Skip to content
GOVERN Docs

Policies

Policies are the core configuration object in GOVERN. A policy defines what you consider compliant AI behavior and what happens when a system deviates from it.

Policy structure

A policy contains:

  • Scorers — individual checks (content safety, toxicity, PII detection, etc.)
  • Thresholds — the score at which a scorer raises a violation
  • Enforcement modes — log, flag, or block per violation
  • Scope — which systems the policy applies to

Built-in policy templates

GOVERN ships with templates for the most common frameworks:

  • EU AI Act — General Purpose
  • EU AI Act — High-Risk Systems
  • NIST AI RMF
  • ISO/IEC 42001
  • SOC 2 AI Addendum

Policy inheritance

Policies can inherit from parent policies. A child policy inherits all scorers and thresholds from its parent and can override specific settings. This lets you define a baseline at the organization level and customize at the team or system level.

Viewing active policies

Go to Policies in the main navigation to see all policies in your organization, their scope, and which systems are currently governed by each one.