Review these required roles and permissions for the Automation Admin, Automation Lead, and GRC Lead to ensure they can access the AI Guardrails features to set and monitor interaction logs for compliance and security.

The following personae would benefit from viewing and monitoring the AI Guardrails logs:

The Automation Admin requires these roles and permissions to perform their tasks successfully:
  • System roles: AAE_Admin and AAE_Basic
  • Custom role with specific settings enabled for AI Guardrails as follows:
    • Roles > AI > View AI Guardrails > Manage AI Guardrails.
    • Roles > Administration > View Settings.
  • To enable and enforce AI Guardrails, navigate to Settings: Administration > Settings > AI Guardrails > Enable to enable AI Guardrails and enforce rules for protecting sensitive information and promote responsible AI usage.
    Note: The vault data retention period is 30 days. The data vault stores the mapping between the unmasked and masked (tokenized) sensitive data used for data masking. It contains both masked and unmasked data
  • Settings: Administration > Settings > AI Data Management > Enable to enable data logging for users. For more information, see Enable data logging.

The Automation Admin can enable settings and assign a custom role (with required permissions) to the Automation Lead and GRC Lead in their organization to give them access to create and set AI Guardrails.