Governance Modes
Understand the different governance modes in IOA Cloud and choose the right approach for your AI applications.
What are Governance Modes?
Governance modes determine how IOA Cloud enforces policies and generates evidence for your AI applications. Each mode provides different levels of oversight, control, and compliance capabilities.
Key Benefits
- Flexibility: Choose the right level of governance for your use case
- Compliance: Meet regulatory requirements with appropriate evidence generation
- Risk Management: Balance oversight with performance and usability
- Scalability: Start simple and add complexity as needed
Governance Modes Overview
IOA Cloud offers four governance modes, each with increasing levels of oversight and control:
Shadow Mode
Bronze BadgeObservation Only - Policies monitor and log activity without blocking requests.
- Full logging and monitoring
- No request blocking
- Evidence generation
- Perfect for pilots and testing
Best for:
Development, testing, and pilot projects where you want to understand AI behavior without affecting performance.
Requirements:
Available on all plans (Launch, Scale, Trust)
Enforce Mode
Silver BadgeActive Governance - Policies actively block or allow requests based on compliance rules.
- Request blocking and allowing
- Real-time policy enforcement
- Signed evidence bundles
- Production-ready governance
Best for:
Production applications requiring active compliance enforcement and risk mitigation.
Requirements:
Scale plan or higher
Consensus Mode
Gold BadgeMulti-LLM Consensus - Multiple AI models collaborate to make decisions with quorum validation.
- Multi-LLM orchestration
- Quorum-based decisions
- Dissent recording
- Enhanced reliability
Best for:
Critical applications requiring high-confidence decisions and bias reduction through model diversity.
Requirements:
Scale plan with Consensus Pack add-on or Trust plan
Federated Mode
Platinum BadgeCross-Organization Governance - Distributed governance across multiple organizations and jurisdictions.
- Cross-org governance
- Jurisdictional compliance
- Federated evidence
- Enterprise-grade security
Best for:
Large enterprises with complex governance requirements across multiple business units and jurisdictions.
Requirements:
Trust plan (Enterprise only)
Mode Comparison
Compare the key characteristics of each governance mode:
| Feature | Shadow | Enforce | Consensus | Federated |
|---|---|---|---|---|
| Request Blocking | ❌ No | ✅ Yes | ✅ Yes | ✅ Yes |
| Evidence Generation | ✅ Basic | ✅ Signed | ✅ Enhanced | ✅ Federated |
| Multi-LLM Support | ❌ No | ❌ No | ✅ Yes | ✅ Yes |
| Cross-Org Governance | ❌ No | ❌ No | ❌ No | ✅ Yes |
| Performance Impact | Minimal | Low | Medium | High |
| Compliance Level | Basic | Standard | Enhanced | Enterprise |
Choosing the Right Mode
Select the governance mode that best fits your application's requirements:
1. Start with Shadow Mode
Begin with Shadow mode to understand your AI's behavior and identify potential governance needs. This is perfect for:
- Development and testing phases
- Understanding AI decision patterns
- Building governance policies
- Pilot projects and proof-of-concepts
2. Move to Enforce Mode
When you're ready for production, upgrade to Enforce mode for active governance. This is ideal for:
- Production applications with compliance requirements
- Risk-sensitive use cases
- Regulated industries
- Applications requiring audit trails
3. Add Consensus for Critical Applications
For high-stakes decisions, implement Consensus mode with multiple AI models. Consider this for:
- Financial services and trading
- Medical diagnosis and treatment
- Legal and compliance decisions
- Safety-critical applications
4. Use Federated for Enterprise Scale
For large organizations, implement Federated mode for cross-organizational governance. This is necessary for:
- Multi-national corporations
- Regulated industries with complex compliance
- Government and public sector
- Enterprise partnerships and alliances
Migrating Between Modes
You can upgrade or downgrade between governance modes as your requirements change:
Assess Current State
Review your current governance needs, compliance requirements, and performance constraints.
Plan Migration
Create a migration plan that includes testing, rollback procedures, and stakeholder communication.
Test in Staging
Test the new governance mode in a staging environment to ensure compatibility and performance.
Deploy Gradually
Deploy the new mode gradually, starting with non-critical applications and monitoring performance.
Frequently Asked Questions
Can I use multiple governance modes simultaneously?
Yes! You can configure different governance modes for different applications or environments within the same organization.
What happens if I exceed my plan's governance mode limits?
You'll need to upgrade your plan or add the appropriate add-ons to access higher governance modes.
How do I know which governance mode is right for my application?
Start with Shadow mode to understand your needs, then gradually move to higher modes based on your compliance and risk requirements.
Can I downgrade from a higher governance mode?
Yes, but be aware that downgrading may reduce your compliance capabilities and evidence generation quality.
Ready to Implement Governance?
Start with Shadow mode and evolve your governance as your needs grow.