Skip to main content

What This Does

AI governance actions help reviewers analyze release readiness from connected LoopIQ context. These actions can review evidence, risk, security posture, controls, operational readiness, testing signals, and delivery history. AI actions do not replace approval. They help prepare a reviewable recommendation and evidence summary.

Before You Begin

Make sure:
  • your organization has AI features enabled
  • your role has permission to use the specific AI action
  • the release certification has a related release and enough context to analyze
  • required integrations, such as security or regulatory integrations, are configured if the action depends on them

Where Actions Appear

  1. Open Compliance.
  2. Open a release certification detail page.
  3. Review the visible AI action buttons.
The buttons that appear can vary by page, role, subscription, organization settings, and approval rules. LoopIQ computes the allowed actions on the backend and only returns actions that are allowed for your current context.

Run an AI Governance Action

  1. Open the release certification.
  2. Choose the AI action you want to run.
  3. Review the action description before running it.
  4. Start the action.
  5. Wait for the generated output.
  6. Review the recommendation, risks, missing evidence, and suggested next steps.
  7. Attach or reference useful output in the release certification if your workflow requires it.
  8. Continue with the normal human approval process.

Common Release Governance Actions

Depending on your environment, actions may include:
  • release readiness review
  • evidence package generation
  • regulatory control review
  • security posture review
  • risk summary
  • rollback readiness review
  • test and quality review
  • operational impact analysis

Approval and Safety Behavior

Some AI actions are read-only. Others may suggest or prepare changes. High-impact actions may require explicit human approval before anything is applied to LoopIQ records. LoopIQ checks:
  • user permission
  • organization subscription
  • page context
  • allowed tool or agent policy
  • approval requirements

Create Remediation Work from Certification Blockers

When a release certification has provider blockers, failed controls, or evidence gaps, Helix can propose a remediation work package. A remediation work package creates one parent remediation story and child tasks for the specific blockers. This is useful when the certification needs a trackable plan across security, quality, compliance, or operational findings. Before approving the action, confirm that Helix used the right certification context:
  • current release
  • application or module attached to the release
  • provider blockers and failed controls
  • evidence gaps
  • affected team or owner
  • source findings or control records
If the plan is unrelated to the certification, reject it and ask Helix to regenerate the plan from the release evidence graph.

Verify Created Remediation Work

After approval, review the Helix result and audit trail. Confirm:
  • the parent story was created
  • child tasks were linked to the parent story
  • titles are clear and action-oriented
  • the records reference the correct release certification
  • provider finding or control references are included when available

Tips

  • Treat AI output as decision support, not final approval.
  • Review missing evidence carefully before approving a certification.
  • Keep generated summaries attached to the certification when they support audit review.
  • If a button is missing, ask an administrator to review AI permissions, subscription access, and integration status.