AI Policy and Limits with Committee Approval
Who turns on AI with confidential data is not the operator: it is the committee.
Framework / standard: ISO/IEC 38507 §6.2 · ISO/IEC 42001 §5
AI governance is not a PDF: it is a policy applied on the critical path of every call. Linedat centralises the tenant's AI policy — which features are permitted, usage limits, exclusion of confidential data, sanitisation — and separates who operates from who directs.
Toggles, limits and exclusions
The policy controls per tenant which AI features are active (auto-doc, chat, semantic search…), daily usage limits, exclusion of confidential or restricted data and PII redaction. It is the governance lever that decides, before every call, whether the feature is permitted.
Operator / committee separation
If the tenant enables it, policy changes go through a proposal that the governing body approves before taking effect (separating the operational role from the directing role in line with 38507). The direct shortcut is rejected.
The limits (what we do not claim)
Committee approval is opt-in (disabled by default), and the flag that requires a committee can itself be changed without a committee to avoid deadlocks. The policy decides whether a feature is permitted; it is not a token-by-token inference firewall. Concurrency limits are tracked in memory, not with a transactional counter.
How Linedat helps
Linedat turns the AI policy into an applied lever and, optionally, into a governance decision with separation of duties — not a document nobody enforces.
Related capabilities
The committee does not decide in a Word document: it decides with evidence linked to the data.
AI System Inventory by Risk ClassThe AI Act audits systems, not API calls. Every AI system inventoried with its risk class.
PII Sanitisation Before Reaching the ModelBefore a national ID or an IBAN leaves for OpenAI, it is redacted — in the critical path, not as an option.
