A simple risk model for AI actions: safe vs review-required
Risk models do not need to be complex. A clear safe vs review-required split keeps approvals focused on actions that can create real impact.
The two-tier model
Tier 1 (safe) actions can proceed automatically. Tier 2 actions require approval because they are irreversible or high-impact. This keeps review time focused where it matters.
Examples of review-required actions
- Sending external messages
- Writing to production systems
- Exporting or deleting data
- Changing access permissions
Policy rules make it enforceable
Policies encode which actions are safe and which require approval. The gateway enforces those rules and records the decision metadata so the outcome is reviewable later.
Next step
If you want to map risk tiers for a pilot, we can help define the rules and approval boundaries.