15 KiB
Enterprise Knowledge Governance — Global Fix Map
🏥 Quick Return to Emergency Room
You are in a specialist desk.
For full triage and doctors on duty, return here:
- WFGY Global Fix Map — main Emergency Room, 300+ structured fixes
- WFGY Problem Map 1.0 — 16 reproducible failure modes
Think of this page as a sub-room.
If you want full consultation and prescriptions, go back to the Emergency Room lobby.
A compact hub to keep enterprise knowledge safe, auditable, and policy-true across RAG, agents, and long-running workflows.
Use this folder to define the policy layer and route symptoms to the exact repair page. No infra change required.
What this folder is
- A minimal but complete policy layer for RAG and agent stacks.
- Guardrails that prevent leakage and region violations.
- Copy-paste contracts for tagging, retrieval fences, and audits.
- Acceptance targets you can actually measure on live traffic.
When to use this folder
- You have mixed-sensitivity corpora and must stop accidental leakage.
- Regional data residency is a contract requirement.
- Stale SOPs or outdated policies keep showing up in answers.
- Legal retention vs developer convenience keeps drifting.
- You need verifiable access trails and regulator-ready exports.
Orientation: pages and what they solve
| Page | What it solves | Typical symptom |
|---|---|---|
| access_control.md | Role, tenant, region, sensitivity intersections at retrieval time | Answer cites a snippet the user cannot see |
| audit_and_traceability.md | Immutable trails for who asked, what was cited, why it was allowed | Regulator asks for proof and you cannot produce it |
| compliance.md | End-to-end policy surface and controls | Policy defined in docs but not enforced in code |
| compliance_audit.md | Audit checklists and export packs | You cannot prove who accessed PII last quarter |
| data_residency.md | Region pinning for shards, embeddings, logs | Cross-region egress appears in billing or logs |
| data_sensitivity.md | Sensitivity model and redaction gates | PII or secrets slip through after parsing |
| knowledge_expiry.md | Freshness and deprecation workflow | Bot answers with outdated SOP or revoked policy |
| retention_policy.md | TTL queues, deletion attestations, proof of purge | Items that should be gone still show up in runs |
Acceptance targets
- Zero unauthorized citation of PII or restricted snippets in production evals
- Policy tags present on ≥ 0.95 of onboarded documents
- Residency violations equal 0 across seven days of traffic
- Retention SLA respected for 100 percent of expired items inside 24 hours
- Every answer carries a trace with
citations,ΔS,λ_state,policy_eval
Map symptoms → structural fixes
| Symptom | Open this |
|---|---|
| Wrong snippet shows up from a restricted area | retrieval-traceability.md · data-contracts.md |
| Prompt or tool bypasses policy and leaks PII | prompt-injection.md · lock tool args in data-contracts.md |
| Sensitive text survives parsing and chunking | chunking-checklist.md · ocr-parsing-checklist.md |
| Live runs drift from policy or regions | ops/live_monitoring_rag.md · ops/debug_playbook.md |
60-second setup checklist
-
Tag the corpus
Attachsensitivity,region,owner,retention_tierto every doc. Enforce schema with data-contracts.md. -
Fence retrieval
Require the intersection of{tenant_id, role, region, sensitivity}at retrieve time and drop non-matching snippets. Verify with retrieval-traceability.md. -
Pin residency
Keep embeddings and shards in the source region. Block cross-region egress unless policy allows. See data_residency.md. -
Retention jobs
Create TTL queues perretention_tier. Write a deletion log withdoc_id,hash,time,actor. See retention_policy.md. -
Audit everything
Emitactor,question,citations,ΔS,λ_state,policy_eval,regionfor each answer. Route to an immutable sink. See audit_and_traceability.md.
Copy-paste policy probe for your LLM step
You have TXT OS and WFGY pages loaded.
Question: "{user_question}"
Context carries fields {sensitivity, region, retention_tier, owner} for each snippet.
Do:
1) Enforce cite-then-explain. Refuse if a cited snippet breaks role or region.
2) Return {"citations":[...], "policy_eval":{"allow":true|false,"reason":"..."}, "ΔS":0.xx, "λ_state":"→|←|<>|×"}.
3) If blocked, output the smallest change to comply and the exact WFGY page to open.
FAQ
Q: We tag sensitivity at ingest but leaks still happen. What now?
A: Enforce the tag at retrieve time too. Use access intersections {tenant_id, role, region, sensitivity} and verify with retrieval-traceability.md.
Q: Our vendor requires EU residency. How do we prove compliance? A: Pin vectors, shards, and logs to EU regions and export an egress report weekly. Steps in data_residency.md.
Q: Outdated SOPs keep showing up. Where is the crack? A: You need a freshness control. Mark deprecated docs and enforce a deny-list at retrieval. See knowledge_expiry.md.
Q: Legal wants proof of deletion after TTL. A: Implement TTL queues and write deletion attestations to an immutable sink. Details in retention_policy.md.
Q: We cannot reconstruct who saw which PII last quarter.
A: Add the audit contract from audit_and_traceability.md. Every answer should log actor, citations, ΔS, λ_state, policy_eval, region.
Q: Prompt injection bypassed our fences. A: Tighten tool schemas and add role-ordered templates. See prompt_injection.md and the contracts in data-contracts.md.
Q: Coverage is high but restricted snippets sometimes get ranked. A: Coverage is not policy. Add policy_eval to the trace and drop candidates before rerank. Use access_control.md.
Q: How do we set pass or fail before release? A: Use a governance gate: zero restricted citations, zero residency violations, coverage ≥ 0.70, ΔS ≤ 0.45, and audit completeness 100 percent for a 7-day canary.
Explore More
| Layer | Page | What it’s for |
|---|---|---|
| Proof | WFGY Recognition Map | External citations, integrations, and ecosystem proof |
| Engine | WFGY 1.0 | Original PDF based tension engine |
| Engine | WFGY 2.0 | Production tension kernel and math engine for RAG and agents |
| Engine | WFGY 3.0 | TXT based Singularity tension engine, 131 S class set |
| Map | Problem Map 1.0 | Flagship 16 problem RAG failure checklist and fix map |
| Map | Problem Map 2.0 | RAG focused recovery pipeline |
| Map | Problem Map 3.0 | Global Debug Card, image as a debug protocol layer |
| Map | Semantic Clinic | Symptom to family to exact fix |
| Map | Grandma’s Clinic | Plain language stories mapped to Problem Map 1.0 |
| Onboarding | Starter Village | Guided tour for newcomers |
| App | TXT OS | TXT semantic OS, fast boot |
| App | Blah Blah Blah | Abstract and paradox Q and A built on TXT OS |
| App | Blur Blur Blur | Text to image with semantic control |
| App | Blow Blow Blow | Reasoning game engine and memory demo |
If this repository helped, starring it improves discovery so more builders can find the docs and tools.
