{"success":true,"filters":{"role":null,"firstWedge":null,"scope":null,"action":null,"search":null},"summary":{"profiles":15,"firstWedgeRole":"support","controls":105,"toolRules":56,"blockActions":15,"managerReviewActions":60,"auditFields":12},"profiles":[{"id":"role-policy-enforcement-support","role":"support","roleLabel":"Support","productLine":"AIducation for Support","firstWedge":true,"academyPath":"/ai-training/support","enforcementName":"Support AI Policy Enforcement Matrix","owner":"Support enablement, IT, and compliance","reviewCadence":"Weekly during pilot, monthly after rollout","controls":[{"id":"enforce-support-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-support-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-support-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-support-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-support-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-support-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-support-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Microsoft Copilot","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Support role prompt template"],"workflows":["Support AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-sales","role":"sales","roleLabel":"Sales","productLine":"AIducation for Sales","firstWedge":false,"academyPath":"/ai-training/sales","enforcementName":"Sales AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-sales-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-sales-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-sales-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-sales-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-sales-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-sales-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-sales-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Perplexity","action":"manager_review","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Sales role prompt template"],"workflows":["Sales AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-marketing","role":"marketing","roleLabel":"Marketing","productLine":"AIducation for Marketing","firstWedge":false,"academyPath":"/ai-training/marketing","enforcementName":"Marketing AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-marketing-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-marketing-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-marketing-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-marketing-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-marketing-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-marketing-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-marketing-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Gemini","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Midjourney","action":"manager_review","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Marketing role prompt template"],"workflows":["Marketing AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-hr","role":"hr","roleLabel":"HR","productLine":"AIducation for HR","firstWedge":false,"academyPath":"/ai-training/hr","enforcementName":"HR AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-hr-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-hr-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-hr-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-hr-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-hr-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-hr-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-hr-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Gemini","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Microsoft Copilot","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["HR role prompt template"],"workflows":["HR AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-finance","role":"finance","roleLabel":"Finance","productLine":"AIducation for Finance","firstWedge":false,"academyPath":"/ai-training/finance","enforcementName":"Finance AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-finance-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-finance-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-finance-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-finance-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-finance-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-finance-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-finance-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Microsoft Copilot","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Excel AI","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Finance role prompt template"],"workflows":["Finance AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-engineering","role":"engineering","roleLabel":"Engineering","productLine":"AIducation for Engineering","firstWedge":false,"academyPath":"/ai-training/engineering","enforcementName":"Engineering AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-engineering-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-engineering-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-engineering-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-engineering-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-engineering-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-engineering-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-engineering-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Microsoft Copilot","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Cursor","action":"admin_approval","allowedDataClasses":["Redacted sensitive records only","Manager-approved samples","Sandbox credentials"],"blockedDataClasses":["Production credentials","unredacted regulated data","live customer actions","security secrets"]}],"approvedLibraries":{"prompts":["Engineering role prompt template"],"workflows":["Engineering AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-product","role":"product","roleLabel":"Product","productLine":"AIducation for Product Managers","firstWedge":false,"academyPath":"/ai-training/product","enforcementName":"Product AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-product-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-product-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-product-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-product-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-product-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-product-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-product-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Perplexity","action":"manager_review","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Product role prompt template"],"workflows":["Product AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-executives","role":"executives","roleLabel":"Executives","productLine":"AIducation for Executives","firstWedge":false,"academyPath":"/ai-training/executives","enforcementName":"Executives AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-executives-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-executives-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-executives-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-executives-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-executives-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-executives-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-executives-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Gemini","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Microsoft Copilot","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Executives role prompt template"],"workflows":["Executives AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-operations","role":"operations","roleLabel":"Operations","productLine":"AIducation for Operations","firstWedge":false,"academyPath":"/ai-training/operations","enforcementName":"Operations AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-operations-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-operations-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-operations-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-operations-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-operations-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-operations-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-operations-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Zapier","action":"admin_approval","allowedDataClasses":["Redacted sensitive records only","Manager-approved samples","Sandbox credentials"],"blockedDataClasses":["Production credentials","unredacted regulated data","live customer actions","security secrets"]},{"tool":"n8n","action":"admin_approval","allowedDataClasses":["Redacted sensitive records only","Manager-approved samples","Sandbox credentials"],"blockedDataClasses":["Production credentials","unredacted regulated data","live customer actions","security secrets"]}],"approvedLibraries":{"prompts":["Operations role prompt template"],"workflows":["Operations AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-students","role":"students","roleLabel":"Students","productLine":"AIducation for Students","firstWedge":false,"academyPath":"/ai-training/students","enforcementName":"Students AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-students-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-students-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-students-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-students-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-students-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-students-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-students-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Gemini","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Perplexity","action":"manager_review","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Students role prompt template"],"workflows":["Students AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-teachers","role":"teachers","roleLabel":"Teachers","productLine":"AIducation for Teachers","firstWedge":false,"academyPath":"/ai-training/teachers","enforcementName":"Teachers AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-teachers-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-teachers-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-teachers-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-teachers-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-teachers-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-teachers-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-teachers-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Gemini","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Microsoft Copilot","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Teachers role prompt template"],"workflows":["Teachers AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-government","role":"government","roleLabel":"Government","productLine":"AIducation for Government","firstWedge":false,"academyPath":"/ai-training/government","enforcementName":"Government AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-government-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-government-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-government-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-government-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-government-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-government-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-government-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Gemini","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Microsoft Copilot","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Government role prompt template"],"workflows":["Government AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-healthcare-admin","role":"healthcare-admin","roleLabel":"Healthcare Admin","productLine":"AIducation for Healthcare Admin","firstWedge":false,"academyPath":"/ai-training/healthcare-admin","enforcementName":"Healthcare Admin AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-healthcare-admin-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-healthcare-admin-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-healthcare-admin-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-healthcare-admin-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-healthcare-admin-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-healthcare-admin-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-healthcare-admin-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Gemini","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Microsoft Copilot","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Healthcare Admin role prompt template"],"workflows":["Healthcare Admin AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-legal","role":"legal","roleLabel":"Legal","productLine":"AIducation for Legal Teams","firstWedge":false,"academyPath":"/ai-training/legal","enforcementName":"Legal AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-legal-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-legal-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-legal-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-legal-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-legal-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-legal-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-legal-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Microsoft Copilot","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Perplexity","action":"manager_review","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Legal role prompt template"],"workflows":["Legal AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]},{"id":"role-policy-enforcement-small-business","role":"small-business","roleLabel":"Small Business","productLine":"AIducation for Small Businesses","firstWedge":false,"academyPath":"/ai-training/small-business","enforcementName":"Small Business AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-small-business-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-small-business-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-small-business-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-small-business-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-small-business-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-small-business-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-small-business-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Gemini","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Small Business role prompt template"],"workflows":["Small Business AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]}]}