Solution components in Governance console
Solutions in Governance console in IBM watsonx include predefined components, such as object types, workflows, profiles, and more.
Your Governance console might include one or all of these solutions.
- watsonx.governance Model Risk Governance solution
- Manage all tracked models and prompt templates so that you can review all of your AI solutions across the AI lifecycle.
- watsonx.governance Operational Risk Management solution
- Track model risk and other operational risks across the enterprise. Link use cases to business processes.
- watsonx.governance Regulatory Compliance Management solution
- Manage AI regulations for models and use cases. Track regulations that impact models and model use cases. Respond to regulatory changes to make sure that your models and use cases align with changes to related regulations. Link use cases to regulatory mandates.
Object types
Each solution includes predefined object types. For more information, see Object types in Governance console.
Profiles
To view a list of profiles, click
.The following table describes the predefined profiles.
Name | Description |
---|---|
watsonx-governance MRG Master |
Administrator profile for the watsonx.governance Model Risk Governance (MRG) solution. The watsonx.governance MRG Master profile gives administrative access to the object types for model risk governance. The profile includes object types to give you insight into business processes and regulations. |
watsonx-governance ORM Master |
Administrator profile for the watsonx.governance Operational Risk Management solution. The watsonx.governance ORM Master profile gives administrative access to the model risk and operational risk object types. This profile gives you an integrated view of operational risk and model risk. |
watsonx-governance RCM Master |
Administrator profile for the watsonx.governance Regulatory Compliance Management solution. The watsonx.governance RCM Master profile gives administrative access to model risk object types and regulatory compliance object types. This profile gives you an integrated view of regulatory compliance and model risk. |
watsonx-governance Modules Master |
Administrator profile for the watsonx.governance solutions. Administrators use the Governance console Modules Master profile to see a comprehensive view of model risk governance, operational risk governance, and regulatory compliance management. The Modules Master profile gives administrators access to the combined resources of the other Governance console profiles. |
Role templates
Name |
Description |
---|---|
Modules Master - All Permissions | Full R/W/D/A access to all enabled-by-default object types for all solutions. Full admin rights. |
Modules Master - All Data - Limited Admin | Full R/W/D/A access to all enabled-by-default object types for all solutions. No admin rights except those associated with workflows, files, and folders. |
MRG - All Data - Limited Admin | Full R/W/D/A access to all default MRG objects. Limited admin rights. |
MRG - All Permissions | Full R/W/D/A access to all default MRG objects. Full admin rights. |
MRG - Model Developer Owner | Used by model owners and developers. This role template is similar to the Model Risk Management role template except that no write access is granted to the Review object. Most admin application permissions are not granted. |
MRG - Model Risk Management | Used by model risk managers (second line of defense). Read, write, and associate access rights are granted to MRG object types. Write access is denied to the two shared object types, Preference and Business Entity. Most admin application permissions are not granted. Delete access is not granted to any object types. |
MRG - Model Validation | Used by model validation users. Read, write, and associate access rights are granted to a subset of MRG object types that include Model, Use Case, Review, Change Request, and Challenge. Write access is denied to other MRG object types. Write access is denied to shared object types, Preference, and Business Entity. Most admin application permissions are not granted. Delete access is not granted to any object types. |
MRG - AI Factsheets - API Access | Limited role template for AI Factsheets to access the Governance console API. |
ORM - All Data - Limited Admin | Full R/W/D/A access to all default ORM objects. No admin rights except the rights that are associated with workflows, files, and folders. |
ORM - All Permissions | Full R/W/D/A access to all default ORM objects. Full admin rights. |
[ORM] Business User | ORM role template for users who log loss events, perform RCSAs, approve risk assessments, capture KRIs, manage issue and action closure, and participate in scenario workshops. |
[ORM] Operational Risk Team | ORM role template for users who maintain Process, Risk, and Control libraries, scope RCSAs, perform and oversee the RCSA process, perform loss event administration, define and capture KRIs, manage issue and action closure, and coordinate scenario workshops. |
[ORM] Simplified User | ORM role template for users who need minimum access for their work on loss events, KRI value capture, and issue management. |
RCM - All Data - Limited Admin | Full R/W/D/A access to all default RCM objects. No admin rights except the rights that are associated with workflows, files, and folders. |
RCM - All Permissions | Full R/W/D/A access to all default RCM objects. Full admin rights. |
RCM - Subscriber | Read access to all default RCM objects. No admin rights exceptthe rights that are associated with workflows, files, and folders. |
Views
Each object type has a set of predefined system views.
To see a list of views, click Include system views. To see only system views, type sysview in the Search box.
, and then clickWorkflows
Each solution includes predefined workflows.
To view a list of workflows, click
.Tags
Governance console includes predefined tags. To view the list of tags, click .
Questionnaires
Governance console includes a predefined questionnaire templates.
- AI Risk Identification Questionnaire
-
The Risk Identification questionnaire assessment is based on the AI Risk Identification Questionnaire template. This assessment is answered as part of the Use Case Request workflow. The questions have response actions that copy risks from the AI Risk Library that may be applicable to the use case. Whether risks are copied to the use case depends on how the questions are answered. This allows for creation of a risk profile for the use case.
- Applicability Assessment
- The Applicability Assessment is based on the EU AI Act Applicability Assessment questionnaire template. This assessment enables clients to assess their AI uses cases using a simple questionnaire that aids in determining whether a use case is in scope for the EU AI Act and which risk category the use case aligns to (Prohibited, High, Limited, Minimal).
To see a list of questionnaire templates, click
.AI risk library
The risks from the AI risk atlas are available under the /Library/MRG/AI Risk Library business entity.
The predefined Risk Identification questionnaire assessment uses the AI Risk Library. You can also manually associate risks to use cases, models, and other objects.
To view the AI Risk Library, click . Filter the grid to show the /Library/MRG/AI Risk Library business entity.
Use case library
The use case library provides a parent entity for your AI use cases. The use case library is under the /Library/MRG/Use Case Library business entity. To view the use case library, click . Filter the grid to show the /Library/MRG/Use Case Library
Foundation model library
The foundation model library provides a parent entity for your foundation models. The use case library is under the /Library/MRG/Foundation Models business entity.
If you use watsonx.ai, your models are added to Governance console under /Library/MRG/Foundation Models.
To view the use case library, click /Library/MRG/Foundation Models
. Filter the grid to show theDiscovered AI library
This library provides a default place to store any AI deployments that are not following
sanctioned governance practices within an organization (also known as shadow AI
). These
deployments that an organization discovers can be stored under the Discovered AI business entity
until the deployments are on boarded and governed.
To view the library, click /Library/MRG/Discovered AI
. Filter the grid to show the