• workshop_dense_100#slide 65

The governance-interventions branch in RAIDT is the part of the framework that asks how organisations intentionally alter model behaviour while simultaneously producing inspectable evidence. Its branch logic is comparative and lifecycle-oriented. The papers do not treat prompting, LoRA, RAG, and RLHF as isolated engineering choices; they treat them as alternative or stacked control surfaces that leave different evidential footprints. What unifies the branch is a shared measurement grammar: common reviewer rubrics, consistent logging, adjudication, artefact templates, and cross-run comparison through a score profile rather than anecdotal impressions.

Within this branch, prompting contributes instruction and disclosure control; LoRA contributes modular behavioural lineage and rollback; RAG contributes provenance, citation discipline, and retrieval policy; RLHF contributes preference-shaped tone and risk surfacing but adds governance duties around annotators and reward provenance. The branch overview therefore centres on differential governance effects. Prompt-only systems may read clearly yet remain weak on traceability. LoRA typically improves dependability and auditability through adapter lineage. RAG is repeatedly the strongest single lift for interpretability and traceability because claims can be contested against retrieved material. RLHF can raise responsibility, but only when reviewer governance and provenance are explicit.

The branch is operationalised at run level. RAIDT treats run as the unit of governance, so each intervention is assessed through a run-level evidence pack and then interpreted with the five pillars (Responsibility, Auditability, Interpretability, Dependability, Traceability). The supervisory judgement is whether the resulting score profile approaches the branch?s anchors 1=missing / 3=partial / 5=audit-ready, and whether stacking is required. Across the papers, the overall branch conclusion is consistent: no single intervention dominates every pillar, whereas disciplined stacks produce the strongest governance readiness.

In a cybersecurity operations centre, analysts may test four variants of the same incident-summary workflow: prompt-only, prompt plus LoRA, prompt plus RAG, and prompt plus LoRA plus RAG with an RLHF-style tone overlay. The branch overview tells supervisors how to read the comparison.

Prompt-only may give a readable narrative, LoRA may stabilise SOC terminology, and RAG may attach the summary to specific flow features or prior incident records. Once reviewer forms, hashes, and retrieval records are added, the stacked variant usually produces the most complete run-level evidence pack. The governance question is not which version sounds best, but which version gives the audit team the strongest contestable, reproducible, and traceable basis for action.

• 04-RAIDT_Prompt_Eng_V2
• 06-RAIDT_RAG_V1
• 07-RAIDT_RLHF_V1