# IAIFoundation.com — Policy Engine Foundation

## Policy domains

- Actor policy
- Budget policy
- Action policy
- Timing policy
- Device policy
- Geography policy
- Risk policy
- Proof policy

## Required policy outcomes

- allow
- deny
- require approval
- require proof
- require delay
- require manual review

## Safety principles

1. Deny by default for unknown action classes
2. Sensitive device actions always require stricter rules
3. AI never receives unlimited authority
4. Payment release cannot rely on model text alone
5. Proof requirements must be explicit
6. Emergency stop must be available for active runs