A governance triage tool for AI, automation, analytics, and digital products. Weighted risk scoring and hard escalation rules ensure every solution gets the right level of scrutiny — no more, no less.
When teams build or buy solutions outside standard channels, three risks compound quickly.
Without a structured intake, similar solutions get wildly different levels of review. High-risk proposals slip through while low-risk ones get buried in committee.
Each solution carries risk across multiple dimensions — data sensitivity, regulatory exposure, vendor dependency. Without scoring, the aggregate risk picture is invisible.
Review committees waste time debating which lane a solution belongs in. Teams wait weeks for decisions that a structured framework could resolve in minutes.
Every solution is scored and routed to the appropriate review lane based on risk, not opinion.
Low-risk solutions that fit within established guardrails. Approved with minimal documentation and fast-tracked for deployment.
Medium-risk solutions requiring review by subject matter experts. Structured assessment across all risk dimensions with documented rationale.
High-risk or complex solutions requiring committee review, executive sign-off, and comprehensive documentation before proceeding.
Each solution is scored across six weighted dimensions. Hard escalation rules override the weighted score when critical thresholds are breached.
Classification of data the solution will access, process, or store — from public datasets to regulated personal information.
Applicable regulatory frameworks, compliance obligations, and jurisdictional requirements that govern the solution.
Degree of reliance on third-party vendors, lock-in risk, and the organisation’s ability to switch or exit.
Authentication, authorisation, encryption, and network exposure requirements for the solution’s deployment model.
Number of users affected, criticality to business operations, and potential disruption if the solution fails or is unavailable.
Touchpoints with existing systems, data flows, API dependencies, and the architectural footprint of the solution.
Use the intake form to classify and route a solution, or review the executive overview for process documentation.
Classify a solution across six risk dimensions, view the calculated risk score, recommended processing lane, and generated review worklist.
Read-only summary of the intake process, routing logic, SLA targets, and evidence-pack structure for stakeholders.