diff --git a/apps/api/src/services/decision_manager.py b/apps/api/src/services/decision_manager.py
index 150040e9..319981b2 100644
--- a/apps/api/src/services/decision_manager.py
+++ b/apps/api/src/services/decision_manager.py
@@ -261,6 +261,32 @@ async def _push_decision_to_telegram(
                 system_impact=description[:150] if description else "",
                 probable_cause=reasoning[:100] if reasoning else "",
             )
+        elif _alert_category == "secops":
+            # TYPE-5S：資安事件 — 隔離/封鎖審核卡，發到個人 DM (ADR-075 Step-5)
+            # 2026-04-12 ogt (ADR-075 Step-5)
+            _labels = incident.signals[0].labels if incident.signals else {}
+            _threat_level = _labels.get("threat_level", risk_level)
+            tg_result = await gateway.send_secops_card(
+                incident_id=incident.incident_id,
+                approval_id=approval_id,
+                alertname=_alertname,
+                threat_level=_threat_level,
+                resource=target[:60],
+                threat_behavior=reasoning[:150] if reasoning else description[:150],
+            )
+        elif _alert_category == "business":
+            # TYPE-6B：業務/FinOps 資訊告警 — 發到 SRE 群組（無審核按鈕）(ADR-075 Step-5)
+            # 2026-04-12 ogt (ADR-075 Step-5)
+            _labels = incident.signals[0].labels if incident.signals else {}
+            _business_domain = _labels.get("business_domain", "finops")
+            tg_result = await gateway.send_business_alert(
+                incident_id=incident.incident_id,
+                alertname=_alertname,
+                business_domain=_business_domain,
+                metric_name=_labels.get("metric_name", _alertname),
+                current_value=_labels.get("value", "--"),
+                threshold=_labels.get("threshold", "--"),
+            )
         else:
             # TYPE-2 / TYPE-3 / TYPE-4 都走 send_approval_card（按鈕組合由 alert_category 決定）
             tg_result = await gateway.send_approval_card(