Skip to content
Glossary

Policy Overlay

A policy overlay is the layer of governance rules a platform applies on top of AI work — deciding what an agent may answer or do, when human approval is required, and which guardrails bind each action. Policies are versioned and evaluated at runtime against each WorkItem, so the same request is handled consistently and every decision traces back to the policy version that produced it.

Synonyms: policy layer, governance overlay, policy controls, guardrail policy

A policy overlay separates the rules of engagement from the work itself. Instead of burying governance inside prompts or application code, the platform keeps it as an explicit, versioned layer that is evaluated against every WorkItem at runtime. The overlay decides whether a proposed answer is grounded enough to send, whether an action can execute automatically or must wait for a named approver, and which credentials, connectors, and data classes are in scope. Because the overlay is the single place those rules live, the same request is handled the same way every time, a policy change applies everywhere at once, and the audit trail can always show which policy version produced a given decision.

Frequently asked questions

What does a policy overlay control?
It controls what an AI agent is allowed to answer or execute: which actions are auto-approved, which require human approval, what grounding or evidence is required, and which connectors and data a WorkItem may touch — all evaluated per request rather than hardcoded.
Why version policies instead of hardcoding rules?
Versioned policies make governance auditable and reversible. Each decision records the policy version that produced it, so you can see why an action was allowed or held, roll a change back, and prove consistent handling during a review.