giip
Back to GIIP homeAI Operation Control · Responsibility Model

AI executes, but control always stays with the enterprise

GIIP FDE Ops never grants AI agents unlimited authority. Every action runs only within execution tiers, control mechanisms, and a responsibility split — all enforced by the FDE Ops harness.

Four execution tiers

Read-only

  • Collect state, logs, metrics
  • Inspect configuration
  • Performance analysis
  • Review cost status
  • Non-impacting diagnostics

Auto-execute (approved scope)

  • Run approved runbooks
  • Monitoring & alerting
  • Run tests
  • Scale within predefined limits
  • Documentation & reporting

Requires pre-approval

  • Production deployment
  • Data deletion
  • Permission & firewall changes
  • Actions above cost limits
  • Irreversible changes

Prohibited (humans only)

  • Exporting customer data externally
  • Disabling security controls
  • Creating credentials without approval
  • Anything policy explicitly blocks

Control mechanisms

Command audit log

Every execution is recorded auditable, with request, plan, command, approval, result, and rollback details.

Credential management

Credentials are stored and injected securely, never exposed in code or logs.

Least privilege

Each action runs with the minimum privilege needed for its scope.

Emergency stop

On anomalies, auto-execution halts immediately and hands off to human experts.

Rollback

Changes are designed to be reversible and restored to the prior state on failure.

Human FDE escalation

Novel incidents, high-risk judgment, and architecture decisions escalate to human experts.

Responsibility split

Customer responsibility

  • Define policy & approval criteria
  • Decide access-grant scope
  • Set business priorities
  • Final approval

GIIP responsibility

  • Execute within policy
  • Maintain audit logs & evidence
  • Anomaly detection & emergency stop
  • Rollback & recovery
  • Escalate to human experts

This control model is the actual operating method enforced by the GIIP FDE Ops harness; the detailed scope adapts to each customer environment and policy.

Ask about adoption & security

© 2026 GIIP — The Enterprise AI Operations Platform. From Infrastructure to Production.