{
  "name": "enterprise-incident-framework",
  "version": "2026-07-06",
  "objective": "Single structured incident model generating technical, security, executive, customer, status, regulatory, audit, and postmortem artifacts.",
  "coreFiles": [
    "README.md",
    "architecture.md",
    "data_model.md",
    "schemas/incident.schema.json",
    "schemas/database.sql",
    "schemas/openapi.yaml",
    "schemas/schema.graphql",
    "schemas/types.ts",
    "templates/templates.md",
    "examples/category-playbook-matrix.csv",
    "examples/aerialytic-prod-latest-data-integrity-incident.md"
  ],
  "generators": {
    "engineering": ["technical_report", "postmortem", "root_cause_analysis", "deployment_report", "rollback_report", "performance_report", "infrastructure_report"],
    "security": ["security_incident_report", "executive_security_summary", "soc_investigation", "threat_analysis", "ioc_report", "forensic_summary", "mitre_attack_mapping", "evidence_summary", "regulatory_notification_draft"],
    "executive": ["executive_summary", "business_impact", "financial_impact", "customer_impact", "risk_summary", "decision_summary", "action_item_summary"],
    "customer": ["initial_notice", "investigating_update", "identified_update", "mitigation_update", "monitoring_update", "resolution_notice", "final_postmortem", "faq", "known_issues", "customer_action_required"],
    "status_page": ["investigating", "identified", "monitoring", "resolved", "scheduled_maintenance", "maintenance_complete"],
    "internal": ["slack_update", "teams_update", "discord_update", "internal_email", "shift_handover", "incident_commander_update", "executive_notification"],
    "audit": ["audit_trail", "decision_log", "change_log", "chain_of_custody", "evidence_register"],
    "regulatory": ["gdpr", "pipeda", "pci_dss", "hipaa", "soc2", "iso27001", "nis2", "dora", "internal_audit"]
  },
  "supportedOutputFormats": ["markdown", "html", "pdf", "json", "csv", "plain_text", "rest_api", "graphql", "openapi", "typescript", "json_schema", "database_schema"],
  "designRules": [
    "Categories are taxonomy records, not schema enums.",
    "Lifecycle state changes are append-only transitions.",
    "Evidence is immutable by default and hash-verifiable.",
    "Customer and regulatory communications require approval gates.",
    "Generated reports must include source references and confidence where facts are uncertain.",
    "Security and reliability extensions coexist on one canonical incident object."
  ]
}

