Skip to main content

Compliance Policy Catalog & Forking Contracts

ADR-0015 accepts the compliance policy catalog/forking contract. OP-038R implements the first runtime for baseline policy reads, tenant-managed forks, optimistic updates, immutable version history, audit, lifecycle events, and a read-only console surface. Visual editors, diff views, bulk operations, approval workflows, and deployment changes remain out of scope.

Catalog Scope

Phase 1 targets 25-30 starter policies:

  • SOC 2: 12-15
  • HIPAA: 6-8
  • GLBA: 6-8

Ownership

  • oneprotect_managed: read-only baseline managed by OneProtect.
  • tenant_managed: tenant-owned fork of a baseline policy.

Tenant forks keep baseline lineage, their own version history, and apply to tenant evidence, reporting, and future exports.

Events

  • compliance.policy.forked
  • compliance.policy.updated
  • compliance.policy.version_created

API Surfaces

  • GET /api/v1/compliance/policies
  • GET /api/v1/compliance/policies/{policy_id}
  • POST /api/v1/compliance/policies/{policy_id}/fork
  • PATCH /api/v1/compliance/policies/{policy_id}
  • GET /api/v1/compliance/policies/{policy_id}/versions

Updates require optimistic expected_version conflict control.

Runtime Notes

  • OneProtect-managed baseline policies seed from existing SOC 2, HIPAA, and GLBA control catalog rows.
  • Tenant-managed forks are tenant-owned rows protected by RLS.
  • Each accepted update creates an immutable tenant policy version.
  • Operators and auditors can read policy summaries; tenant admins and system admins can fork or update tenant-managed policies.

References

  • docs/adr/ADR-0015-compliance-policy-catalog-forking.md
  • docs/architecture/compliance-policy-catalog-forking-contracts.md
  • specs/events/compliance.policy.forked.v1.schema.json
  • specs/events/compliance.policy.updated.v1.schema.json
  • specs/events/compliance.policy.version_created.v1.schema.json
  • specs/openapi.yaml
  • specs/asyncapi.yaml