Act exemption posture per holding, the Privacy Act §4–§8 disclosure footprint, the severance design for any hybrid public/protected views, and any open issues that block ATIP readiness.]
|
|
21
|
+
|
|
22
|
+
## Information Holdings Inventory
|
|
23
|
+
|
|
24
|
+
| Holding | Category (Public / Protected / Classified) | PIB ref | Owner | Lifecycle |
|
|
25
|
+
|---------|--------------------------------------------|---------|-------|-----------|
|
|
26
|
+
| [registrant identity record] | Protected B | [PIB number or NEW] | [ATIP coordinator] | [Live / Pilot / Design] |
|
|
27
|
+
| [public-facing register entry] | Public | n/a | [Programme owner] | [Live] |
|
|
28
|
+
| [investigative case file] | Protected B / Classified | [PIB number] | [investigative authority] | [Live] |
|
|
29
|
+
| [audit trail / severance log] | Protected B | [PIB number or NEW] | [ATIP coordinator] | [Live] |
|
|
30
|
+
| [aggregate analytics dataset] | Public / Protected (per field) | [PIB number or NEW] | [Analytics lead] | [Design] |
|
|
31
|
+
|
|
32
|
+
> Categorise every dataset that surfaces in the data model. A holding without an explicit category is a launch blocker.
|
|
33
|
+
|
|
34
|
+
## Access to Information Act Mapping
|
|
35
|
+
|
|
36
|
+
| Holding | Exemption section | Justification | Severance applies |
|
|
37
|
+
|---------|-------------------|---------------|-------------------|
|
|
38
|
+
| [investigative case file] | §16(1)(c) law enforcement / investigations | [why the disclosure could reasonably be expected to be injurious to enforcement] | Yes |
|
|
39
|
+
| [investigative case file — designated body) | §16.1 designated investigative bodies | [where the holding originates from a §16.1 body] | Yes |
|
|
40
|
+
| [audit working paper] | §16.5 audits | [where audit working papers fall within §16.5] | Yes |
|
|
41
|
+
| [protected disclosure complaint] | §16.6 protected disclosures | [PSDPA whistleblower context] | Yes |
|
|
42
|
+
| [foreign-government correspondence] | §13 obtained in confidence | [identify originating government / international organisation] | Yes |
|
|
43
|
+
| [federal-provincial briefing] | §14 federal-provincial affairs | [where disclosure could be injurious to FP affairs] | Yes |
|
|
44
|
+
| [security-cleared briefing] | §15 international affairs / defence / national security | [identify which §15 head applies] | Yes |
|
|
45
|
+
| [personal information element] | §19 (refers to Privacy Act) | [§19 is NOT blanket — test against §8(2) routine uses before invoking] | Yes |
|
|
46
|
+
| [policy advice / option memo] | §21 advice and recommendations | [within §21(1)(a)/(b) and the 20-year sunset] | Partial |
|
|
47
|
+
| [legal opinion] | §23 solicitor-client privilege | [identify the privilege; do not assert without basis] | Yes |
|
|
48
|
+
| [Schedule II statute prohibition] | §24 statutory prohibitions | [identify the specific Schedule II provision] | Yes |
|
|
49
|
+
|
|
50
|
+
> Per row, the justification must be specific enough for the OIC to follow on review under §30. Asserting §16 or §15 without specifying the head is a common defect.
|
|
51
|
+
|
|
52
|
+
## Privacy Act §4–§8 Register
|
|
53
|
+
|
|
54
|
+
| Activity | Section | Justification | Notes |
|
|
55
|
+
|----------|---------|---------------|-------|
|
|
56
|
+
| [collect legal name and address] | §4 | [collection relates directly to programme X — cite enabling statute] | [link to PIA element row] |
|
|
57
|
+
| [collect identity directly from individual] | §5 | [direct collection where reasonably possible] | n/a |
|
|
58
|
+
| [collect identity from CRA cross-reference] | §5(2) — exception to direct collection | [identify the exception relied on under §5(2)/(3)] | [link to PIA element row] |
|
|
59
|
+
| [use for eligibility decisioning] | §7 — purpose of collection | [exact original purpose] | n/a |
|
|
60
|
+
| [use for fraud analytics] | §7(a) — consistent use | [explain reasonable expectation by individual] | [requires consistent-use letter to TBS InfoSource] |
|
|
61
|
+
| [disclose to other federal institution for joint programme] | §8(2)(a) — consistent use | [routine-use letter (a)] | [bilateral MOU reference] |
|
|
62
|
+
| [disclose to investigative body under federal/provincial law] | §8(2)(e) — investigation | [routine-use letter (e); cite investigative authority] | [link to Information Sharing Agreement] |
|
|
63
|
+
| [disclose to processor under contractual safeguards] | §8(2)(f) — agreement | [routine-use letter (f); cite agreement] | [cross-border? cross-reference `ca-cloud-residency`] |
|
|
64
|
+
| [disclose to OPC on access request] | §8(2)(c) — compliance with order or to comply with rules of court | [where applicable] | n/a |
|
|
65
|
+
| [disclose with consent of the individual] | §8(2)(b) — consent | [identify how consent is captured and revocable] | n/a |
|
|
66
|
+
| [public-interest disclosure to a person whose interests it benefits] | §8(2)(m) — public interest | [Minister gives written notice to OPC under §8(5)] | [extraordinary; document rationale] |
|
|
67
|
+
|
|
68
|
+
> Each §8(2)(a)–(m) letter must be matched to the actual disclosure scenario. Do not aggregate dissimilar disclosures under one row.
|
|
69
|
+
|
|
70
|
+
## Severance Design
|
|
71
|
+
|
|
72
|
+
The severance regime governs every transition from a Protected or Classified holding to a Public view, and from one user role to another within a Protected holding.
|
|
73
|
+
|
|
74
|
+
### Field-Level Severance Rules
|
|
75
|
+
|
|
76
|
+
| Field | View — Public | View — Protected | View — Classified | Exemption(s) cited |
|
|
77
|
+
|-------|---------------|------------------|-------------------|--------------------|
|
|
78
|
+
| [registrant legal name] | Reveal | Reveal | Reveal | n/a |
|
|
79
|
+
| [registrant home address] | Mask | Reveal | Reveal | §19; Privacy Act §8 |
|
|
80
|
+
| [foreign principal name] | Reveal | Reveal | Reveal | n/a |
|
|
81
|
+
| [investigative officer identity] | Mask | Mask | Reveal | §16(1)(c); §15 |
|
|
82
|
+
| [financial flow amount] | Banded | Reveal | Reveal | §20 third-party (where applicable) |
|
|
83
|
+
| [risk score / triage outcome] | Mask | Mask | Reveal | §16(1)(c); §21 advice |
|
|
84
|
+
| [free-text narrative] | Mask | Reveal with redaction | Reveal | §19; §16; §21 (per content) |
|
|
85
|
+
|
|
86
|
+
### Severance Audit Log Schema
|
|
87
|
+
|
|
88
|
+
| Field | Reviewer role | Exemption cited | Output |
|
|
89
|
+
|-------|---------------|-----------------|--------|
|
|
90
|
+
| [field name] | [ATIP analyst / delegated officer] | [§13 / §14 / §15 / §16 / §19 / §21 / §23 / §24 — specific head] | [redacted character count, justification reference, retained/deleted, version] |
|
|
91
|
+
| [composite redaction] | [Senior ATIP analyst] | [multiple — list each head] | [linked justification memo ref] |
|
|
92
|
+
| [late re-redaction on consultation] | [ATIP coordinator] | [as cited] | [reason for change; original release recall ref] |
|
|
93
|
+
|
|
94
|
+
> Every redaction event must produce one row above. Severance without per-field audit trails will not withstand OIC review.
|
|
95
|
+
|
|
96
|
+
### Re-Identification Risk Register
|
|
97
|
+
|
|
98
|
+
| Risk | Likelihood | Impact | Mitigation | Residual |
|
|
99
|
+
|------|------------|--------|------------|----------|
|
|
100
|
+
| Public register cross-referenced with adjacent open data | [Low / Med / High] | [Low / Med / High] | [k-anonymity threshold; banded fields; suppression rules] | [Low / Med / High] |
|
|
101
|
+
| Protected view metadata (timestamps, IDs) leaks through severance gaps | [Low / Med / High] | [Low / Med / High] | [strip metadata on export; review severance tooling output] | [Low / Med / High] |
|
|
102
|
+
| Aggregate analytics enabling re-identification of small cohorts | [Low / Med / High] | [Low / Med / High] | [minimum cell size; differential-privacy noise where appropriate] | [Low / Med / High] |
|
|
103
|
+
| Triangulation across release tranches | [Low / Med / High] | [Low / Med / High] | [tranche-aware severance; cumulative-disclosure ledger] | [Low / Med / High] |
|
|
104
|
+
|
|
105
|
+
## ATIP Request Workflow
|
|
106
|
+
|
|
107
|
+
1. **Intake** — request received via designated channel; identity verification; clarification dialogue where the request is broad.
|
|
108
|
+
2. **Triage** — locate responsive records; categorise per Information Holdings Inventory; identify exemptions in play.
|
|
109
|
+
3. **Consultation under §27** — notify affected third parties (other institutions, originating governments, third-party suppliers under §20) within statutory timelines.
|
|
110
|
+
4. **Severance** — apply field-level severance rules; produce audit log entries per redaction.
|
|
111
|
+
5. **Release** — issue release package or refusal; publication of refusals where institutional policy requires.
|
|
112
|
+
6. **Complaint pathway** — OIC complaint under §30; institutional response; potential Federal Court review under §41.
|
|
113
|
+
|
|
114
|
+
| Step | SLA | Owner | Notes |
|
|
115
|
+
|------|-----|-------|-------|
|
|
116
|
+
| Acknowledge receipt | Within 5 business days | ATIP coordinator | n/a |
|
|
117
|
+
| Initial response | 30 days from receipt per §7 | ATIP analyst | clock starts at receipt of fee where applicable |
|
|
118
|
+
| §9 extension notice (if required) | Before the 30-day clock expires | ATIP coordinator | written notice with reasons and stated timeline |
|
|
119
|
+
| §27 third-party consultation | Within statutory window | ATIP analyst | [identify specific third parties] |
|
|
120
|
+
| Severance and release | Per extended deadline | ATIP analyst + Senior reviewer | audit log per redaction |
|
|
121
|
+
|
|
122
|
+
### Extension justification template (§9)
|
|
123
|
+
|
|
124
|
+
| Field | Value |
|
|
125
|
+
|-------|-------|
|
|
126
|
+
| Original deadline | [YYYY-MM-DD] |
|
|
127
|
+
| §9 head invoked | §9(1)(a) / (b) / (c) |
|
|
128
|
+
| Reason | [e.g. large volume of records; consultations required; interferes unreasonably with operations] |
|
|
129
|
+
| Extended deadline | [YYYY-MM-DD] |
|
|
130
|
+
| Notice issued to requester | [YYYY-MM-DD] |
|
|
131
|
+
| OIC notified (where extension > 30 days) | [YYYY-MM-DD or N/A] |
|
|
132
|
+
|
|
133
|
+
## Annual Report Mapping
|
|
134
|
+
|
|
135
|
+
| Reportable item | Source | Period | Reporting authority |
|
|
136
|
+
|-----------------|--------|--------|---------------------|
|
|
137
|
+
| ATI requests received, granted, refused, extended | Request tracker | Fiscal year | OIC + departmental ATI annual report to Parliament |
|
|
138
|
+
| Privacy Act requests and complaints | Request tracker | Fiscal year | OPC + departmental Privacy annual report to Parliament |
|
|
139
|
+
| Personal Information Banks and InfoSource updates | PIB register | Continuous | TBS InfoSource |
|
|
140
|
+
| OIC investigations and findings | Complaints log | Fiscal year | OIC |
|
|
141
|
+
| OPC investigations and findings | Complaints log | Fiscal year | OPC |
|
|
142
|
+
| Material modifications triggering PIA refresh | Change log | On occurrence | TBS + OPC notification |
|
|
143
|
+
|
|
144
|
+
## Open Issues
|
|
145
|
+
|
|
146
|
+
| Item | Owner | Due | Status |
|
|
147
|
+
|------|-------|-----|--------|
|
|
148
|
+
| Resolve `<TBC>` exemption rationales | ATIP coordinator | [YYYY-MM-DD] | [Open / Closed] |
|
|
149
|
+
| Update PIB entry in TBS InfoSource for new holdings | ATIP coordinator | [YYYY-MM-DD] | [Open / Closed] |
|
|
150
|
+
| Confirm §27 third-party consultation list | ATIP analyst | [YYYY-MM-DD] | [Open / Closed] |
|
|
151
|
+
| Validate severance tooling against audit log schema | Architecture lead | [YYYY-MM-DD] | [Open / Closed] |
|
|
152
|
+
| Resolve re-identification risks marked High | Architecture lead | [YYYY-MM-DD] | [Open / Closed] |
|
|
153
|
+
| Cross-reference data-model classification flags | Data architect | [YYYY-MM-DD] | [Open / Closed] |
|
|
154
|
+
|
|
155
|
+
## External References
|
|
156
|
+
|
|
157
|
+
### Document Register
|
|
158
|
+
|
|
159
|
+
| Doc ID | Title | URL | Verified date |
|
|
160
|
+
|--------|-------|-----|---------------|
|
|
161
|
+
| CA-ATI-ACT | Access to Information Act (R.S.C., 1985, c. A-1) | <https://laws-lois.justice.gc.ca/eng/acts/A-1/> | [YYYY-MM-DD] |
|
|
162
|
+
| CA-PRIV-ACT | Privacy Act (R.S.C., 1985, c. P-21) | <https://laws-lois.justice.gc.ca/eng/acts/P-21/> | [YYYY-MM-DD] |
|
|
163
|
+
| CA-OIC | Office of the Information Commissioner of Canada — published guidance | <https://www.oic-ci.gc.ca/> | [YYYY-MM-DD] |
|
|
164
|
+
| CA-OPC | Office of the Privacy Commissioner of Canada — published guidance | <https://www.priv.gc.ca/> | [YYYY-MM-DD] |
|
|
165
|
+
| CA-TBS-ATI | TBS Directive on Access to Information Requests | <https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=18310> | [YYYY-MM-DD] |
|
|
166
|
+
| CA-TBS-PIA | TBS Directive on Privacy Impact Assessment | <https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=18308> | [YYYY-MM-DD] |
|
|
167
|
+
| CA-INFOSOURCE | TBS InfoSource — Personal Information Banks register | <https://www.canada.ca/en/treasury-board-secretariat/services/access-information-privacy/access-information/information-about-programs-information-holdings.html> | [YYYY-MM-DD] |
|
|
168
|
+
|
|
169
|
+
### Citations
|
|
170
|
+
|
|
171
|
+
| Citation | Doc ID | Section | Used in |
|
|
172
|
+
|----------|--------|---------|---------|
|
|
173
|
+
| [ATI-1] | CA-ATI-ACT | §7 — 30-day clock | ATIP Request Workflow |
|
|
174
|
+
| [ATI-2] | CA-ATI-ACT | §9 — extensions | ATIP Request Workflow |
|
|
175
|
+
| [ATI-3] | CA-ATI-ACT | §13 — obtained in confidence | Access to Information Act Mapping |
|
|
176
|
+
| [ATI-4] | CA-ATI-ACT | §14 — federal-provincial affairs | Access to Information Act Mapping |
|
|
177
|
+
| [ATI-5] | CA-ATI-ACT | §15 — international affairs / defence / national security | Access to Information Act Mapping |
|
|
178
|
+
| [ATI-6] | CA-ATI-ACT | §16 / §16.1–§16.6 — law enforcement and investigations | Access to Information Act Mapping |
|
|
179
|
+
| [ATI-7] | CA-ATI-ACT | §19 — personal information | Access to Information Act Mapping |
|
|
180
|
+
| [ATI-8] | CA-ATI-ACT | §21 — advice and recommendations | Access to Information Act Mapping |
|
|
181
|
+
| [ATI-9] | CA-ATI-ACT | §23 — solicitor-client privilege | Access to Information Act Mapping |
|
|
182
|
+
| [ATI-10] | CA-ATI-ACT | §24 — statutory prohibitions (Schedule II) | Access to Information Act Mapping |
|
|
183
|
+
| [ATI-11] | CA-ATI-ACT | §27 — third-party consultation | ATIP Request Workflow |
|
|
184
|
+
| [ATI-12] | CA-ATI-ACT | §30 — OIC complaints | ATIP Request Workflow |
|
|
185
|
+
| [PRIV-1] | CA-PRIV-ACT | §4 — collection authority | Privacy Act §4–§8 Register |
|
|
186
|
+
| [PRIV-2] | CA-PRIV-ACT | §5 — direct collection (and §5(2)/(3) exceptions) | Privacy Act §4–§8 Register |
|
|
187
|
+
| [PRIV-3] | CA-PRIV-ACT | §7 / §7(a) — use limited to purpose / consistent use | Privacy Act §4–§8 Register |
|
|
188
|
+
| [PRIV-4] | CA-PRIV-ACT | §8(2)(a)–(m) — routine-use disclosure letters | Privacy Act §4–§8 Register |
|
|
189
|
+
|
|
190
|
+
### Unreferenced Documents
|
|
191
|
+
|
|
192
|
+
[List any documents read during generation but not cited, or "None".]
|
|
@@ -0,0 +1,190 @@
|
|
|
1
|
+
# Canada Charter Rights Design Review
|
|
2
|
+
|
|
3
|
+
> **Template Origin**: Community | **ArcKit Version**: [VERSION] | **Command**: `/arckit:ca-charter`
|
|
4
|
+
|
|
5
|
+
## Document Control
|
|
6
|
+
|
|
7
|
+
<!-- DOC-CONTROL-HEADER -->
|
|
8
|
+
<!-- Resolved at command-execution time per _partials/RENDERING.md. -->
|
|
9
|
+
<!-- Classification line MUST be: -->
|
|
10
|
+
<!-- | Classification | UNCLASSIFIED / Protected A / Protected B / Protected C / CONFIDENTIAL / SECRET / TOP SECRET | -->
|
|
11
|
+
|
|
12
|
+
## Revision History
|
|
13
|
+
|
|
14
|
+
| Version | Date | Author | Changes | Approved By | Approval Date |
|
|
15
|
+
|---------|------|--------|---------|-------------|---------------|
|
|
16
|
+
| [VERSION] | [YYYY-MM-DD] | ArcKit AI | Initial creation from `/arckit:ca-charter` | [PENDING] | [PENDING] |
|
|
17
|
+
|
|
18
|
+
## Executive Summary
|
|
19
|
+
|
|
20
|
+
[Two to three paragraphs describing the system, the Charter sections engaged (default for FITAA-class apps: s.2(b), s.2(d), s.7, s.8, s.15), the headline risks per right, the Oakes proportionality posture, the residual rating, and the DOJ counsel sign-off status. Note any open items — pending sign-offs, jurisprudence verification, or design changes required to clear residual risk.]
|
|
21
|
+
|
|
22
|
+
## Charter Engagement Surface
|
|
23
|
+
|
|
24
|
+
| Section | Engaged? (Y / N) | Justification |
|
|
25
|
+
|---------|------------------|---------------|
|
|
26
|
+
| s.2(a) — freedom of conscience and religion | [Y / N] | [One-paragraph reasoning. If N, state why religious-belief and conscience interests are not engaged.] |
|
|
27
|
+
| s.2(b) — freedom of expression | [Y / N — default Y for FITAA-class apps] | [Identify chilling-effect surface: advocacy, journalism, academic inquiry, diaspora speech.] |
|
|
28
|
+
| s.2(c) — freedom of peaceful assembly | [Y / N] | [Reasoning.] |
|
|
29
|
+
| s.2(d) — freedom of association | [Y / N — default Y for FITAA-class apps] | [Identify disincentive surface: civil-society engagement, diaspora communities, political associations.] |
|
|
30
|
+
| s.7 — life, liberty, security of the person | [Y / N — default Y for FITAA-class apps] | [Identify any deprivation: liberty effects of registration, security-of-person effects of disclosure.] |
|
|
31
|
+
| s.8 — search and seizure | [Y / N — default Y for FITAA-class apps] | [Identify reasonable-expectation-of-privacy interests; reference the PIA personal-information inventory.] |
|
|
32
|
+
| s.15 — equality | [Y / N — default Y for FITAA-class apps] | [Identify protected-ground populations subject to differential impact.] |
|
|
33
|
+
|
|
34
|
+
## s.2 Analysis
|
|
35
|
+
|
|
36
|
+
### s.2(a) — Freedom of Conscience and Religion
|
|
37
|
+
|
|
38
|
+
| Engagement | Risk | Mitigation | Residual |
|
|
39
|
+
|------------|------|------------|----------|
|
|
40
|
+
| [Religious-belief interests engaged by, e.g., classification of religious advocacy as registrable activity] | [Suppression of religious expression; differential burden on religious communities] | [Carve-out / threshold / process safeguard] | [Low / Med / High] |
|
|
41
|
+
|
|
42
|
+
### s.2(b) — Freedom of Expression
|
|
43
|
+
|
|
44
|
+
| Engagement | Risk | Mitigation | Residual |
|
|
45
|
+
|------------|------|------------|----------|
|
|
46
|
+
| [Chilling effect on advocacy / journalism / academic inquiry] | [Self-censorship; reduced public-interest reporting; advocacy withdrawal] | [Journalism / academic exemption; threshold tests; appeal route] | [Low / Med / High] |
|
|
47
|
+
| [Public-register disclosure of speech-adjacent activity] | [Reputational harm; over-disclosure beyond transparency objective] | [Severance rules; minimum-data-on-public-register principle] | [Low / Med / High] |
|
|
48
|
+
|
|
49
|
+
### s.2(c) — Freedom of Peaceful Assembly
|
|
50
|
+
|
|
51
|
+
| Engagement | Risk | Mitigation | Residual |
|
|
52
|
+
|------------|------|------------|----------|
|
|
53
|
+
| [Registration capturing convening / event organisation] | [Disincentive to legitimate assembly] | [Threshold / exemption / appeal] | [Low / Med / High] |
|
|
54
|
+
|
|
55
|
+
### s.2(d) — Freedom of Association
|
|
56
|
+
|
|
57
|
+
| Engagement | Risk | Mitigation | Residual |
|
|
58
|
+
|------------|------|------------|----------|
|
|
59
|
+
| [Disincentive to civil-society or diaspora engagement] | [Withdrawal of legitimate association; chilling of community organising] | [Carve-outs; identity-verification minimisation; appeal route] | [Low / Med / High] |
|
|
60
|
+
| [Differential impact on diaspora communities] | [Disproportionate registration burden on particular national-origin groups] | [Substantive-equality review; differential-impact monitoring] | [Low / Med / High] |
|
|
61
|
+
|
|
62
|
+
## s.7 Analysis
|
|
63
|
+
|
|
64
|
+
| Engagement | Deprivation | Procedural Safeguard | Residual |
|
|
65
|
+
|------------|-------------|----------------------|----------|
|
|
66
|
+
| [Liberty interest engaged by registration obligation backed by penal consequences] | [Risk of penal sanction for non-registration; impact on freedom of movement / employment] | [Notice; right to representation; appeal to independent decision-maker; principles of fundamental justice per *Carter*] | [Low / Med / High] |
|
|
67
|
+
| [Security of person engaged by disclosure of registrant identity in sensitive contexts] | [Risk of harassment, threats, or transnational repression following disclosure] | [Threat-assessment screen; protective-disclosure carve-out; severance to protected register] | [Low / Med / High] |
|
|
68
|
+
|
|
69
|
+
## s.8 Analysis
|
|
70
|
+
|
|
71
|
+
| Engagement | Reasonable Expectation of Privacy Analysis | Warrant or Production-Order Interface | Residual |
|
|
72
|
+
|------------|--------------------------------------------|----------------------------------------|----------|
|
|
73
|
+
| [Collection of registrant / foreign-principal personal information] | [REP analysis under *Hunter v Southam*: subjective expectation, objective reasonableness, totality of the circumstances] | [Production-order workflow; warrant requirement for any compelled access beyond statutory authority] | [Low / Med / High] |
|
|
74
|
+
| [Investigative back-end interfaces with RCMP / CSIS] | [Heightened REP for investigative metadata; *R v Spencer* line on subscriber identifiers] | [Severance audit per `ca-atip`; warrant or production-order required for compelled disclosure] | [Low / Med / High] |
|
|
75
|
+
| [Cross-reference to PIA personal-information inventory] | [REP analysis grounded in PIA-classified data elements] | [Lawful-authority chain per Privacy Act §4–§8] | [Low / Med / High] |
|
|
76
|
+
|
|
77
|
+
## s.15 Analysis
|
|
78
|
+
|
|
79
|
+
| Protected Ground | Differential Impact | Substantive-Equality Test | Residual |
|
|
80
|
+
|------------------|---------------------|----------------------------|----------|
|
|
81
|
+
| Race, national or ethnic origin, colour | [Disproportionate registration burden on specific diaspora communities] | [Distinction creating disadvantage; perpetuation of pre-existing disadvantage; not merely formal equality] | [Low / Med / High] |
|
|
82
|
+
| Religion | [Targeting of religious advocacy / community structures] | [Substantive impact on religious communities; not formal neutrality] | [Low / Med / High] |
|
|
83
|
+
| Sex, gender identity, sexual orientation | [Differential exposure / harassment risk on disclosure] | [Substantive impact across gendered patterns of advocacy and online harassment] | [Low / Med / High] |
|
|
84
|
+
| Age | [Younger / older user-experience burden of registration] | [Substantive accessibility test] | [Low / Med / High] |
|
|
85
|
+
| Mental or physical disability | [Accessibility of registration channels; cognitive burden of compliance] | [WCAG / accommodation duty; substantive-equality lens, not formal lens] | [Low / Med / High] |
|
|
86
|
+
| Analogous grounds (e.g. citizenship, immigration status) | [Differential impact on permanent residents, foreign nationals, refugees] | [Court-recognised analogous-ground test] | [Low / Med / High] |
|
|
87
|
+
|
|
88
|
+
## Oakes Proportionality Analysis
|
|
89
|
+
|
|
90
|
+
> Run the four-step test for **each engaged right**. Partial analysis is a common review failure.
|
|
91
|
+
|
|
92
|
+
### Right: s.2(b) — Freedom of Expression
|
|
93
|
+
|
|
94
|
+
| Step | Question | Answer |
|
|
95
|
+
|------|----------|--------|
|
|
96
|
+
| Pressing and substantial objective | What is the objective the limit serves, and is it pressing and substantial in a free and democratic society? | [Objective + evidence of substantiality] |
|
|
97
|
+
| Rational connection | Is the means rationally connected to the objective? | [Yes / No — explain] |
|
|
98
|
+
| Minimal impairment | Does the design impair the right as little as reasonably possible? | [Identify the least-restrictive alternatives considered and why this design is at the minimum-impairment frontier] |
|
|
99
|
+
| Proportional effects | Do the salutary effects outweigh the deleterious effects on the right-holder? | [Reasoning] |
|
|
100
|
+
|
|
101
|
+
### Right: s.2(d) — Freedom of Association
|
|
102
|
+
|
|
103
|
+
| Step | Question | Answer |
|
|
104
|
+
|------|----------|--------|
|
|
105
|
+
| Pressing and substantial objective | [As above for the association limit] | [Answer] |
|
|
106
|
+
| Rational connection | [As above] | [Answer] |
|
|
107
|
+
| Minimal impairment | [As above] | [Answer] |
|
|
108
|
+
| Proportional effects | [As above] | [Answer] |
|
|
109
|
+
|
|
110
|
+
### Right: s.7 — Life, Liberty, Security of the Person
|
|
111
|
+
|
|
112
|
+
| Step | Question | Answer |
|
|
113
|
+
|------|----------|--------|
|
|
114
|
+
| Pressing and substantial objective | [As above] | [Answer] |
|
|
115
|
+
| Rational connection | [As above] | [Answer] |
|
|
116
|
+
| Minimal impairment | [As above] | [Answer] |
|
|
117
|
+
| Proportional effects | [As above] | [Answer] |
|
|
118
|
+
|
|
119
|
+
### Right: s.8 — Search and Seizure
|
|
120
|
+
|
|
121
|
+
| Step | Question | Answer |
|
|
122
|
+
|------|----------|--------|
|
|
123
|
+
| Pressing and substantial objective | [As above for the search / production-order regime] | [Answer] |
|
|
124
|
+
| Rational connection | [As above] | [Answer] |
|
|
125
|
+
| Minimal impairment | [As above] | [Answer] |
|
|
126
|
+
| Proportional effects | [As above] | [Answer] |
|
|
127
|
+
|
|
128
|
+
### Right: s.15 — Equality
|
|
129
|
+
|
|
130
|
+
| Step | Question | Answer |
|
|
131
|
+
|------|----------|--------|
|
|
132
|
+
| Pressing and substantial objective | [As above for the differential-impact effect] | [Answer] |
|
|
133
|
+
| Rational connection | [As above] | [Answer] |
|
|
134
|
+
| Minimal impairment | [As above] | [Answer] |
|
|
135
|
+
| Proportional effects | [As above] | [Answer] |
|
|
136
|
+
|
|
137
|
+
## Mitigation Register
|
|
138
|
+
|
|
139
|
+
| Charter Risk | Mitigation | Owner | Status | Residual |
|
|
140
|
+
|--------------|------------|-------|--------|----------|
|
|
141
|
+
| s.2(b) chilling effect on advocacy / journalism | [Journalism / academic exemption + appeal route] | [Service Owner] | [Open / Closed] | [Low / Med / High] |
|
|
142
|
+
| s.2(d) disincentive to diaspora civil-society engagement | [Carve-outs + identity-verification minimisation] | [Service Owner] | [Open / Closed] | [Low / Med / High] |
|
|
143
|
+
| s.7 liberty effect of penal-backed registration | [Notice + representation + appeal to independent decision-maker] | [Departmental Justice Counsel] | [Open / Closed] | [Low / Med / High] |
|
|
144
|
+
| s.7 security-of-person effect of disclosure | [Threat-assessment screen + protective severance] | [DSO + Service Owner] | [Open / Closed] | [Low / Med / High] |
|
|
145
|
+
| s.8 over-collection beyond statutory authority | [Lawful-authority chain per PIA + warrant interface for compelled access] | [Privacy Counsel] | [Open / Closed] | [Low / Med / High] |
|
|
146
|
+
| s.15 differential impact on protected groups | [Substantive-equality monitoring + targeted accommodation] | [Service Owner + DOJ Counsel] | [Open / Closed] | [Low / Med / High] |
|
|
147
|
+
|
|
148
|
+
## DOJ Counsel Sign-Off Block
|
|
149
|
+
|
|
150
|
+
> Charter design review without named counsel sign-off is a draft, not an artefact. Constitutional matters route to DOJ HQ.
|
|
151
|
+
|
|
152
|
+
| Role | Counsel | Date | Conditions |
|
|
153
|
+
|------|---------|------|------------|
|
|
154
|
+
| Departmental Justice Counsel | [name] | [YYYY-MM-DD] | [conditions / open items / further analysis required] |
|
|
155
|
+
| DOJ HQ Constitutional Advisor (where the risk warrants) | [name] | [YYYY-MM-DD] | [conditions / open items] |
|
|
156
|
+
| ATIP coordinator (s.8 / privacy-adjacent matters) | [name] | [YYYY-MM-DD] | [conditions / open items] |
|
|
157
|
+
| Departmental Security Officer (s.7 security-of-person) | [name] | [YYYY-MM-DD] | [conditions / open items] |
|
|
158
|
+
| ADM accountable | [name] | [YYYY-MM-DD] | [conditions / open items] |
|
|
159
|
+
|
|
160
|
+
## External References
|
|
161
|
+
|
|
162
|
+
### Document Register
|
|
163
|
+
|
|
164
|
+
| Doc ID | Title | URL | Verified date |
|
|
165
|
+
|--------|-------|-----|---------------|
|
|
166
|
+
| CA-CHARTER | Canadian Charter of Rights and Freedoms (Constitution Act, 1982, Part I) | <https://laws-lois.justice.gc.ca/eng/const/page-12.html> | [YYYY-MM-DD] |
|
|
167
|
+
| CA-OAKES | *R v Oakes* [1986] 1 SCR 103 | <https://scc-csc.lexum.com/scc-csc/scc-csc/en/item/117/index.do> | [YYYY-MM-DD] |
|
|
168
|
+
| CA-HUNTER | *Hunter v Southam* [1984] 2 SCR 145 | <https://scc-csc.lexum.com/scc-csc/scc-csc/en/item/5274/index.do> | [YYYY-MM-DD] |
|
|
169
|
+
| CA-SPENCER | *R v Spencer* [2014] 2 SCR 212 | <https://scc-csc.lexum.com/scc-csc/scc-csc/en/item/14233/index.do> | [YYYY-MM-DD] |
|
|
170
|
+
| CA-CARTER | *Carter v Canada (AG)* [2015] 1 SCR 331 | <https://scc-csc.lexum.com/scc-csc/scc-csc/en/item/14637/index.do> | [YYYY-MM-DD] |
|
|
171
|
+
| CA-DOJ-CHARTER-STMT | DOJ Charter Statements guidance | <https://www.justice.gc.ca/eng/csj-sjc/pl/charter-charte/index.html> | [YYYY-MM-DD] |
|
|
172
|
+
|
|
173
|
+
### Citations
|
|
174
|
+
|
|
175
|
+
| Citation | Doc ID | Section | Used in |
|
|
176
|
+
|----------|--------|---------|---------|
|
|
177
|
+
| [CHARTER-1] | CA-CHARTER | s.1 — reasonable limits, justification under Oakes | Oakes Proportionality Analysis |
|
|
178
|
+
| [CHARTER-2] | CA-CHARTER | s.2 — fundamental freedoms | s.2 Analysis |
|
|
179
|
+
| [CHARTER-3] | CA-CHARTER | s.7 — life, liberty, security of the person | s.7 Analysis |
|
|
180
|
+
| [CHARTER-4] | CA-CHARTER | s.8 — search and seizure | s.8 Analysis |
|
|
181
|
+
| [CHARTER-5] | CA-CHARTER | s.15 — equality | s.15 Analysis |
|
|
182
|
+
| [OAKES-1] | CA-OAKES | Four-step proportionality test | Oakes Proportionality Analysis |
|
|
183
|
+
| [HUNTER-1] | CA-HUNTER | Reasonable expectation of privacy | s.8 Analysis |
|
|
184
|
+
| [SPENCER-1] | CA-SPENCER | Subscriber-identifier REP in digital contexts | s.8 Analysis |
|
|
185
|
+
| [CARTER-1] | CA-CARTER | Principles of fundamental justice under s.7 | s.7 Analysis |
|
|
186
|
+
| [DOJ-CS-1] | CA-DOJ-CHARTER-STMT | Charter Statement methodology and counsel-engagement guidance | DOJ Counsel Sign-Off Block |
|
|
187
|
+
|
|
188
|
+
### Unreferenced Documents
|
|
189
|
+
|
|
190
|
+
[List any documents read during generation but not cited, or "None".]
|
|
@@ -0,0 +1,173 @@
|
|
|
1
|
+
# Canada Sovereign Cloud Residency Assessment
|
|
2
|
+
|
|
3
|
+
> **Template Origin**: Community | **ArcKit Version**: [VERSION] | **Command**: `/arckit:ca-cloud-residency`
|
|
4
|
+
|
|
5
|
+
## Document Control
|
|
6
|
+
|
|
7
|
+
<!-- DOC-CONTROL-HEADER -->
|
|
8
|
+
<!-- Resolved at command-execution time per _partials/RENDERING.md. -->
|
|
9
|
+
<!-- Classification line MUST be: -->
|
|
10
|
+
<!-- | Classification | UNCLASSIFIED / Protected A / Protected B / Protected C / CONFIDENTIAL / SECRET / TOP SECRET | -->
|
|
11
|
+
|
|
12
|
+
## Revision History
|
|
13
|
+
|
|
14
|
+
| Version | Date | Author | Changes | Approved By | Approval Date |
|
|
15
|
+
|---------|------|--------|---------|-------------|---------------|
|
|
16
|
+
| [VERSION] | [YYYY-MM-DD] | ArcKit AI | Initial creation from `/arckit:ca-cloud-residency` | [PENDING] | [PENDING] |
|
|
17
|
+
|
|
18
|
+
## Executive Summary
|
|
19
|
+
|
|
20
|
+
[Two to three paragraphs describing the system, the system-level categorisation (UNCLASSIFIED / Protected A / Protected B / Protected C / CONFIDENTIAL / SECRET / TOP SECRET), the residency expectation at rest / in transit / in processing, the sovereign cloud option recommended (AWS Canada / Azure Canada / Google Cloud Canada / SSC-brokered / hybrid), the CLOUD-Act exposure posture and the named risk acceptance, the exit-portability cadence, and any pending Protected B authorisations or sub-processor flags. Note any conditions imposed by the security authority on go-live.]
|
|
21
|
+
|
|
22
|
+
## Workload Categorisation
|
|
23
|
+
|
|
24
|
+
> Pull the system-level categorisation from `ARC-<id>-ITSG-*.md` if present. Otherwise, score Confidentiality (C), Integrity (I), and Availability (A) per the TBS *Standard on Security Categorization* injury-based matrix and aggregate to a system-level categorisation using the high-water mark.
|
|
25
|
+
|
|
26
|
+
| Asset | Confidentiality (L/M/H) | Integrity (L/M/H) | Availability (L/M/H) | Aggregate (L/M/H) | Protected Level |
|
|
27
|
+
|-------|--------------------------|-------------------|----------------------|---------------------|-----------------|
|
|
28
|
+
| [Asset 1 — e.g. citizen application records] | [score + injury rationale] | [score + injury rationale] | [score + injury rationale] | [aggregate] | [UNCLASSIFIED / Protected A / Protected B / Protected C / CONFIDENTIAL / SECRET / TOP SECRET] |
|
|
29
|
+
| [Asset 2 — e.g. analytic data lake] | [score] | [score] | [score] | [aggregate] | [level] |
|
|
30
|
+
| [Asset 3 — e.g. cryptographic key material] | [score] | [score] | [score] | [aggregate] | [level] |
|
|
31
|
+
|
|
32
|
+
**System-level categorisation**: [high-water mark across the inventory] — [one-paragraph rationale, with a pointer to the ITSG SoA if it has been generated]
|
|
33
|
+
|
|
34
|
+
## Residency Requirement Statement
|
|
35
|
+
|
|
36
|
+
> Capture residency for data at rest, in transit, and in processing. Note backup and DR location requirements. Surface policy-derived constraints (Privacy Act §8, lawful-authority drivers) and data-class-derived constraints (Indigenous data per `ca-ocap`, Cabinet confidence, classified material).
|
|
37
|
+
|
|
38
|
+
| Requirement | Source | Constraint | Notes |
|
|
39
|
+
|-------------|--------|------------|-------|
|
|
40
|
+
| Data at rest in Canada | [TBS Direction § / `NFR-LOC-*` / `DR-*` / `PIA-*`] | [In-Canada region only / Encrypted at rest with BYOK / HYOK] | [exception envelope, if any] |
|
|
41
|
+
| Data in transit through Canadian network paths | [Source] | [No transit through foreign network points-of-presence / TLS 1.3+ end-to-end] | [interconnect plan reference] |
|
|
42
|
+
| Data in processing on Canadian compute | [Source] | [In-region compute only / no cross-border managed-service backhaul] | [list any managed services flagged for backhaul] |
|
|
43
|
+
| Backup residency | [Source] | [In-Canada / cross-region within Canada / out-of-country prohibited] | [backup window and recovery point] |
|
|
44
|
+
| Disaster recovery location | [Source] | [Secondary Canadian region required / hot-warm-cold posture] | [RTO / RPO from REQ NFR-AVL] |
|
|
45
|
+
| Indigenous-data handling (if applicable) | [`ca-ocap` / DR-* / Crown-Indigenous policy] | [OCAP principles applied; processing rights restricted] | [data-sovereignty rights holder named] |
|
|
46
|
+
| Personal-information residency | [PIA / Privacy Act §8 / DR-*] | [Privacy Act §8 routine use cited; cross-border transfer disclosed in PIA] | [routine-use reference] |
|
|
47
|
+
|
|
48
|
+
## Sovereign Cloud Options Matrix
|
|
49
|
+
|
|
50
|
+
> For each option, name the region(s), the current Protected B authorisation status with verification date, the foreign-government access exposure, the cost band relative to the cheapest in-Canada option, and any managed-services availability gaps.
|
|
51
|
+
|
|
52
|
+
| Provider | Region | Protected B Authorisation Status (as of [YYYY-MM-DD]) | CLOUD-Act / Foreign-Access Exposure | Cost Band | Managed-Services Gaps |
|
|
53
|
+
|----------|--------|-------------------------------------------------------|--------------------------------------|-----------|------------------------|
|
|
54
|
+
| AWS Canada | Central — Montréal (`ca-central-1`) | [Authorised / Conditional / Pending — verification date] | US-incorporated CSP — US CLOUD Act applies; FISA-702 / EO-12333 reach for US-collected metadata | [$ / $$ / $$$ relative to cheapest] | [services available in US regions but absent from `ca-central-1`] |
|
|
55
|
+
| AWS Canada | West — Calgary (`ca-west-1`) | [GA / Limited GA / Pending — verification date; federal authorisation scope to confirm] | Same CLOUD-Act posture as `ca-central-1` | [band] | [services lagging `ca-central-1`] |
|
|
56
|
+
| Azure Canada | Canada Central — Toronto | [status — verification date] | US-incorporated CSP — CLOUD Act applies; entity-level legal process risk | [band] | [services lagging US regions] |
|
|
57
|
+
| Azure Canada | Canada East — Quebec City | [status — verification date] | Same CLOUD-Act posture as Canada Central | [band] | [services lagging Canada Central] |
|
|
58
|
+
| Google Cloud Canada | Montréal (`northamerica-northeast1`) | [status — verification date] | US-incorporated CSP — CLOUD Act applies | [band] | [services lagging GCP US regions] |
|
|
59
|
+
| Google Cloud Canada | Toronto (`northamerica-northeast2`) | [status — verification date] | Same CLOUD-Act posture as Montréal | [band] | [services lagging Montréal] |
|
|
60
|
+
| SSC-brokered | Multi-CSP under SSC vehicles (e.g. `EN578-191593/H/ZF` and successors) | [Inherited authorisation envelope where SSC has issued the broker-level ATO] | Inherited from underlying CSP; CLOUD Act exposure unchanged | [band] | [scope limited to brokered services on the published catalogue] |
|
|
61
|
+
|
|
62
|
+
**Recommended option**: [Provider + Region] — [one-paragraph rationale tying the recommendation to the categorisation, the residency requirement statement, the CLOUD-Act risk acceptance, and the cost band]. **Named risk accepter** for residual CLOUD-Act exposure: [role + name + ADR reference].
|
|
63
|
+
|
|
64
|
+
## GC Cloud Brokering Service Path
|
|
65
|
+
|
|
66
|
+
> SSC brokering scaffolds the departmental authorisation but does not transfer the departmental ATO obligation. Capture the steps and the role split.
|
|
67
|
+
|
|
68
|
+
| Step | SSC Role | Departmental Role | Artefact |
|
|
69
|
+
|------|----------|-------------------|----------|
|
|
70
|
+
| Service intake and eligibility | [SSC brokering team confirms vehicle coverage and CSP availability] | [Departmental architect submits intake] | [Intake form / SSC reference number] |
|
|
71
|
+
| Inheritance assessment | [SSC publishes the inherited ATO components and the residual scope] | [Departmental security authority confirms the inherited boundary] | [Inheritance memo] |
|
|
72
|
+
| Departmental authorisation | [SSC supports evidence requests] | [Departmental Authorising Official issues the system ATO over the inherited components] | [Departmental ATO letter] |
|
|
73
|
+
| Operate and re-authorise | [SSC re-publishes inherited components on its cycle] | [Departmental security authority operates the system within the inherited envelope and re-authorises on the published cycle] | [Continuous monitoring + re-authorisation memo] |
|
|
74
|
+
|
|
75
|
+
## Foreign Subprocessor Analysis
|
|
76
|
+
|
|
77
|
+
> Cloud Service Provider supply-chain residency. Walk the published sub-processor lists and flag any whose primary jurisdiction sits outside Canada.
|
|
78
|
+
|
|
79
|
+
| CSP | Service | Sub-processor | Jurisdiction | Notes |
|
|
80
|
+
|-----|---------|---------------|--------------|-------|
|
|
81
|
+
| [CSP 1] | [Service — e.g. observability, ML inference, CDN] | [Sub-processor entity] | [Country / state of incorporation] | [Material exposure — data plane / control plane / metadata only] |
|
|
82
|
+
| [CSP 2] | [Service] | [Sub-processor] | [Jurisdiction] | [Notes] |
|
|
83
|
+
| [CSP 3] | [Service] | [Sub-processor] | [Jurisdiction] | [Notes] |
|
|
84
|
+
| [CSP 4] | [Service — bundled third party] | [Sub-processor] | [Jurisdiction] | [Notes] |
|
|
85
|
+
|
|
86
|
+
## Exit / Portability Plan
|
|
87
|
+
|
|
88
|
+
> Numbered runbook plus a per-asset table. The plan must be rehearsed on a published cadence — exit on paper is not exit.
|
|
89
|
+
|
|
90
|
+
1. **Trigger inventory** — list the events that initiate exit (categorisation upgrade, supplier flag, contract termination, sovereignty-policy change).
|
|
91
|
+
2. **Bulk export** — name the export tooling per workload, the staging location (in-Canada object storage, departmental SAN), and the transfer window.
|
|
92
|
+
3. **State replication** — describe how warm state (databases, queues, in-flight workflows) is replicated to the destination during cutover.
|
|
93
|
+
4. **Format portability** — confirm the stored formats are portable (Parquet / ORC / Avro for analytics; OCI for containers; standard SQL dumps for relational state) and flag any proprietary lakehouse or managed-service formats that need transformation.
|
|
94
|
+
5. **Identity and IAM cutover** — re-root the trust chain to the destination IdP; revoke source-tenant credentials.
|
|
95
|
+
6. **Operational-runbook rebuild** — identify runbooks coupled to source-CSP-specific tooling and rebuild them on the destination.
|
|
96
|
+
7. **Dry-run cadence** — schedule and rehearse the exit at least annually; capture the actual time-to-exit and update the budget.
|
|
97
|
+
|
|
98
|
+
| Exit Asset | Format | Tooling | Dry-run Cadence |
|
|
99
|
+
|------------|--------|---------|------------------|
|
|
100
|
+
| [Application database] | [Postgres dump / Parquet snapshot] | [Tool — e.g. AWS DMS / Azure DMS / native pg_dump] | [Annual / Semi-annual] |
|
|
101
|
+
| [Analytics lake] | [Parquet / ORC] | [Spark export job / Glue / Synapse export] | [Cadence] |
|
|
102
|
+
| [Container images] | [OCI tarball] | [skopeo / oras / native registry export] | [Cadence] |
|
|
103
|
+
| [Object storage] | [Native objects + manifest] | [aws s3 sync / azcopy / gsutil] | [Cadence] |
|
|
104
|
+
| [IAM / identity] | [SCIM export + IdP claim mapping doc] | [SCIM bridge / IdP export] | [Cadence] |
|
|
105
|
+
|
|
106
|
+
## Cross-Border Transfer Analysis
|
|
107
|
+
|
|
108
|
+
> Where federal data crosses the border, document the transfer, cite the lawful authority, and note CLOUD-Act exposure even for workloads operationally hosted in Canada.
|
|
109
|
+
|
|
110
|
+
| Transfer | Direction | Authority Cited | Justification |
|
|
111
|
+
|----------|-----------|-----------------|---------------|
|
|
112
|
+
| [Transfer 1 — e.g. CDN egress to US edge POP] | [Outbound to US] | [Privacy Act §8 routine use ref / contractual TIA] | [Operational rationale + residual exposure note] |
|
|
113
|
+
| [Transfer 2 — e.g. observability backhaul] | [Outbound to US managed observability] | [Authority] | [Justification + mitigation, e.g. data minimisation, hashing] |
|
|
114
|
+
| [Transfer 3 — e.g. foreign administrative access (CSP support staff)] | [Logical access from foreign jurisdiction] | [Authority — SSC contract clause / TBS Direction] | [Just-in-time access + audit + key-custody mitigations] |
|
|
115
|
+
| [Transfer 4 — CLOUD-Act-driven exposure, in-Canada operation] | [Latent legal exposure even with no operational outbound] | [Documented acceptance — named accepter] | [Risk acceptance rationale and ADR reference] |
|
|
116
|
+
|
|
117
|
+
## Operational Topology
|
|
118
|
+
|
|
119
|
+
| Region | Availability Zone(s) | Network Path | Encryption-in-Transit | Peering / Interconnect |
|
|
120
|
+
|--------|----------------------|--------------|-----------------------|------------------------|
|
|
121
|
+
| [Primary — e.g. `ca-central-1`] | [AZs in scope] | [Private link / transit gateway / VPN] | [TLS 1.3 / mTLS / IPsec / MACsec where applicable] | [Direct Connect / ExpressRoute / Cloud Interconnect — bandwidth + redundancy] |
|
|
122
|
+
| [Secondary — e.g. `ca-west-1` or Canada East] | [AZs] | [Path] | [Posture] | [Interconnect — DR-only / active-active] |
|
|
123
|
+
| [Edge / CDN] | [N/A or named PoPs] | [Path] | [Posture] | [Peering] |
|
|
124
|
+
| [Backup / DR target] | [Cross-region within Canada AZ list] | [Replication path — async / sync / snapshot ship] | [Posture] | [Dedicated link or public path] |
|
|
125
|
+
|
|
126
|
+
**Encryption key custody**: [BYOK / HYOK / external key store / CSP-managed]. **Key store location**: [In-Canada HSM / cloud-native KMS / on-premises HSM with cloud bridge]. **Identity trust root**: [In-Canada IdP / federated to a foreign tenant — flag if foreign]. **Privileged-access provenance**: [Just-in-time access only / no foreign-jurisdiction administrative access / break-glass procedure documented].
|
|
127
|
+
|
|
128
|
+
## Shared Responsibility Matrix
|
|
129
|
+
|
|
130
|
+
> Capture which residency control sits with the CSP, with SSC under brokering, and with the department. The matrix is the single source of truth for "who answers to TBS for this control" — overlap is acceptable, gaps are findings.
|
|
131
|
+
|
|
132
|
+
| Control Area | CSP Responsibility | SSC Responsibility (if brokered) | Departmental Responsibility |
|
|
133
|
+
|--------------|--------------------|-----------------------------------|------------------------------|
|
|
134
|
+
| Physical region location | [In-Canada region operation] | [Vehicle scope confirmation] | [Region selection in deployment IaC] |
|
|
135
|
+
| Encryption at rest | [Native KMS availability] | [Inherited KMS configuration baseline] | [BYOK / HYOK rotation, key custody, deletion] |
|
|
136
|
+
| Encryption in transit | [TLS termination at CSP boundary] | [N/A or shared baseline] | [End-to-end TLS, mTLS between services] |
|
|
137
|
+
| Sub-processor management | [CSP publishes sub-processor list and notice cadence] | [SSC tracks broker-scoped sub-processors] | [Departmental review against PIA and DPIA] |
|
|
138
|
+
| Foreign administrative access | [CSP support staff access controls] | [SSC contractual clauses] | [Just-in-time approval, audit, and review] |
|
|
139
|
+
| Cross-border transfer logging | [CSP region selection and routing] | [Broker-level auditing] | [Privacy Act §8 routine-use register] |
|
|
140
|
+
|
|
141
|
+
## Open Items
|
|
142
|
+
|
|
143
|
+
| ID | Description | Owner | Due Date | Status |
|
|
144
|
+
|----|-------------|-------|----------|--------|
|
|
145
|
+
| OI-1 | [Outstanding sovereign-cloud option choice / pending Protected B authorisation / unresolved sub-processor flag / exit dry-run schedule / authorisation condition] | [Role] | [YYYY-MM-DD] | [Open / In Progress / Closed] |
|
|
146
|
+
| OI-2 | [item] | [owner] | [date] | [status] |
|
|
147
|
+
|
|
148
|
+
## External References
|
|
149
|
+
|
|
150
|
+
### Document Register
|
|
151
|
+
|
|
152
|
+
| Doc ID | Title | URL | Verified date |
|
|
153
|
+
|--------|-------|-----|---------------|
|
|
154
|
+
| CA-TBS-CLOUD | TBS Direction on the Secure Use of Commercial Cloud Services | <https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=32600> | [YYYY-MM-DD] |
|
|
155
|
+
| CA-GC-CAS | Government of Canada Cloud Adoption Strategy | <https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services.html> | [YYYY-MM-DD] |
|
|
156
|
+
| CA-ITSP-50-103 | CSE ITSP.50.103 Guidance on Security Categorization of Cloud-Based Services | <https://cyber.gc.ca/en/guidance/itsp50103-guidance-security-categorization-cloud-based-services> | [YYYY-MM-DD] |
|
|
157
|
+
| CA-SSC-BROKER | SSC Cloud Brokering Service | <https://www.canada.ca/en/shared-services/services/it-modernization/cloud-services.html> | [YYYY-MM-DD] |
|
|
158
|
+
| CA-PRIV-ACT | Privacy Act (R.S.C., 1985, c. P-21) — §8 routine uses | <https://laws-lois.justice.gc.ca/eng/acts/p-21/> | [YYYY-MM-DD] |
|
|
159
|
+
|
|
160
|
+
### Citations
|
|
161
|
+
|
|
162
|
+
| Citation | Doc ID | Section | Used in |
|
|
163
|
+
|----------|--------|---------|---------|
|
|
164
|
+
| [TBS-CLOUD-1] | CA-TBS-CLOUD | Residency expectations at Protected B and above | Residency Requirement Statement |
|
|
165
|
+
| [TBS-CLOUD-2] | CA-TBS-CLOUD | CSP risk-management and assurance posture | Sovereign Cloud Options Matrix |
|
|
166
|
+
| [GC-CAS-1] | CA-GC-CAS | Cloud-first / public-cloud-by-default posture and exceptions | Workload Categorisation |
|
|
167
|
+
| [ITSP-50-103-1] | CA-ITSP-50-103 | Categorisation of cloud-based services and inheritance | Workload Categorisation |
|
|
168
|
+
| [SSC-BROKER-1] | CA-SSC-BROKER | Cloud brokering steps and inherited ATO components | GC Cloud Brokering Service Path |
|
|
169
|
+
| [PRIV-ACT-1] | CA-PRIV-ACT | Privacy Act §8 routine-use authority for cross-border transfers | Cross-Border Transfer Analysis |
|
|
170
|
+
|
|
171
|
+
### Unreferenced Documents
|
|
172
|
+
|
|
173
|
+
[List any documents read during generation but not cited, or "None".]
|