Governance mode

The same run artefacts from insidellms, expressed for audit, procurement, and executive sign-off.

Governance artefact map

Policy layers

Map team requirements to rule packs and enforcement levels.

Global policy thresholds
Feature flags per environment
Manual review exceptions with expiry windows

Role-based views

Risk lens toggle relabels evidence to match reviewer intent.

Engineering view: throughput, failure mode, drift score
Compliance view: approval trail, approver signature, retention policy

Audit pack: sealed package, repeatable claim

An audit pack is assembled from deterministic run artefacts: probe definitions, manifests, report outputs, behavioural diffs, and reviewer decisions. It should be portable and independently reviewable.

insidellms harness probes/customer-support.toml --output out/baseline
insidellms harness probes/customer-support.toml --output out/candidate
insidellms report out/candidate/manifest.json --format markdown
insidellms diff baseline.json candidate.json --fail-on-changes

Signatures and chain of custody

Signed manifest

Proves input and model state were unchanged during execution.

Reviewer attestations

Attach approver identity to each exception and keep it immutable.

Retention policy

Keep immutable evidence snapshots for regulated retention windows.

Controls by risk class

Low ALLOW_WITH_LOG

Replay and diff are retained for audit but non-blocking for pipeline flow.

Medium MANUAL_REVIEW

Gate pauses deployment and surfaces a concise evidence summary for approvers.

High BLOCK

Deployment blocked. A sealed incident evidence bundle is generated immediately.