AI Governance
Non-negotiable governance rules for all AI capabilities in AIIA.
Core Principles
| Principle | Enforcement |
|---|---|
| AI obeys RBAC | Permission check at AI Gateway before any retrieval or generation |
| No cross-role leakage | RAG filters by user's role and org permissions |
| Traceable outputs | Every AI response includes citations + confidence scores |
| Human approval required | AI = suggestion only; user must "Apply/Approve" |
| Full audit logging | AIRequest → AIResult → AuditLogEvent chain |
| Permission-aware retrieval | user_roles passed to RAG pipeline for filtering |
AI Gateway Flow
Audit Trail for AI
Every AI interaction creates three records:
| Record | Content |
|---|---|
AIRequest | User identity, prompt, context data, timestamp |
AIResult | AI response, citations, confidence, model used |
AuditLogEvent | Action=AI_ACTION, linking request to result |
IPPF Prompt Governance
AI prompts are governed assets:
- Versioned — each prompt has immutable version history
- Approved — changes require admin signoff
- Auditable — version changes are logged
- Methodology-aligned — IPPF overlays ensure professional standards
Permission-Aware Retrieval
The RAG pipeline respects user permissions:
- User's
rolesandorg_idextracted from JWT - Vector search filtered by accessible engagements
- Results limited to user-authorized data
- Citations reference only visible internal objects