Skip to main content
This glossary defines key concepts used throughout Governance. Use it as a reference when reading policies, working with governed bundles, or reviewing bundles for approval. The terms here establish a common language for understanding how Governance features fit together. The Governance overview provides more details on how these concepts are applied.
TermDefinition
ApprovalsActions added to a policy to request approval from an organization or an individual. Anyone with project access can request approval, but only a GovernanceApprover can approve it.
AttachmentsAny files from a project that needs to be governed by a policy in a specific context.
ClassificationThe top-level variable for a policy that is meant to carry the overall classification of the governed bundle. It could be used in a tiered approach, such as low, medium, or high risk.
Classification rulesClassification supports complex operations using the Go programming language. It uses the values results from one or multiple evidence answers and expects an output of a string or a float.
EvidenceInformation that is relevant to a policy. In most cases, evidence is a question with an answer and can include input, metric checks, and scripted checks.
Evidence setsGroups of evidence that can be reused within a policy or across policies. Evidence sets are meant to promote consistency of governance.
FindingsThese serve as a necessary step for capturing and addressing issues that will prevent full compliance, ensuring a path to production readiness.
GatesPrevent users from performing specific actions such as publishing apps or creating model endpoints, until required approvals are complete. Gates can be added to policies through YAML.
Governed bundleA governed bundle can be a model, an application, a report, or any other asset developed within the context of a project. It stores all evidence related to the policy it governs and keeps the lineage to the relevant attachments. Bundles can now include multiple policies, which helps reduce duplication and group related governance rules in one place.
LifecycleA set of stages describing each step of building and maintaining a governed bundle.
Metrics checksAutomatically attach metrics to a governed bundle, eliminating the need for manual entry.
PolicyDefinition of all stages, evidence, and approvals that need to be met for compliance. Bundles can now define compliance against multiple policies, making it easier to consolidate related requirements in a single place.
Scripted checksThese checks use centralized scripts to evaluate information on a Governed Bundle. Scripted checks can also be used to measure bias consistently in a dataset.
Sequential workflowsRequire stages in a bundle’s lifecycle to be completed in order, preventing skipped steps and strengthening quality control of governance.
StagesKey milestones or phases of a policy. For example, in a model risk management policy, the stages could be: develop business cases and define requirements; model development and testing; model validation and deployment; and model monitoring.

Next steps

  • Work with bundles: package models and artifacts for review
  • Evidence: learn about manual evidence, automated checks, and monitoring checks
  • Define policies: create and configure policies (for Governance administrators)