{"success":true,"filters":{"role":"product","firstWedge":null,"scope":null,"action":null,"search":null},"summary":{"profiles":1,"firstWedgeRole":null,"controls":7,"toolRules":3,"blockActions":1,"managerReviewActions":4,"auditFields":12},"profiles":[{"id":"role-policy-enforcement-product","role":"product","roleLabel":"Product","productLine":"AIducation for Product Managers","firstWedge":false,"academyPath":"/ai-training/product","enforcementName":"Product AI Policy Enforcement Matrix","owner":"Department manager, IT, and enablement","reviewCadence":"Monthly or on policy change","controls":[{"id":"enforce-product-approved_tool_catalog","scope":"tool","controlType":"approved_tool_catalog","rule":"Learners use only approved AI tools for the role, data type, and workflow.","action":"admin_approval","trigger":"Learner selects an unapproved or restricted AI tool.","evidenceRequired":["Tool mission completion linked to approved-tool status.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-product-data_handling","scope":"data","controlType":"data_handling","rule":"Sensitive customer, employee, financial, legal, health, or code context is minimized or removed before AI use.","action":"block","trigger":"Learner or workflow attempts to use blocked sensitive data.","evidenceRequired":["Scenario answer identifies data risk and safe handling step.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-product-verification","scope":"verification","controlType":"verification","rule":"AI output must be checked against source material, calculations, policy, or code paths before reuse.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Verification checklist and final artifact show what was checked.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-product-escalation","scope":"verification","controlType":"escalation","rule":"Learners escalate when authority, compliance, security, privacy, or quality risk remains unclear.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Rubric result shows correct escalation or manager approval path.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-product-misuse_reporting","scope":"misuse","controlType":"misuse_reporting","rule":"Learners know how to report risky prompts, unsafe outputs, unauthorized automations, or policy exceptions.","action":"report_misuse","trigger":"Risk signal appears in prompt, output, tool, workflow, or final artifact.","evidenceRequired":["Misuse reporting simulation and manager-ready risk note.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-product-prompt_library","scope":"prompt","controlType":"prompt_library","rule":"Learners start from approved prompt templates instead of ad hoc prompts for high-risk workflows.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Prompt template artifact saved to the learner portfolio.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]},{"id":"enforce-product-workflow_library","scope":"workflow","controlType":"workflow_library","rule":"Repeatable AI workflows include ownership, inputs, output checks, and rollback or escalation paths.","action":"manager_review","trigger":"Required evidence or approval is missing.","evidenceRequired":["Workflow playbook artifact and capstone evidence trail.","Learner, role, team, and manager","Tool, prompt, workflow, data class, and final artifact"]}],"toolPolicy":[{"tool":"ChatGPT","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Claude","action":"allow","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]},{"tool":"Perplexity","action":"manager_review","allowedDataClasses":["Internal work context","Redacted examples","Approved source excerpts"],"blockedDataClasses":["Raw customer PII","employee records","financial account data","confidential contracts"]}],"approvedLibraries":{"prompts":["Product role prompt template"],"workflows":["Product AI Workflow Lab"]},"enforcementFlow":["Resolve learner role and department policy profile.","Check selected AI tool against approved tool catalog and data class.","Require approved prompt or workflow library item for governed workflows.","Block or escalate if data, tool, verification, or authority requirements fail.","Attach evidence to manager report, audit log, and export payload."],"exceptionWorkflow":["Capture exception reason, tool, workflow, data class, and expected business outcome.","Route to manager, admin, or compliance owner based on action severity.","Approve only with expiration, evidence fields, and remediation assignment.","Revoke or report misuse when exception evidence is missing or unsafe."],"auditFields":["policyEnforcementId","role","learnerId","teamId","tool","dataClass","promptLibraryId","workflowLibraryId","enforcementAction","exceptionStatus","managerId","auditTimestamp"],"exportTargets":["Governance center","Manager report","Evidence export center","Misuse reporting","Audit warehouse","Risk summary for the learner and team","Recommended remediation mission","Policy section to review"]}]}