Operational governance mechanism

This circle defines how RAIDT turns responsible AI intent into operational governance practice. It explains how one GenAI run becomes governable through structured evidence capture, a five-pillar RAIDT score profile, and intervention methods that shape or constrain system behaviour. In project terms, Circle 2 is the mechanism that converts abstract governance claims into inspectable, challengeable, and improvable run-level control.

This note sits at the centre of RAIDT's operational logic. It belongs primarily to theory-building and implementation design, while also supporting empirical validation and policy translation. Circle 2 explains how the project moves from the foundational problem statement to a concrete governance mechanism that can be used in organisational settings.

More specifically, this circle contributes to:

• foundations, because it clarifies what it means to govern a GenAI system at the level of actual use rather than only at model or policy level;
• evidence design, because it specifies what must be captured if a run is to be reconstructed, assessed, or contested;
• pillar development, because it houses the Responsibility, Auditability, Interpretability, Dependability, and Traceability profile;
• implementation, because it positions prompting, RAG, PEFT/LoRA, RLHF, DPO, and related controls as governance-relevant intervention points;
• empirical validation, because it supplies constructs that can be tested in real organisational workflows;
• policy pathways, because it offers a practical bridge from standards and regulation to evidence-bearing organisational routines.

• Star S3 - Run-Level Evidence Logic — Explains the core proof-object logic: the run is governed through evidence that supports reconstruction, comparison and challenge.
• Star S4 - Evidence Architecture and Artefacts — Specifies the concrete fields and artefacts that make a run record inspectable.
• Star S5 - RAIDT Pillars and Scoring — Defines the five governance dimensions and how scoring makes readiness measurable while preserving trade-offs.
• Star S6 - Influence Methods as Governance Interventions — Positions prompting, RAG, PEFT/LoRA, RLHF/DPO and stacked influence as components that shape governance evidence, not as the project core.

• What does an operational governance mechanism mean in RAIDT terms?
• Why does RAIDT govern the run rather than only the model, policy statement, or procurement decision?
• What problem does this circle solve for organisations using generative AI in live work?
• What evidence proves that a run was responsibly configured, executed, checked, and reviewed?
• How does the run-level evidence pack support reconstruction, audit, contestability, and managerial oversight?
• How do the five pillars turn diffuse governance concerns into a usable score profile?
• How do governance interventions such as prompting, RAG, PEFT/LoRA, and alignment controls affect the evidence that should be captured?
• How does this circle help supervisors understand the project's conceptual centre?
• How does Circle 2 connect theory, empirical validation, standards alignment, and sector playbooks?
• What are the limits of scoring and evidence capture in real organisational contexts?

• 10–20 min — Where should governance sit when a GenAI system is deployed in day-to-day organisational work: at model level, policy level, or run level?
• 20–40 min — Which evidence fields are genuinely necessary to reconstruct and challenge a run, and which fields create noise without improving accountability?
• 40–60 min — How should RAIDT scoring be used in practice: as an assurance device, a managerial diagnostic, a procurement screen, or a basis for intervention?

Circle 2 explains the operational governance mechanism at the heart of RAIDT. The background problem is straightforward but serious. Organisations increasingly use generative AI systems in ordinary work, yet governance often remains too high-level to explain what happened in any specific use. A policy may say that staff must use AI responsibly; a vendor may provide model documentation; a technical team may add controls such as retrieval, fine-tuning, or reinforcement-based alignment. Even so, when a concrete output causes concern, decision-makers often cannot reconstruct the exact task context, prompt, retrieved material, model configuration, or checking process that produced it. The result is managerial uncertainty: organisations know they are exposed to risk, but they cannot clearly identify what should be evidenced, reviewed, or improved at the level where work actually occurs.

RAIDT addresses this by treating the run as the unit of governance. A run is one configured use of a generative AI system for a specific task, at a specific time, in a specific context. It includes the instruction or prompt, model and tool configuration, retrieved context where relevant, generated output, and the human or automated checks attached to that event. This move matters because governance becomes tied to a concrete, inspectable event rather than to abstract claims about a system in general. Circle 2 operationalises that idea. It explains how a run can become governable through three linked elements: run-level evidence logic, evidence architecture, and the RAIDT five-pillar score profile.

The first element is evidential logic. RAIDT assumes that governance is weak if a run cannot be reconstructed, compared, or challenged. Reconstruction means that an authorised reviewer can understand what was asked, what system configuration was active, what contextual material was supplied, what output was produced, and what checking or approval steps took place. Comparison means that runs can be examined across teams, time periods, tasks, or intervention conditions. Challenge means that a stakeholder can query whether a run was appropriate, contest an output, or ask why a different safeguard was not used. In that sense, the run-level evidence pack is not merely a record-keeping device; it is the practical object through which responsibility becomes testable.

The second element is evidence architecture. Circle 2 does not treat evidence as a vague aspiration. It requires concrete artefacts and fields that make a run inspectable. Depending on use case, this may include task purpose, user role, system identity, versioning, prompt text or instruction class, retrieved sources, external tools used, output version, confidence or uncertainty indicators, human review outcomes, escalation notes, and any scoring decisions. For RAIDT, the quality of governance depends on whether these artefacts allow a reviewer to move from an output back to the conditions that generated it. This is where auditability and traceability become operational rather than rhetorical.

The third element is scoring through the five RAIDT pillars: Responsibility, Auditability, Interpretability, Dependability, and Traceability. The purpose of scoring is not to create a false impression of perfect precision. Rather, it offers a structured profile that helps an organisation see where a run is strong, weak, or incomplete from a governance perspective. Responsibility concerns ownership, authorisation, and human accountability. Auditability concerns whether the run can be inspected and reviewed. Interpretability concerns whether the system behaviour and output basis can be explained to an appropriate degree. Dependability concerns consistency, robustness, and suitability for the task. Traceability concerns the ability to track sources, decisions, configurations, and downstream consequences. Together, these pillars make trade-offs visible instead of hiding them behind general claims of compliance or safety.

Circle 2 also clarifies the place of influence methods. Prompt engineering, RAG, PEFT/LoRA, RLHF, DPO, tool use, and stacked intervention strategies matter in RAIDT, but they are not the project's central object. They are governance-relevant because they alter the conditions under which a run is produced and therefore alter the evidence that should be captured. A retrieval-augmented run needs evidence about source selection and retrieval context. A PEFT or LoRA-adapted model raises questions about adaptation scope, data provenance, and task-specific behaviour. RLHF and related alignment controls raise questions about what behavioural preferences were embedded and how those choices affect acceptable outputs. Circle 2 therefore treats these techniques as intervention points that should be evidenced, assessed, and, where necessary, constrained.

This operational mechanism matters for responsible AI because many governance frameworks remain detached from actual work episodes. Circle 2 gives RAIDT a way to connect organisational accountability with situated AI use. It also matters for information systems governance, where the challenge is often to align technical capability, managerial control, and evidential sufficiency. By making the run inspectable, RAIDT supports uncertainty reduction without pretending that uncertainty disappears. Indeed, one of the strengths of this circle is that it handles AI and uncertainty explicitly. It recognises that outputs may remain probabilistic, context-sensitive, or contestable. The governance goal is not to eliminate ambiguity altogether, but to ensure that uncertainty is visible, evidenced, and governable.

A practical example is a university administrator using a GenAI assistant to draft a student communication. Under weak governance, only the final text may remain, with no record of the prompt, retrieved policy guidance, or review checks. Under RAIDT, the run-level evidence pack would capture the task purpose, the relevant institutional policy documents retrieved, the model or system version, the generated draft, the human approval step, and any uncertainty about policy interpretation. The RAIDT score profile might show strong traceability and auditability but only moderate interpretability if the drafting logic remains partly opaque. That profile then informs a governance intervention, such as requiring more explicit prompt templates or stronger review for policy-sensitive communications.

Another example is a healthcare support workflow that uses RAG to summarise patient-facing guidance. Here the operational governance mechanism would require evidence about which documents were retrieved, whether the retrieval set was current, who reviewed the summary, and how unsuitable outputs were flagged. The focus is not only the model's capability, but the full run configuration and checking pathway. This is the distinctive contribution of Circle 2: it turns governance from a general principle into an evidence-bearing organisational routine.

The circle nevertheless has boundaries. It does not claim that every governance concern can be solved through run-level capture alone. Broader issues such as procurement, institutional culture, legal interpretation, data governance, and sector-specific regulation still matter. Nor does the RAIDT score claim to be a universal truth metric. Scoring is a structured judgement device that should support deliberation, comparison, and intervention, not replace them. Finally, Circle 2 assumes that evidence capture can be implemented proportionately. In low-risk uses, lighter evidence may be sufficient; in high-risk contexts, denser capture and stronger review are justified. The value of the mechanism lies in proportional, explicit, and inspectable governance.

For the project as a whole, Circle 2 is the bridge between conceptual foundations and practical validation. It provides the mechanism that Paper 08 can theorise, that Paper 09 can test empirically, and that Paper 10 can translate into policy pathways and standards alignment. Without this circle, RAIDT would remain an attractive idea. With it, RAIDT becomes a defensible governance architecture for generative AI in organisational work.

Q1. What is the core idea of an operational governance mechanism in RAIDT?

Answer:
It is the set of concepts and artefacts that make a GenAI run governable in practice. Rather than stopping at policy principles or model descriptions, RAIDT defines how one concrete use of a system can be evidenced, reviewed, scored, and improved.

Practical example:
A policy team uses GenAI to draft a briefing note. The mechanism records the prompt, retrieval sources, model version, output, reviewer comments, and final approval.

Link to RAIDT:
This is the mechanism that produces the run-level evidence pack and supports the five-pillar score profile.

Q2. Why does RAIDT focus on the run rather than only the model?

Answer:
Most organisational harms and governance failures occur during situated use, not in the abstract. The same model may behave differently depending on prompt design, retrieved context, tool access, task pressure, or review quality. Governing the run captures those real conditions.

Practical example:
Two teams use the same model, but one uses curated retrieval and mandatory review while the other does not. Run-level governance reveals the difference in assurance quality.

Link to RAIDT:
The run is RAIDT's basic unit of evidence, comparison, scoring, and intervention.

Q3. What problem does Circle 2 solve for organisations?

Answer:
It reduces the gap between broad responsible AI commitments and the practical question of what evidence exists for a specific AI-assisted action. It addresses managerial uncertainty by showing what should be captured, who should review it, and where governance should intervene.

Practical example:
After an inaccurate customer response is sent, the organisation can reconstruct the run instead of relying on guesswork about what happened.

Link to RAIDT:
Circle 2 makes governance auditable through evidence packs and measurable through the RAIDT pillars.

Q4. What is included in a run-level evidence pack?

Answer:
The evidence pack contains the artefacts needed to inspect the run: task context, actor role, system and tool configuration, prompt or instruction, retrieved materials where used, output, checks performed, and any escalation or approval notes.

Practical example:
For a legal drafting assistant, the pack may include the template used, the retrieved policy clauses, the generated clause, and the solicitor's sign-off.

Link to RAIDT:
The evidence pack is the concrete output of RAIDT's operational governance mechanism.

Q5. How do the five pillars work within this circle?

Answer:
They provide a structured profile of governance quality. Responsibility asks who owns the run; Auditability asks whether it can be inspected; Interpretability asks whether the basis of output can be explained; Dependability asks whether it is robust enough for the task; Traceability asks whether sources, steps, and consequences can be followed.

Practical example:
A run may score well on responsibility and traceability but poorly on dependability if outputs vary too much across repeated attempts.

Link to RAIDT:
The pillars convert evidence into a practical score profile that supports governance decisions and targeted intervention.

Q6. Why is scoring useful if governance judgement is still contextual?

Answer:
Scoring creates disciplined comparison without claiming perfect objectivity. It helps supervisors, managers, and auditors identify weak points, justify mitigation, and compare runs across contexts while preserving the need for human judgement.

Practical example:
A department compares similar document-drafting runs across business units and finds that one unit consistently lacks review evidence, lowering its auditability score.

Link to RAIDT:
Scoring is one of RAIDT's two practical outputs, alongside the evidence pack.

Q7. How do prompt engineering and RAG fit into governance rather than only performance?

Answer:
They shape the conditions of generation and therefore the form of evidence required. A well-designed prompt template can improve responsibility and dependability; a RAG pipeline can improve traceability if retrieved sources are logged and reviewable.

Practical example:
A customer-service assistant uses retrieval from approved internal guidance. The governance issue is not merely whether retrieval exists, but whether the retrieved set is logged and reviewable.

Link to RAIDT:
Circle 2 treats influence methods as governance interventions whose effects should be captured in the run record.

Q8. What does this circle contribute to responsible AI and standards alignment?

Answer:
It translates broad principles into operational evidence. Standards and policy frameworks often call for accountability, monitoring, documentation, and human oversight. Circle 2 shows what those ideas look like when attached to a specific organisational run.

Practical example:
A public-sector team maps its run evidence fields to internal assurance requirements and to external expectations under frameworks such as ISO/IEC 42001 or the NIST AI RMF.

Link to RAIDT:
The operational mechanism gives RAIDT a route into policy alignment and governance assurance.

Q9. How does Circle 2 support empirical validation?

Answer:
It defines observable constructs. Researchers can test whether stronger evidence capture, different intervention methods, or alternative review designs improve pillar scores, user confidence, or governance outcomes.

Practical example:
Paper 09 could compare teams using lightweight versus structured evidence packs and assess differences in reconstructability, review quality, and error handling.

Link to RAIDT:
Circle 2 supplies the measurable elements needed for empirical study.

Q10. What are the main limits of the operational governance mechanism?

Answer:
It cannot by itself resolve every legal, ethical, or organisational issue. Evidence capture may be incomplete, burdensome, or strategically avoided. Some interpretability limits remain even with strong logging. Scoring also depends on governance judgement and context.

Practical example:
A team may log prompts and outputs but still struggle to explain why a model produced a particular phrasing if the internal generation pathway is opaque.

Link to RAIDT:
RAIDT uses Circle 2 as a practical governance layer, not as a claim of total transparency or perfect control.

1. HR policy drafting support: A human resources team uses GenAI to draft internal policy language. RAIDT would capture the approved prompt template, policy sources retrieved through RAG, the generated text, reviewer identity, and any flagged uncertainty around legal wording.
2. University student communications: An administrator uses a GenAI assistant to personalise messages to students. The run record would capture the task category, model version, prompt, institutional guidance retrieved, review or approval step, and whether the output required correction before release.
3. Healthcare information summarisation: A support service summarises patient guidance using approved sources. Governance evidence must show retrieval provenance, date currency, reviewer role, warning conditions, and escalation if outputs go beyond permitted informational boundaries.
4. Procurement evaluation support: A procurement team uses GenAI to synthesise supplier submissions. RAIDT would require evidence of input scope, prompt framing, confidentiality controls, output review, and traceability from summary claims back to source documents.

• task purpose and decision context;
• user role, team, and authority level;
• date, time, and run identifier;
• model, version, deployment environment, and tool configuration;
• prompt or instruction text, template class, and parameter settings where relevant;
• retrieved documents, knowledge sources, or external tools invoked;
• input constraints, guardrails, and applicable policy rules;
• generated output and any post-processing steps;
• human review, automated checks, approval status, and escalation path;
• uncertainty flags, exceptions, and contestation notes;
• RAIDT five-pillar scoring rationale;
• downstream action taken and any resulting governance intervention.

Circle 2 is one of the clearest places where the RAIDT project becomes operationally distinctive.

• Paper 08: foundations and methodological pathways — This circle provides the mechanism for arguing that governance should attach to the run as the relevant unit of analysis and evidence. It supports the conceptual architecture behind run-level evidence, proof-object logic, and methodological positioning.
• Paper 09: empirical validation — The circle offers constructs that can be tested in field or workshop settings, including reconstructability, evidential completeness, pillar scoring, intervention effects, and reviewer confidence.
• Paper 10: policy pathways — The circle translates policy concepts such as accountability, monitoring, documentation, and oversight into operational evidence fields and governance routines that can be aligned with sector or regulatory expectations.
• Sector playbooks — The operational mechanism can be adapted into domain-specific templates for higher education, healthcare, public administration, procurement, and other settings where run-level governance needs different thresholds and evidence density.
• RAIDT scoring — Circle 2 houses the five-pillar profile as a practical assessment device for runs, workflows, or use-case classes.
• RAIDT evidence pack — Circle 2 defines the evidential content and artefacts required for the evidence pack to be meaningful rather than symbolic.
• RAIDT governance interventions — Circle 2 explains how prompt templates, retrieval design, alignment controls, review checkpoints, and escalation rules function as intervention points when a run's profile is weak.

• responsible AI governance frameworks and accountability literature;
• information systems governance and control literature;
• uncertainty and managerial decision-making in digital systems;
• auditability, traceability, and documentation research in AI governance;
• prompt engineering and retrieval-augmented generation design literature;
• PEFT, LoRA, RLHF, DPO, and alignment-control literature as intervention methods;
• standards and policy materials related to EU AI Act implementation, ISO/IEC 42001, and the NIST AI RMF;
• empirical studies on human oversight, assurance workflows, and AI documentation practices.

Circle 2 does not claim that run-level evidence replaces all other forms of AI governance. It does not remove the need for procurement due diligence, broader data governance, legal review, security controls, or organisational culture change. It also does not claim that all important aspects of model behaviour are fully interpretable. Some runs will remain partly opaque even when well documented. The RAIDT score is therefore best understood as a structured governance judgement rather than a universal scientific measure. Finally, this circle assumes proportional implementation. Organisations should not capture the same volume of evidence for every low-risk task as for high-stakes uses.

Circle 2 is where RAIDT becomes operational. The project's distinctive move is to treat the run, not the model in isolation, as the unit of governance. That matters because most organisational concerns arise in situated use: a specific prompt, a specific configuration, a specific context, and a specific output. This circle explains how that use event becomes governable through a run-level evidence pack, a five-pillar score profile, and targeted governance interventions. In other words, it translates responsible AI from broad principle into inspectable organisational practice. It also gives the project a bridge between theory and validation. Paper 08 can use this circle to justify the underlying mechanism, Paper 09 can test whether the mechanism works in practice, and Paper 10 can show how it aligns with policy and standards expectations. If I had to summarise the contribution in one sentence, I would say that Circle 2 explains how RAIDT turns generative AI governance into a practical evidential routine that supports audit, challenge, improvement, and accountability.