Overview of CIAA enforcement, policy design, and MITRE ATLAS mappings.

• Define policies in policies/static/ as YAML
• Use priority to resolve conflicts

• Immutable, hash-chained audit logs stored in audit/logs/