Legal pillar · v0.16.0
policy-doc PolicyDoc
Internal-policy record.
$id · https://corpospec.com/schemas/v0.16.0/policy-doc.schema.json
Fields
| Field | Type | Required | Description |
|---|---|---|---|
| approver | PathRef | yes | Approver (board / officer). |
| artefact_ref | PathRef | yes | Document artefact (PDF, MD, Notion). |
| attestation_required | boolean | yes | Whether explicit attestation is required (e.g. Code of Conduct). |
| audience | PolicyAudience | yes | Policy audience. |
| confidentiality | Confidentiality | yes | Cross-cutting confidentiality classification used across privacy, security, knowledge, IR pillars. Default rendering rule: `corpospec-report` excludes `Restricted | BoardOnly | InvestorOnly` records from public output unless an explicit audience parameter overrides. See BDR 0076 §1. |
| effective_from | IsoDate | yes | ISO 8601 date (YYYY-MM-DD). |
| entity | PathRef | yes | Path-based cross-reference relative to .corpospec/ root. Pattern: `^[a-z0-9_-]+(/[a-z0-9_.-]+)+$` |
| id | PathRef | yes | Path-based cross-reference relative to .corpospec/ root. Pattern: `^[a-z0-9_-]+(/[a-z0-9_.-]+)+$` |
| kind | PolicyDocKind | yes | Policy kind. |
| name | string | yes | |
| next_review_due | IsoDate | yes | ISO 8601 date (YYYY-MM-DD). |
| owner | PathRef | yes | Owner (single accountable). |
| review_cadence | string | yes | Review cadence (e.g. "P12M"). |
| status | PolicyDocStatus | yes | Policy lifecycle. |
| statutory_basis | string[] | yes | Statutory bases this policy implements (e.g. "AGG § 12", "ISO 27001:2022 A.5.1", "LkSG § 6 Abs. 2", "HinSchG § 15"). |
| version | Semver | yes | Semantic version string (MAJOR.MINOR.PATCH). |
| attestations | PolicyAttestation[] | — | Attestations by individuals. |
| audience_roles | PathRef[] | — | Roles in scope when audience == SpecificRole. |
| supersedes | PathRef[] | — | PathRefs to the previous superseded versions, in chronological order (oldest first). |
Definitions
Shared types referenced within this schema.
Confidentiality
Cross-cutting confidentiality classification used across privacy,
security, knowledge, IR pillars. Default rendering rule: `corpospec-report`
excludes `Restricted | BoardOnly | InvestorOnly` records from public output
unless an explicit audience parameter overrides. See BDR 0076 §1.
IsoDate
ISO 8601 date (YYYY-MM-DD).
type: string
PathRef
Path-based cross-reference relative to .corpospec/ root.
Pattern: `^[a-z0-9_-]+(/[a-z0-9_.-]+)+$`
pattern: ^[a-z0-9_-]+(/[a-z0-9_.-]+)+$
PolicyAttestation
Per-person attestation.
type: object
PolicyAudience
Policy audience.
PolicyDocKind
Policy kind.
PolicyDocStatus
Policy lifecycle.
enum: "draft", "in_review", "approved", "published", "superseded", "retired"
Semver
Semantic version string (MAJOR.MINOR.PATCH).
pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)$
Reference in your YAML
# yaml-language-server: $schema=https://corpospec.com/schemas/v0.16.0/policy-doc.schema.json