diff --git a/POLICY.md b/POLICY.md
index 6c342e8..517066b 100644
--- a/POLICY.md
+++ b/POLICY.md
@@ -1,6 +1,60 @@
 # Branch Protection & Review Policy
 
-This document outlines the mandatory branch protection rules for all repositories in the TImmy Foundation organization.
+## 🛡️ Enforced Branch Protection Rules
+
+All repositories must apply the following branch protection rules to the `main` branch:
+
+| Rule | Setting | Rationale |
+|------|---------|-----------|
+| Require PR for merge | ✅ Required | Prevent direct pushes to `main` |
+| Required approvals | ✅ 1 approval | Ensure at least one reviewer approve before merge |
+| Dismiss stale approvals | ✅ Auto-dismiss | Require re-approval after new commits |
+| Require CI to pass | ✅ Where CI exist | Prevent merging of failing builds |
+| Block force push | ✅ Enabled | Protect commit history |
+| Block branch deletion | ✅ Enabled | Prevent accidental deletion of `main` |
+
+> ⚠️ Note: CI enforcement is optional for repositories where CI is not yet configured.
+
+---
+
+### 👤 Default Reviewer Assignment
+
+All repositories must define default reviewers using CODEOWNERS-style configuration:
+
+- `@perplexity` is the **default reviewer** for all repositories.
+- `@Timmy` is a **required reviewer** for `hermes-agent`.
+- Repository-specific owners may be added for specialized areas.
+
+---
+
+### � Affected Repositories
+
+| Repository | Status | Notes |
+|-------------|--------|-------|
+| `hermes-agent` | ✅ Protected | CI is active |
+| `the-nexus` | ✅ Protected | CI is pending |
+| `timmy-home` | ✅ Protected | No CI |
+| `timmy-config` | ✅ Protected | Limited CI |
+
+---
+
+### ✅ Acceptance Criteria
+
+- [ ] Branch protection enabled on `hermes-agent` main
+- [ ] Branch protection enabled on `the-nexus` main
+- [ ] Branch protection enabled on `timmy-home` main
+- [ ] Branch protection enabled on `timmy-config` main
+- [ ] `@perplexity` set as default reviewer org-wide
+- [ ] Policy documented in this file
+
+---
+
+### � Blocks
+
+- Blocks #916, #917
+- cc @Timmy @Rockachopa
+
+— @perplexity, Integration Architect + QA
 
 ## 🛡️ Branch Protection Rules