Enforcement Actions

Overview

Enforcement actions define what happens when a policy is triggered.

They convert governance rules into real-time control over AI behavior.

Types of Enforcement Actions

Block

Prevent a request from being executed.

Used for:

• Sensitive data violations

• Unauthorized model usage

Reroute

Redirect a request to an approved model or system.

Used for:

• Enforcing model restrictions

• Handling policy-based routing

Require Approval

Pause execution until a human approves the request.

Used for:

• High-risk operations

• Sensitive workflows

Log

Record the event for audit and monitoring.

Used for:

• Compliance

• Observability

Create Incident

Trigger an incident for investigation and response.

Used for:

• Policy violations

• Data exposure risks

Combining Actions

Multiple actions can be applied together:

Example:

• Block request

• Log event

• Create incident

Real-Time Enforcement

All enforcement actions are applied at runtime, before the request completes.

This ensures:

• Immediate risk mitigation

• Consistent policy application

• Full auditability

Best Practices

• Start with logging before blocking

• Use approvals for edge cases

• Combine enforcement with incident workflows

Next Steps

• Learn about [Incidents Overview]

• Configure [AI Incident Playbooks]