Skip to main content
Version: Cloud

Governance quickstart

This article guides you through the control frameworks that form the basis of the AI governance workflow.

tip

Before starting with this quickstart, read and understand the concepts explained in the Introduction. For private cloud customers, create a workspace before starting this quickstart.

Explore control frameworks in your organization

  1. Explore the standard "Responsible AI" control framework by clicking the tile and selecting a specific control. For more information about control frameworks, see Control frameworks.

  2. Understand key concepts:

    • Risk level: Set at the use case level and assessed through a risk classification assessment, they follow the risk level as defined in the EU AI act
    • Lifecycle stage: Determines when a control applies along the use case lifecycle
    • Checks: Automated validation checks that detect when evidence is available for a control

  3. Create a custom control framework by selecting Create in the control frameworks overview. You can choose from existing controls.

  4. Create a custom control by navigating to Controls in the top right corner. You can customize the ID, name, category, description, risk classification, lifecycle stage, and checks. Then add this control to your custom control framework.

  5. Assign a control framework to a workspace by selecting the default or custom control framework and adding it to your workspace.

Explore control frameworks in your use cases

  1. Create a use case by navigating to the workspace where you assigned the control framework and selecting Use case from the left menu. Click Add to assign a name and risk classification. You can assign the risk classification now or later using a risk classification assessment.

  2. If you didn't assign a risk classification during use case creation, perform the risk classification assessment.

  3. After you assign a risk classification, the applicable controls from the control framework assigned to the workspace appear in the use case overview.

  4. Click on a control to explore what evidence you need to fulfill that control. Add sample evidence in the form of links, images, and text. If the control contains automated checks, these appear automatically and display a checkmark when Deeploy detects evidence that the check is complete. You don't need to add manual evidence for these automated checks.

Next steps

You've now seen the main elements of control frameworks in Deeploy. The next step is to implement these control frameworks for your organizational policies and streamline them into practical, manageable workflows.

Explore the following governance functionalities: