Documentation
      Back to home
      1. Knowledge Center
      2. Documentation

      Triggers & Actions Documentation

      Triggers & Actions empower organizations to define and automate their AI governance workflows efficiently. We'll explore how you can define triggers to automatically apply governance actions to Use Cases during Intake.

      What Are Triggers & Actions?

      The Credo AI Governance Platform is designed to support organizations in implementing AI governance at scale. Triggers & Actions are a core component of the Platform that support an organization in defining and automating their desired AI governance workflows.

      Adding Triggers & Actions in a Questionnaire

      Triggers in the Credo AI Platform are specific answers to Intake Questionnaires that trigger a specific governance action to be applied to a Use Case. For example, if a user answers “Yes” to the Intake Questionnaire question, “Does your Use Case leverage personally identifiable information as an input or output?”, that might be a trigger for the following governance actions to be applied to the Use Case:

      • A Privacy risk alert gets added to the Use Case;
      • The Privacy Team gets added as a required reviewer of the Use Case;
      • The risk scenario, “The Use Case may leak sensitive data,” gets added to the Use Case Risk Plan;
      • The mitigating control, “The Use Case must go through a data privacy governance review,” gets added to the Use Case Risk Plan.

      Actions, as illustrated by the above example, can include any of the following:

        • A new question is added to the Intake Questionnaire;
        • A Risk Category gets applied to the Use Case;
        • A custom Use Case Metadata Field gets updated to a specific value;
        • A specific reviewer (individual or team) gets added to the Use Case;
        • An alert gets applied to the Use Case;
        • A risk scenario automatically gets added to the Use Case Risk Plan;
        • A mitigating control automatically gets added to the Use Case Risk Plan (associated with an existing risk scenario, or with an accompanying risk scenario);
        • Policy Pack automatically gets added to the Use Case Compliance Plan.

      Triggers and actions are visible from the Review screen and the Use Case Overview, where triggered alerts and governance requirements will be displayed in the “Governance Plan” of the Use Case.

      How can I use Triggers & Actions to define custom AI governance workflows?

      Triggers and actions allow you to automatically apply governance requirements to a Use Case based on the information provided during intake, so you can automate custom governance workflows to ensure the right level of oversight for every single AI system in your organization.

      You can manage triggers and actions from the Policy Center. From the Questionnaire screen, simply click into the Intake Questionnaire for which you want to add Triggers and Actions. From the Questionnaire detail screen, you can see if there are any triggers that have already been defined.

      Screenshot 2024-03-08 at 5.07.28 PM

      You can edit triggers and actions from this view directly, or you can also edit triggers and actions from the Questionnaire editor.

      Click Edit Questions from the Questionnaire detail screen. Click the pencil icon next to the question that you want to add a trigger to; and click Add Trigger

      Screenshot 2024-03-08 at 5.12.55 PM

      You are only able to add triggers to single-select and multi-select questions; free text and file upload questions cannot be triggers.

      For each trigger you add to a question, you’ll be asked to provide a description of the trigger, and to select the answer option that you would like to be the trigger. Click “Update” to add your trigger.

      Screenshot 2024-03-12 at 9.11.54 PM

      Then you’ll be able to click Add Action to Trigger to define the specific workflow action that should be applied to the Use Case when the trigger is triggered. You will then select the action type that should be triggered (selecting from the available list), provide an alert description that will be displayed to the user in the “Alerts” section of the Use Case. Then, depending on what action type you selected, you’ll need to define exactly what that action is—whether it’s the specific reviewer that should be added to the Use Case, the Risk Category that should be applied, the Risk Scenario that should be applied, etc. 

      Screenshot 2024-03-12 at 9.13.30 PM

      Users will be able to see the description of the trigger and action from the Use Case Review screen and the Overview, summarized as Alerts; so you should aim to make the descriptions of your triggers and actions meaningful to users who are looking at these screens.

      Screenshot 2024-03-13 at 1.49.29 PM

      As of May 2024, triggers can be fired based on the answer values to more than one question.  

       

      You can add any number of triggers to an applicable question, and any number of actions for a Trigger; you likely will want to add multiple triggers and actions to many of your Intake Questionnaire questions in order to create an automated governance workflow that aligns with your organization's needs.

      Credo AI’s out-of-the-box intake questionnaires come pre-configured with relevant triggers and actions. As part of the configuration of your Credo AI Platform to meet your organization’s needs, the Credo AI team will help you define the Triggers & Actions that are aligned with your ideal governance workflow(s).