Add missing _index.org files for 7 sections: stages, ai-agents-scoping, compliance, impact, social-protocol, verification, resources — rebuild clean after file reorganization

2026-06-03 21:50:01 +00:00
parent ac99eed182
commit 9b795df14e
79 changed files with 156 additions and 77 deletions
--- a/projects/passepartout/strategy/compliance/compliance-regimes/ny-dfs-500.org
+++ b/projects/passepartout/strategy/compliance/compliance-regimes/ny-dfs-500.org
@@ -0,0 +1,27 @@
+:PROPERTIES:
+:ID:       581666ba-f72c-406b-8556-93876d2b30bf
+:ID:       auto-ny-dfs-500
+:CREATED:  [2026-05-23 Sat]
+:END:
+#+title: NY DFS 500 (New York Cybersecurity Regulation)
+#+filetags: :passepartout:compliance:framework:ny:
+
+
+** NY DFS 500 (23 NYCRR 500)
+
+New York State Department of Financial Services cybersecurity regulation for
+financial services. The most aggressive US state-level financial cybersecurity
+rule. Requires: risk assessment, penetration testing, multi-factor authentication,
+incident response plan, annual certification of compliance by the board.
+
+Who must comply: Any entity regulated by NY DFS — banks, insurers, mortgage
+brokers, virtual currency companies operating in New York. ~3,000 institutions.
+
+Penalties: $200K-$1M per violation; business license revocation possible.
+
+Why it matters: The annual board certification requirement creates demand for
+verifiable evidence of control effectiveness — exactly what the gate stack
+produces. First-mover advantage is significant (few vendors target NY DFS 500
+specifically) and the regulation is a template that other states are adopting.
+
+Part of the [[id:e4a7b3d2-1c9f-4b6e-8a2d-5f3c7e1b9a0c][compliance framework index]].