Glossary

Complete reference of TheWARDN terminology, concepts, and abbreviations.

A

Action

Any operation an AI agent wants to perform — deploying code, querying a database, sending an email, accessing a model. Every action is submitted to /govern for a verdict before execution.

Action Type

A string label describing what an agent wants to do. Examples: deploy_code, data_query, send_email, model_inference. Used in tier mapping and policy evaluation.

Agent

An AI system registered with TheWARDN. Each agent has a unique ID, status, governance statistics, and optional policy assignments. Agents must be registered before they can submit governance requests.

Agent Policy

A CHAM policy assigned to a specific agent (in addition to tenant-wide policies). Agent policies are additive — they layer on top of tenant policies, never replace them.

ARCHITECT

The highest user role in TheWARDN. ARCHITECTs can create/modify policies, manage agents, configure governance settings, and access all features. Mutation endpoints require ARCHITECT role.

Audit Record

An immutable, SHA-256 hash-chained record of a governed action. Contains: sequence number, hash, previous hash, verdict, tier, action type, target service, confidence scores, policies fired, and timestamp. Cannot be modified after sealing.

Audit Trail

The complete chronological log of all governed actions for a tenant. Hash-chained for tamper detection. Exportable as PDF or CSV.

B

BAA (Business Associate Agreement)

A HIPAA-required contract between a covered entity and a business associate (e.g., AI model provider). L6 Model Governance tracks BAA status per model.

BLOCKED

A governance verdict meaning the action is rejected and must not be executed. Generated when: Sentinel SGP rules are violated (X-tier), CHAM policies are violated (C-tier), agent is blocked, or L6 model governance rejects the model.

C

CHAM

Configurable, Hot-swappable, Auditable, Measurable — the design principles of TheWARDN's policy engine. All governance policies follow the CHAM pattern.

CHAM Policy

A governance rule defined as a JSON configuration. Types include: confidence_floor, environment_restriction, action_type_block, rate_limit, require_reasoning, grant_lifecycle. Policies can be toggled on/off without redeployment.

Change Window

A time-based governance rule. During specified windows (e.g., business hours), actions are governed normally. Outside windows, actions are escalated to a stricter tier.

CLEARED

A governance verdict meaning the action is safe to execute. The agent should proceed with the operation.

Compliance Pack

A pre-built set of CHAM policies mapped to a specific regulatory framework. Available packs: HIPAA, SOC 2, GDPR, FINRA+SOX, EU AI Act, NIST AI RMF. Applied with one click.

Confidence Score

A numeric value (0.0 to 1.0) representing an agent's certainty about an action. Measured across three dimensions: incident (problem identification), fix (solution correctness), containment (blast radius control).

D

Decision Boundary

Pre-Sentinel checks that can short-circuit governance evaluation. Three types: sequence state (halted sequences block), grant lifecycle (authorization required), and L6 model governance (model compliance).

DPA (Data Processing Agreement)

A GDPR-required contract governing how personal data is processed. L6 Model Governance tracks DPA status and expiry dates per model.

E

Escrow

A holding state for AI actions that receive a HELD verdict. Actions in escrow wait for human review — they can be released (approved), killed (rejected), or automatically timed out.

Escrow Queue

The list of all actions currently held in escrow across all agents. Managed via the console or API.

F

Fail-Closed

TheWARDN's default behavior — if governance evaluation fails for any reason, the action is BLOCKED, never CLEARED. Silence is never approval.

Fail-Open

Used only in non-critical subsystems (e.g., L6 pre-check, grant lifecycle). If the subsystem cannot be reached or its tables don't exist, governance proceeds to the next stage rather than blocking.

Framework Builder

A 5-step wizard that generates a complete AI governance framework tailored to an organization's industry, size, maturity, and regulatory exposure. Includes AI-generated rationale paragraphs.

G

Governance Mode

Three operating modes per tenant: ENFORCED (all verdicts applied), AUDIT_ONLY (verdicts logged but overridden to CLEARED), DISABLED (no evaluation). Modes can auto-expire.

Governance Pipeline

The full evaluation chain from /govern request to sealed verdict: mode check → agent status → CHAM load → decision boundaries → Sentinel → audit seal → escrow/violation → response.

Grant (Authorization Grant)

A time-limited authorization for an agent to perform specific action types. Used by the grant_lifecycle CHAM policy. Grants can be created, revoked, and expire automatically.

H

Hash Chain

A cryptographic chain linking audit records. Each record's hash includes the previous record's hash, creating a tamper-evident chain. If any record is modified, all subsequent hashes become invalid.

HELD

A governance verdict meaning the action requires human review before execution. The action is placed in escrow with a timeout countdown.

L

L1-L7 (Governance Layers)

Seven layers of governance defense-in-depth:

L1: Prompt Governance
L2: Reasoning Governance
L3: Custody & Chain of Evidence
L4: Content Verification
L6: Model Governance
L7: Shadow AI Detection

L6 Model Governance

Layer 6 controls the model supply chain — which AI models are approved, their agreement status, cost governance, and access channel enforcement. Integrates into the governance pipeline via metadata.model_id.

M

MAP (Model Access Policy)

L6 policies that control how AI models are accessed. Five types: MODEL_ALLOWLIST, CHANNEL_ENFORCEMENT, AGREEMENT_REQUIRED, DATA_CLASS_MODEL_MAP, COST_GOVERNANCE.

Model Registry

The L6 catalog of approved AI models for a tenant. Each entry includes: model ID, provider, version, status, access channel, cost data, and agreement dates.

P

Policy

See CHAM Policy.

Policies Fired

The list of CHAM policies that triggered during a governance evaluation. Recorded in the audit record for traceability.

S

Sentinel

The core governance evaluation engine. Implements 21 immutable Sentinel Governance Principles (SGP). Evaluates actions against policies, tier mappings, and change windows. Returns: verdict (CLEARED/HELD/BLOCKED), tier (A/B/C/X), and policies fired.

SGP (Sentinel Governance Principles)

21 hardcoded rules that form the foundation of governance. Cannot be disabled or modified. Include: fail-closed, human supremacy, identity verification, confidence thresholds, and environment protection.

Shadow AI

Unauthorized AI tools or models used within an organization without governance. L7 Shadow AI Detection discovers and classifies shadow AI usage.

Shadow Event

An L6 detection event recording unauthorized model usage — either an unregistered model or a model accessed via an unapproved channel.

T

Tenant

An organization using TheWARDN. All resources (agents, policies, audit records, etc.) are scoped to a tenant. Each tenant has a tier (pricing plan) and governance mode.

Tier

Action classification level determining governance behavior:

Tier	Name	Verdict	Behavior
A	Autonomous	CLEARED	Agent executes immediately
B	Supervised	HELD	Placed in escrow for human review
C	Controlled	BLOCKED	Rejected by CHAM policy violation
X	Prohibited	BLOCKED	Rejected by SGP violation (highest severity)

Tier Mapping

Configuration that maps action types to governance tiers. Example: deploy_code → B (requires human review), read_logs → A (autonomous).

Tier Override

An agent-level setting that forces all actions from that agent to a specific tier, regardless of tier mapping.

V

Verdict

The governance decision for an action: CLEARED (execute), HELD (escrow), or BLOCKED (reject). Sealed in the audit record.

Violation

A record of a governance rule violation. Severity levels: CRITICAL, HIGH, MEDIUM, LOW. Types: SGP_VIOLATION, CHAM_VIOLATION, AGENT_BLOCKED, SEQUENCE_HALTED, NO_VALID_GRANT, L6_MODEL_GOVERNANCE.

VERDICT_SEALED

The state of an audit record after the governance evaluation is complete. Once sealed, the record is immutable and hash-chained.

W

WARDN

Watch And Regulate Digital Navigation — the platform name. Alternatively: the person who watches, guards, and governs.

WHO_I_AM

The identity construct for AI agents. Agents must establish WHO_I_AM before governance begins. If identity is revoked, the agent must re-register.

Glossary ​

A ​

Action ​

Action Type ​

Agent ​

Agent Policy ​

ARCHITECT ​

Audit Record ​

Audit Trail ​

B ​

BAA (Business Associate Agreement) ​

BLOCKED ​

C ​

CHAM ​

CHAM Policy ​

Change Window ​

CLEARED ​

Compliance Pack ​

Confidence Score ​

D ​

Decision Boundary ​

DPA (Data Processing Agreement) ​

E ​

Escrow ​

Escrow Queue ​

F ​

Fail-Closed ​

Fail-Open ​

Framework Builder ​

G ​

Governance Mode ​

Governance Pipeline ​

Grant (Authorization Grant) ​

H ​

Hash Chain ​

HELD ​

L ​

L1-L7 (Governance Layers) ​

L6 Model Governance ​

M ​

MAP (Model Access Policy) ​

Model Registry ​

P ​

Policy ​

Policies Fired ​

S ​

Sentinel ​

SGP (Sentinel Governance Principles) ​

Shadow AI ​

Shadow Event ​

T ​

Tenant ​

Tier ​

Tier Mapping ​

Tier Override ​

V ​

Verdict ​

Violation ​

VERDICT_SEALED ​

W ​

WARDN ​

WHO_I_AM ​