AI Governance Guide

Operanix Governance provides complete oversight, risk management, and compliance enforcement for your AI agent workforce. This guide covers all 10 governance tabs, the trust score formula, RBAC model, and approval chain workflows.

Governance is not optional in Operanix. Every agent action, knowledge update, and configuration change flows through the governance framework. This is how enterprises maintain control as they scale AI operations.

Tab 1: Trust Overview

The Trust Overview dashboard provides a real-time snapshot of your organization's AI governance posture. The centerpiece is the composite Trust Score, calculated across five dimensions.

5-Dimension Trust Score Formula

The trust score is a weighted composite ranging from 0 to 100:

Trust Score = (
    0.25 x Safety Score +
    0.25 x Accuracy Score +
    0.20 x Compliance Score +
    0.15 x Transparency Score +
    0.15 x Control Score
)

Dimension	Weight	Measures
Safety	25%	Violation rate, safety gate pass rate, PII leak incidents, harmful output count
Accuracy	25%	Groundedness score, hallucination rate, factual correctness on eval sets, user feedback rating
Compliance	20%	Policy adherence rate, audit findings, regulatory coverage, data retention compliance
Transparency	15%	Citation rate, source attribution coverage, explanation quality, audit trail completeness
Control	15%	Approval chain completion rate, RBAC coverage, human override frequency, escalation response time

Compliance Posture Levels

Level	Score Range	Status	Action Required
Exemplary	90–100	Green	Maintain current practices
Strong	75–89	Blue	Minor improvements recommended
Adequate	60–74	Yellow	Address flagged gaps within 30 days
At Risk	40–59	Orange	Immediate remediation plan required
Critical	0–39	Red	Agents paused until score improves above 40

When the trust score drops below 40 (Critical), all agents are automatically paused and require manual re-activation by a Governance Admin after remediation.

Tab 2: Risk & Violations

The Risk & Violations tab tracks every policy violation, safety incident, and risk event across your agent fleet.

Violation timeline — Chronological view of all violations with severity (low, medium, high, critical), affected agent, and triggering interaction.
Risk heatmap — Visual map showing risk concentration by agent, domain, and time period. Identifies patterns and recurring issues.
Incident details — Each violation links to the full conversation transcript, the policy rule that was triggered, the safety gate that caught it, and remediation status.
Trend analysis — Week-over-week and month-over-month violation trends with alerts when rates exceed configured thresholds.
Root cause tagging — Violations are categorized by root cause: knowledge gap, prompt injection attempt, hallucination, policy misconfiguration, or edge case.

Tab 3: Policy Health

The Policy Health tab monitors the effectiveness of your configured governance policies.

Policy inventory — Complete list of active policies with their scope (global, per-agent, per-domain), enforcement mode (block, warn, log), and last update date.
Coverage analysis — Identifies agents or domains not covered by any policy. Uncovered areas are flagged as governance gaps.
False positive rate — Tracks how often policies trigger incorrectly, blocking legitimate agent actions. High false-positive policies are flagged for tuning.
Policy versioning — Every policy change is versioned with a diff view. Roll back to any previous policy version instantly.

Tab 4: Approval Queue

The Approval Queue centralizes all pending governance decisions. Items that require human sign-off before proceeding appear here.

Knowledge publish approvals — New knowledge awaiting compliance sign-off before going live.
Agent deployment approvals — Agents that have passed evaluation but need governance approval for production deployment.
Policy exception requests — Requests to override a policy for a specific use case, with justification and time-limited scope.
Configuration changes — Changes to safety gates, RBAC roles, or compliance settings that require multi-party approval.
SLA tracking — Each approval item shows time-in-queue and escalation countdown. Items not acted on within the configured SLA auto-escalate.

Tab 5: Access Control (RBAC)

Operanix implements role-based access control with 8 predefined roles. Each role has granular permissions across agents, knowledge, governance, and platform settings.

8 RBAC Roles

Role	Scope	Key Permissions
Platform Owner	Global	Full access to all settings, billing, tenant management, and role assignments
Governance Admin	Global	Manage policies, safety gates, approval chains, compliance settings, and audit exports
Agent Manager	Assigned agents	Create, configure, deploy, and retire agents. Manage agent-level knowledge and schedules
Knowledge Editor	Assigned domains	Add, review, and approve knowledge sources. Manage the knowledge pipeline
Compliance Officer	Global (read) + compliance actions	Review compliance reports, approve regulated content, manage data retention, export audit logs
Analyst	Read-only analytics	View dashboards, reports, and metrics. No configuration or approval permissions
Operator	Assigned agents	Monitor agent performance, handle escalations, manage inbox. Cannot modify agent configuration
Viewer	Read-only	View agent status and basic metrics. No access to conversations, knowledge, or settings

Custom Roles

Enterprise plans can create custom roles by combining individual permissions. Custom roles support scope restrictions (limit to specific agents, teams, or departments) and time-limited access grants.

All role assignments and permission changes are logged in the audit trail. The system enforces separation of duties: the same user cannot hold both Agent Manager and Compliance Officer roles simultaneously.

Tab 6: Safety Gates

Safety gates are automated guardrails that evaluate every agent response before it reaches the end user. Gates run in sequence and any gate failure blocks the response.

Built-in Safety Gates

PII Detection Gate — Scans agent output for personally identifiable information using pattern matching and NER. Detects emails, phone numbers, SSNs, credit cards, addresses, and custom PII patterns.
Toxicity Gate — Evaluates output for harmful, offensive, or inappropriate content using a fine-tuned classifier. Configurable sensitivity threshold.
Hallucination Gate — Cross-references agent claims against retrieved knowledge chunks. Statements not grounded in source material are flagged with a groundedness score.
Topic Boundary Gate — Ensures agents stay within their assigned knowledge domains. Responses that venture outside the agent's scope are blocked and escalated.
Prompt Injection Gate — Detects and blocks prompt injection attempts in user input before they reach the agent's context window.
Regulatory Gate — Domain-specific gate for regulated industries. Checks for required disclaimers, prohibited claims, and mandatory disclosures.

Gate Configuration

{
  "gate": "pii_detection",
  "enabled": true,
  "mode": "block",
  "sensitivity": "high",
  "custom_patterns": [
    { "name": "employee_id", "regex": "EMP-\\d{6}" },
    { "name": "internal_code", "regex": "INT-[A-Z]{2}-\\d{4}" }
  ],
  "on_trigger": {
    "action": "redact_and_warn",
    "notify": ["compliance-team@company.com"],
    "log_level": "critical"
  }
}

Tab 7: Approval Chains

Approval chains define multi-step approval workflows for high-impact actions. Each chain specifies the required approvers, order, and escalation rules.

Chain Structure

Sequential approvals — Approvers must sign off in order. Step 2 cannot begin until step 1 is approved.
Parallel approvals — Multiple approvers review simultaneously. Configurable quorum (e.g., 2 of 3 must approve).
Conditional branching — Chain path can vary based on the content being approved (e.g., regulated content adds a compliance officer step).
Auto-escalation — If an approver does not act within the configured SLA, the item escalates to their manager or a backup approver.
Delegation — Approvers can delegate their approval authority to a substitute for a defined time period (e.g., during PTO).

Default Approval Chains

Action	Chain	SLA
Agent production deploy	Agent Manager → Governance Admin	24 hours
Knowledge publish (standard)	Knowledge Editor → Agent Manager	12 hours
Knowledge publish (regulated)	Knowledge Editor → Compliance Officer → Governance Admin	48 hours
Policy change	Governance Admin → Platform Owner	24 hours
RBAC role assignment	Requesting Manager → Platform Owner	12 hours

Tab 8: Audit Timeline

The Audit Timeline provides a complete, immutable record of every action taken within the Operanix platform.

Recorded Events

Agent configuration changes (creation, modification, deployment, retirement)
Knowledge pipeline actions (crawl, review, approve, reject, publish, rollback)
Governance decisions (policy changes, approval chain outcomes, safety gate triggers)
RBAC changes (role assignments, permission modifications, access revocations)
User authentication events (login, logout, failed attempts, MFA events)
API access (all API calls with request/response metadata, caller identity, and IP)
Data access (who viewed what conversations, knowledge, or reports)

Audit Features

Immutable storage — Audit entries are append-only and cryptographically chained. Entries cannot be modified or deleted, even by Platform Owners.
Filterable timeline — Filter by user, action type, resource, date range, and severity. Save filter presets for recurring audit reviews.
Search — Full-text search across audit entries with support for structured queries (actor:jane@co.com action:deploy agent:support-bot).
Retention — Configurable retention period (default: 7 years). Meets SOC 2 and HIPAA retention requirements.

Tab 9: Analytics

The Governance Analytics tab provides quantitative insights into your governance program's effectiveness.

Trust score trends — Historical trust score plotted over time, with drill-down into each dimension.
Violation analytics — Violation counts by type, severity, agent, and time period. Includes resolution time metrics.
Approval efficiency — Average approval time, SLA compliance rate, escalation frequency, and bottleneck identification.
Policy effectiveness — Per-policy trigger count, false positive rate, and coverage metrics.
Comparative benchmarks — Compare your governance metrics against anonymized industry benchmarks (opt-in).

Tab 10: Compliance Export

The Compliance Export tab generates audit-ready reports for regulatory submissions and compliance reviews.

Export Formats

SOC 2 Report Package — Pre-formatted evidence package covering trust service criteria. Includes control descriptions, testing evidence, and exception documentation.
HIPAA Compliance Report — Documents technical safeguards, access controls, audit controls, and transmission security measures.
GDPR Data Processing Report — Records of processing activities, data subject access requests, consent records, and data retention compliance.
Custom Audit Package — Select specific date ranges, agents, and governance areas to build a custom evidence package.
Scheduled exports — Configure automatic export generation on a schedule (monthly, quarterly) with delivery to a secure storage location or email.

Compliance exports include cryptographic integrity hashes. Auditors can verify that exported data has not been tampered with by validating the hash chain against the platform's audit trail.

Best Practices

Review the Trust Overview dashboard at least weekly. Set up alerts for score drops of more than 5 points.
Start with strict safety gate settings and gradually relax as you build confidence. It is easier to loosen controls than to recover from a compliance incident.
Ensure every agent has at least one approval chain covering its deployment and knowledge updates.
Rotate approval chain reviewers to prevent single points of failure and maintain fresh perspectives.
Export compliance packages quarterly, even if not required by your current regulations. Building the practice early simplifies future audits.
Use the separation of duties enforcement: never allow the same person who builds an agent to be the sole approver for its deployment.