generated from coulomb/repo-seed
674 lines
20 KiB
YAML
674 lines
20 KiB
YAML
schema: info-tech-canon.retrieval-index.v1
|
|
infospace: canon
|
|
item_count: 29
|
|
items:
|
|
- id: kernel/itc-core
|
|
kind: kernel
|
|
title: InfoTechCanon Core
|
|
canonical_path: kernel/InfoTechCanonCore.md
|
|
source_path: seeds/InfoTechCanonCore_RC1_seed.md
|
|
summary: 'Kernel artifact that defines canon structure or integration: InfoTechCanon
|
|
Core.'
|
|
owned_concepts:
|
|
- InfoTechCanon Core
|
|
imports: []
|
|
relationships: []
|
|
warnings: []
|
|
- id: kernel/itc-kernel-map
|
|
kind: kernel
|
|
title: InfoTechCanon Kernel Map
|
|
canonical_path: kernel/InfoTechCanonKernelMap.md
|
|
source_path: seeds/InfoTechCanonKernelMap_RC1.md
|
|
summary: 'Kernel artifact that defines canon structure or integration: InfoTechCanon
|
|
Kernel Map.'
|
|
owned_concepts:
|
|
- InfoTechCanon Kernel Map
|
|
imports: []
|
|
relationships:
|
|
- type: maps
|
|
target: kernel/itc-core
|
|
- type: maps
|
|
target: model/information-space
|
|
- type: maps
|
|
target: model/landscape
|
|
- type: maps
|
|
target: model/organization
|
|
- type: maps
|
|
target: model/governance
|
|
- type: maps
|
|
target: model/task
|
|
- type: maps
|
|
target: model/access-control
|
|
- type: maps
|
|
target: model/security
|
|
- type: maps
|
|
target: model/data
|
|
- type: maps
|
|
target: model/devsecops
|
|
- type: maps
|
|
target: model/network
|
|
- type: maps
|
|
target: model/observability
|
|
- type: maps
|
|
target: standard/tagging
|
|
- type: maps
|
|
target: standard/caring
|
|
warnings: []
|
|
- id: model/access-control
|
|
kind: model
|
|
title: InfoTechCanon Access Control Model
|
|
canonical_path: models/access-control/InfoTechCanonAccessControlModel.md
|
|
source_path: seeds/InfoTechCanonAccessControlModel_RC1_seed.md
|
|
summary: 'Domain model used by canon profiles and standards: InfoTechCanon Access
|
|
Control Model.'
|
|
owned_concepts:
|
|
- InfoTechCanon Access Control Model
|
|
imports:
|
|
- kernel/itc-core
|
|
- model/governance
|
|
- model/organization
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
- type: uses
|
|
target: model/organization
|
|
- type: uses
|
|
target: model/governance
|
|
warnings: []
|
|
- id: model/data
|
|
kind: model
|
|
title: InfoTechCanon Data Model
|
|
canonical_path: models/data/InfoTechCanonDataModel.md
|
|
source_path: seeds/InfoTechCanonDataModel_RC1_seed.md
|
|
summary: 'Domain model used by canon profiles and standards: InfoTechCanon Data
|
|
Model.'
|
|
owned_concepts:
|
|
- InfoTechCanon Data Model
|
|
imports:
|
|
- kernel/itc-core
|
|
- model/governance
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
- type: uses
|
|
target: model/governance
|
|
warnings: []
|
|
- id: model/devsecops
|
|
kind: model
|
|
title: InfoTechCanon DevSecOps Model
|
|
canonical_path: models/devsecops/InfoTechCanonDevSecOpsModel.md
|
|
source_path: seeds/InfoTechCanonDevSecOpsModel_RC1_seed.md
|
|
summary: 'Domain model used by canon profiles and standards: InfoTechCanon DevSecOps
|
|
Model.'
|
|
owned_concepts:
|
|
- InfoTechCanon DevSecOps Model
|
|
imports:
|
|
- kernel/itc-core
|
|
- model/security
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
- type: uses
|
|
target: model/security
|
|
warnings: []
|
|
- id: model/governance
|
|
kind: model
|
|
title: InfoTechCanon Governance Model
|
|
canonical_path: models/governance/InfoTechCanonGovernanceModel.md
|
|
source_path: seeds/InfoTechCanonGovernanceModel_RC1_seed.md
|
|
summary: 'Domain model used by canon profiles and standards: InfoTechCanon Governance
|
|
Model.'
|
|
owned_concepts:
|
|
- InfoTechCanon Governance Model
|
|
imports:
|
|
- kernel/itc-core
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
warnings: []
|
|
- id: model/information-space
|
|
kind: model
|
|
title: InfoTechCanon Information Space Model
|
|
canonical_path: models/information-space/InfoTechCanonInformationSpaceModel.md
|
|
source_path: seeds/InfoTechCanonInformationSpaceModel_RC1_seed.md
|
|
summary: 'Domain model used by canon profiles and standards: InfoTechCanon Information
|
|
Space Model.'
|
|
owned_concepts:
|
|
- InfoTechCanon Information Space Model
|
|
imports:
|
|
- kernel/itc-core
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
warnings: []
|
|
- id: model/landscape
|
|
kind: model
|
|
title: InfoTechCanon Landscape Model
|
|
canonical_path: models/landscape/InfoTechCanonLandscapeModel.md
|
|
source_path: seeds/InfoTechCanonLandscapeModel_RC1_seed.md
|
|
summary: 'Domain model used by canon profiles and standards: InfoTechCanon Landscape
|
|
Model.'
|
|
owned_concepts:
|
|
- InfoTechCanon Landscape Model
|
|
imports:
|
|
- kernel/itc-core
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
warnings: []
|
|
- id: model/network
|
|
kind: model
|
|
title: InfoTechCanon Network Model
|
|
canonical_path: models/network/InfoTechCanonNetworkModel.md
|
|
source_path: seeds/InfoTechCanonNetworkModel_RC1_seed.md
|
|
summary: 'Domain model used by canon profiles and standards: InfoTechCanon Network
|
|
Model.'
|
|
owned_concepts:
|
|
- InfoTechCanon Network Model
|
|
imports:
|
|
- kernel/itc-core
|
|
- model/security
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
- type: uses
|
|
target: model/security
|
|
warnings: []
|
|
- id: model/observability
|
|
kind: model
|
|
title: InfoTechCanon Observability Model
|
|
canonical_path: models/observability/InfoTechCanonObservabilityModel.md
|
|
source_path: seeds/InfoTechCanonObservabilityModel_RC1_seed.md
|
|
summary: 'Domain model used by canon profiles and standards: InfoTechCanon Observability
|
|
Model.'
|
|
owned_concepts:
|
|
- InfoTechCanon Observability Model
|
|
imports:
|
|
- kernel/itc-core
|
|
- model/task
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
- type: uses
|
|
target: model/task
|
|
warnings: []
|
|
- id: model/organization
|
|
kind: model
|
|
title: InfoTechCanon Organization Model
|
|
canonical_path: models/organization/InfoTechCanonOrganizationModel.md
|
|
source_path: seeds/InfoTechCanonOrganizationModel_RC1_seed.md
|
|
summary: 'Domain model used by canon profiles and standards: InfoTechCanon Organization
|
|
Model.'
|
|
owned_concepts:
|
|
- InfoTechCanon Organization Model
|
|
imports:
|
|
- kernel/itc-core
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
warnings: []
|
|
- id: model/security
|
|
kind: model
|
|
title: InfoTechCanon Security Model
|
|
canonical_path: models/security/InfoTechCanonSecurityModel.md
|
|
source_path: seeds/InfoTechCanonSecurityModel_RC1_seed.md
|
|
summary: 'Domain model used by canon profiles and standards: InfoTechCanon Security
|
|
Model.'
|
|
owned_concepts:
|
|
- InfoTechCanon Security Model
|
|
imports:
|
|
- kernel/itc-core
|
|
- model/access-control
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
- type: uses
|
|
target: model/access-control
|
|
warnings: []
|
|
- id: model/task
|
|
kind: model
|
|
title: InfoTechCanon Task Model
|
|
canonical_path: models/task/InfoTechCanonTaskModel.md
|
|
source_path: seeds/InfoTechCanonTaskModel_RC1_seed.md
|
|
summary: 'Domain model used by canon profiles and standards: InfoTechCanon Task
|
|
Model.'
|
|
owned_concepts:
|
|
- InfoTechCanon Task Model
|
|
imports:
|
|
- kernel/itc-core
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
warnings: []
|
|
- id: profile/small-saas
|
|
kind: profile
|
|
title: Small SaaS System Profile
|
|
canonical_path: profiles/small-saas/profile.yaml
|
|
source_path: infospace/profiles/small-saas/profile.yaml
|
|
summary: 'Profile that constrains canon artifacts for a practical implementation
|
|
slice: Small SaaS System Profile.'
|
|
owned_concepts:
|
|
- Small SaaS System Profile
|
|
imports:
|
|
- kernel/itc-core
|
|
- model/access-control
|
|
- model/data
|
|
- model/devsecops
|
|
- model/governance
|
|
- model/landscape
|
|
- model/network
|
|
- model/observability
|
|
- model/organization
|
|
- model/security
|
|
- model/task
|
|
- standard/caring
|
|
- standard/tagging
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
- type: requires
|
|
target: model/landscape
|
|
- type: requires
|
|
target: model/organization
|
|
- type: requires
|
|
target: model/governance
|
|
- type: requires
|
|
target: model/access-control
|
|
- type: requires
|
|
target: model/security
|
|
- type: requires
|
|
target: model/data
|
|
- type: requires
|
|
target: model/devsecops
|
|
- type: requires
|
|
target: model/network
|
|
- type: requires
|
|
target: model/observability
|
|
- type: requires
|
|
target: model/task
|
|
- type: requires
|
|
target: standard/tagging
|
|
- type: requires
|
|
target: standard/caring
|
|
warnings: []
|
|
- id: small-saas/control/namespace-per-tenant
|
|
kind: profile-artifact
|
|
title: Namespace Per Tenant Control
|
|
canonical_path: profiles/small-saas/artifacts/control.namespace-per-tenant.yaml
|
|
source_path: profiles/small-saas/artifacts/control.namespace-per-tenant.yaml
|
|
summary: 'Example artifact for the small-saas profile: Namespace Per Tenant Control.'
|
|
owned_concepts:
|
|
- Namespace Per Tenant Control
|
|
imports:
|
|
- model/security
|
|
- standard/caring
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/security
|
|
- type: uses
|
|
target: standard/caring
|
|
- type: evidenced_by
|
|
target: small-saas/evidence/access-review-2026-05
|
|
warnings: []
|
|
- id: small-saas/dataset/subscription-ledger
|
|
kind: profile-artifact
|
|
title: Subscription Ledger Dataset
|
|
canonical_path: profiles/small-saas/artifacts/dataset.subscription-ledger.yaml
|
|
source_path: profiles/small-saas/artifacts/dataset.subscription-ledger.yaml
|
|
summary: 'Example artifact for the small-saas profile: Subscription Ledger Dataset.'
|
|
owned_concepts:
|
|
- Subscription Ledger Dataset
|
|
imports:
|
|
- model/data
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/data
|
|
- type: owned_by
|
|
target: small-saas/service/billing-portal
|
|
- type: partitioned_for
|
|
target: small-saas/tenant/acme
|
|
- type: partitioned_for
|
|
target: small-saas/tenant/globex
|
|
- type: governed_by
|
|
target: small-saas/policy/tenant-isolation
|
|
warnings: []
|
|
- id: small-saas/deployment/production
|
|
kind: profile-artifact
|
|
title: Production Deployment
|
|
canonical_path: profiles/small-saas/artifacts/deployment.production.yaml
|
|
source_path: profiles/small-saas/artifacts/deployment.production.yaml
|
|
summary: 'Example artifact for the small-saas profile: Production Deployment.'
|
|
owned_concepts:
|
|
- Production Deployment
|
|
imports:
|
|
- model/devsecops
|
|
- model/network
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/devsecops
|
|
- type: uses
|
|
target: model/network
|
|
- type: deploys
|
|
target: small-saas/service/billing-portal
|
|
- type: separates
|
|
target: small-saas/tenant/acme
|
|
- type: separates
|
|
target: small-saas/tenant/globex
|
|
- type: implements
|
|
target: small-saas/control/namespace-per-tenant
|
|
warnings: []
|
|
- id: small-saas/evidence/access-review-2026-05
|
|
kind: profile-artifact
|
|
title: Access Review 2026-05
|
|
canonical_path: profiles/small-saas/artifacts/evidence.access-review-2026-05.yaml
|
|
source_path: profiles/small-saas/artifacts/evidence.access-review-2026-05.yaml
|
|
summary: 'Example artifact for the small-saas profile: Access Review 2026-05.'
|
|
owned_concepts:
|
|
- Access Review 2026-05
|
|
imports:
|
|
- model/observability
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/observability
|
|
warnings: []
|
|
- id: small-saas/incident/cross-tenant-access-attempt
|
|
kind: profile-artifact
|
|
title: Cross-Tenant Access Attempt
|
|
canonical_path: profiles/small-saas/artifacts/incident.cross-tenant-access-attempt.yaml
|
|
source_path: profiles/small-saas/artifacts/incident.cross-tenant-access-attempt.yaml
|
|
summary: 'Example artifact for the small-saas profile: Cross-Tenant Access Attempt.'
|
|
owned_concepts:
|
|
- Cross-Tenant Access Attempt
|
|
imports:
|
|
- model/security
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/security
|
|
- type: constrained_by
|
|
target: small-saas/control/namespace-per-tenant
|
|
- type: evidenced_by
|
|
target: small-saas/evidence/access-review-2026-05
|
|
warnings: []
|
|
- id: small-saas/policy/tenant-isolation
|
|
kind: profile-artifact
|
|
title: Tenant Isolation Policy
|
|
canonical_path: profiles/small-saas/artifacts/policy.tenant-isolation.yaml
|
|
source_path: profiles/small-saas/artifacts/policy.tenant-isolation.yaml
|
|
summary: 'Example artifact for the small-saas profile: Tenant Isolation Policy.'
|
|
owned_concepts:
|
|
- Tenant Isolation Policy
|
|
imports:
|
|
- model/governance
|
|
- small-saas/control/namespace-per-tenant
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/governance
|
|
- type: requires
|
|
target: small-saas/control/namespace-per-tenant
|
|
- type: evidenced_by
|
|
target: small-saas/evidence/access-review-2026-05
|
|
warnings: []
|
|
- id: small-saas/service/billing-portal
|
|
kind: profile-artifact
|
|
title: Billing Portal Service
|
|
canonical_path: profiles/small-saas/artifacts/service.billing-portal.yaml
|
|
source_path: profiles/small-saas/artifacts/service.billing-portal.yaml
|
|
summary: 'Example artifact for the small-saas profile: Billing Portal Service.'
|
|
owned_concepts:
|
|
- Billing Portal Service
|
|
imports:
|
|
- model/landscape
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/landscape
|
|
- type: part_of
|
|
target: small-saas/system/billing-system
|
|
- type: owned_by
|
|
target: small-saas/team/platform
|
|
warnings: []
|
|
- id: small-saas/system/billing-system
|
|
kind: profile-artifact
|
|
title: Small SaaS Billing System
|
|
canonical_path: profiles/small-saas/artifacts/system.billing-system.yaml
|
|
source_path: profiles/small-saas/artifacts/system.billing-system.yaml
|
|
summary: 'Example artifact for the small-saas profile: Small SaaS Billing System.'
|
|
owned_concepts:
|
|
- Small SaaS Billing System
|
|
imports:
|
|
- model/landscape
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/landscape
|
|
- type: serves
|
|
target: small-saas/tenant/acme
|
|
- type: serves
|
|
target: small-saas/tenant/globex
|
|
warnings: []
|
|
- id: small-saas/task/onboard-tenant
|
|
kind: profile-artifact
|
|
title: Onboard Tenant
|
|
canonical_path: profiles/small-saas/artifacts/task.onboard-tenant.yaml
|
|
source_path: profiles/small-saas/artifacts/task.onboard-tenant.yaml
|
|
summary: 'Example artifact for the small-saas profile: Onboard Tenant.'
|
|
owned_concepts:
|
|
- Onboard Tenant
|
|
imports:
|
|
- model/task
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/task
|
|
- type: owned_by
|
|
target: small-saas/team/platform
|
|
- type: changes
|
|
target: small-saas/tenant/acme
|
|
- type: governed_by
|
|
target: small-saas/policy/tenant-isolation
|
|
warnings: []
|
|
- id: small-saas/team/platform
|
|
kind: profile-artifact
|
|
title: Platform Team
|
|
canonical_path: profiles/small-saas/artifacts/team.platform.yaml
|
|
source_path: profiles/small-saas/artifacts/team.platform.yaml
|
|
summary: 'Example artifact for the small-saas profile: Platform Team.'
|
|
owned_concepts:
|
|
- Platform Team
|
|
imports:
|
|
- model/organization
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/organization
|
|
warnings: []
|
|
- id: small-saas/tenant/acme
|
|
kind: profile-artifact
|
|
title: Acme Tenant
|
|
canonical_path: profiles/small-saas/artifacts/tenant.acme.yaml
|
|
source_path: profiles/small-saas/artifacts/tenant.acme.yaml
|
|
summary: 'Example artifact for the small-saas profile: Acme Tenant.'
|
|
owned_concepts:
|
|
- Acme Tenant
|
|
imports:
|
|
- model/organization
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/organization
|
|
- type: represented_by
|
|
target: small-saas/user/ada-admin
|
|
- type: isolated_by
|
|
target: small-saas/control/namespace-per-tenant
|
|
warnings: []
|
|
- id: small-saas/tenant/globex
|
|
kind: profile-artifact
|
|
title: Globex Tenant
|
|
canonical_path: profiles/small-saas/artifacts/tenant.globex.yaml
|
|
source_path: profiles/small-saas/artifacts/tenant.globex.yaml
|
|
summary: 'Example artifact for the small-saas profile: Globex Tenant.'
|
|
owned_concepts:
|
|
- Globex Tenant
|
|
imports:
|
|
- model/organization
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/organization
|
|
- type: isolated_by
|
|
target: small-saas/control/namespace-per-tenant
|
|
warnings: []
|
|
- id: small-saas/user/ada-admin
|
|
kind: profile-artifact
|
|
title: Ada Admin
|
|
canonical_path: profiles/small-saas/artifacts/user.ada-admin.yaml
|
|
source_path: profiles/small-saas/artifacts/user.ada-admin.yaml
|
|
summary: 'Example artifact for the small-saas profile: Ada Admin.'
|
|
owned_concepts:
|
|
- Ada Admin
|
|
imports:
|
|
- model/access-control
|
|
- model/organization
|
|
relationships:
|
|
- type: instantiates
|
|
target: profile/small-saas
|
|
- type: uses
|
|
target: model/organization
|
|
- type: uses
|
|
target: model/access-control
|
|
- type: member_of
|
|
target: small-saas/team/platform
|
|
- type: has_access_under
|
|
target: small-saas/policy/tenant-isolation
|
|
- type: access_evidenced_by
|
|
target: small-saas/evidence/access-review-2026-05
|
|
warnings: []
|
|
- id: standard/caring
|
|
kind: standard
|
|
title: InfoTechCanon CARING Access Governance Standard
|
|
canonical_path: standards/caring/InfoTechCanonCaringAccessGovernanceStandard.md
|
|
source_path: seeds/InfoTechCanonCaringAccessGovernanceStandard.md
|
|
summary: 'Cross-cutting canon standard: InfoTechCanon CARING Access Governance Standard.'
|
|
owned_concepts:
|
|
- CARINGAccessDescriptor
|
|
- CARINGAnalysisFitnessTest
|
|
- CARINGAnalysisProcedure
|
|
- CARINGCanonicalRole
|
|
- CARINGCapabilityProfile
|
|
- CARINGDeclaredAccessMap
|
|
- CARINGDerivedCapability
|
|
- CARINGEffectiveAccessMap
|
|
- CARINGExposureEvent
|
|
- CARINGExposureMode
|
|
- CARINGInducedAccess
|
|
- CARINGOrganizationRelation
|
|
- CARINGPlane
|
|
- CARINGRedesignProcedure
|
|
- CARINGRestrictionPrecedence
|
|
- InfoTechCanon CARING Access Governance Standard
|
|
imports:
|
|
- kernel/itc-core
|
|
- model/access-control
|
|
- model/data
|
|
- model/devsecops
|
|
- model/governance
|
|
- model/network
|
|
- model/observability
|
|
- model/organization
|
|
- model/security
|
|
- model/task
|
|
- standard/tagging
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
- type: imports
|
|
target: model/organization
|
|
- type: imports
|
|
target: model/governance
|
|
- type: imports
|
|
target: model/access-control
|
|
- type: imports
|
|
target: model/security
|
|
- type: imports
|
|
target: model/data
|
|
- type: imports
|
|
target: model/devsecops
|
|
- type: imports
|
|
target: model/network
|
|
- type: imports
|
|
target: model/observability
|
|
- type: imports
|
|
target: model/task
|
|
- type: imports
|
|
target: standard/tagging
|
|
warnings: []
|
|
- id: standard/tagging
|
|
kind: standard
|
|
title: InfoTechCanon Tagging Standard
|
|
canonical_path: standards/tagging/InfoTechCanonTaggingStandard.md
|
|
source_path: seeds/InfoTechCanonTaggingStandard_RC1_seed.md
|
|
summary: 'Cross-cutting canon standard: InfoTechCanon Tagging Standard.'
|
|
owned_concepts:
|
|
- InfoTechCanon Tagging Standard
|
|
imports:
|
|
- kernel/itc-core
|
|
- model/task
|
|
relationships:
|
|
- type: conforms_to
|
|
target: kernel/itc-core
|
|
- type: imports
|
|
target: model/task
|
|
warnings: []
|
|
common_distinctions:
|
|
- id: actor-subject-principal
|
|
title: Actor vs Subject vs Principal
|
|
summary: Use actor for the acting entity in a context, subject for the entity a
|
|
policy evaluates, and principal for the authenticated identity bound to access
|
|
decisions.
|
|
source_artifacts:
|
|
- model/organization
|
|
- model/access-control
|
|
- standard/caring
|
|
- id: organization-role-access-role-caring-role
|
|
title: Organization Role vs AccessRole vs CARING role
|
|
summary: Organization roles describe responsibility or position; access roles describe
|
|
permissions; CARING roles classify access-governance needs and analysis.
|
|
source_artifacts:
|
|
- model/organization
|
|
- model/access-control
|
|
- standard/caring
|
|
- id: policy-control-evidence
|
|
title: Policy vs Control vs Evidence
|
|
summary: Policy states intent or rule, control implements or enforces that rule,
|
|
and evidence records why the claim should be trusted.
|
|
source_artifacts:
|
|
- model/governance
|
|
- model/security
|
|
- model/observability
|
|
- id: intent-scope-purpose
|
|
title: Intent vs Scope vs Purpose
|
|
summary: Intent captures why an actor wants something, scope bounds what is included,
|
|
and purpose captures consumer demand or use case pressure on the repo.
|
|
source_artifacts:
|
|
- kernel/itc-core
|
|
- model/governance
|
|
- profile/small-saas
|