AI Governance — User Guide
Arbitex enforces AI governance policies on every request you send. Most of the time, policies are invisible — your requests go through and you get a response. But sometimes a policy will modify your request, block it, or pause it for review. This guide explains what each scenario looks like and what you can do.
When a request is blocked (BLOCK)
Section titled “When a request is blocked (BLOCK)”If your request matches a governance policy configured to block it, you will see a message in the chat window instead of an AI response:
🚫 This request was blocked by your organization's AI governance policy.
Policy: [policy name]Contact your administrator if you believe this is an error.What happened: Your prompt or the AI’s response contained content that your organization’s policy does not permit — for example, credentials, payment card numbers, or content restricted for your user group.
What to do:
- Review your message for sensitive information. If you included something like a password, API key, credit card number, or employee ID number, remove it and try again.
- If you believe your request is legitimate and should not have been blocked, contact your IT help desk or system administrator and reference the policy name shown in the error message.
- You cannot override a BLOCK. It is a hard stop — your admin has configured this content type as not permitted.
What was NOT sent to the AI: When a request is blocked, nothing is forwarded to the AI provider. The AI never saw your message.
When your message is redacted (REDACT)
Section titled “When your message is redacted (REDACT)”Sometimes a policy does not block your request outright — instead it redacts specific pieces of information before sending your message to the AI. You will see a banner appear above your message:
⚠️ Your message was modified by security policy — 2 items redacted Detected: SSN, credit_card | Policy: pii-strictBelow the banner, your message will show [REDACTED] tokens where the original content was removed:
“Please review this account for customer [REDACTED — PII/SSN detected] with card number [REDACTED — PII/credit_card detected].”
What happened: The governance system detected sensitive information (like Social Security Numbers, credit card numbers, or health identifiers) in your prompt. Those specific values were replaced with [REDACTED] tokens before the message was sent to the AI. The AI responded based on the redacted version.
What you see:
- A banner above your message listing the number of items redacted and their types
- Your message bubble showing the redacted version — exactly what the AI received
- Inline
[REDACTED]pills where your original content was removed
What to do:
- If you need the AI to work with that specific information, contact your administrator — it may be possible to use a specialized workflow that handles sensitive data appropriately.
- The AI’s response will be based on the redacted message. If the response seems incomplete or off-target, this may be why.
Note on page reload: The [REDACTED] tokens in your message are saved. If you reload the page, the tokens remain visible. However, the banner (which shows entity counts and policy name) is session-only and will not reappear after a reload.
Governance challenges — PROMPT hold and ALLOW_WITH_OVERRIDE
Section titled “Governance challenges — PROMPT hold and ALLOW_WITH_OVERRIDE”Some policies are configured to pause a request and give you an opportunity to provide context or justification before proceeding. You will encounter two variations:
PROMPT hold (admin review required)
Section titled “PROMPT hold (admin review required)”When a PROMPT policy fires, your request is suspended and held for an administrator to review. You will see a waiting indicator in the chat:
⏳ Your request is waiting for administrator review. This may take a few minutes. If no decision is made within 5 minutes, your request will be cancelled automatically.What is happening: An admin has been notified. They can see the context of your request (not the full content — just the type of content detected and the rule that matched) and will approve or deny it.
- If approved: Your request proceeds normally and you receive the AI response.
- If denied: You see a message explaining the request was denied. Contact your administrator if you need to discuss.
- If no one acts within 5 minutes: The hold times out and your request is cancelled. You will receive a 403 error response. Try again or contact your admin.
PROMPT holds are typically used for sensitive but context-dependent situations — for example, when a request matches a pattern that could be legitimate or could be a policy violation, and a human needs to decide.
ALLOW_WITH_OVERRIDE (user acknowledgement required)
Section titled “ALLOW_WITH_OVERRIDE (user acknowledgement required)”When an ALLOW_WITH_OVERRIDE policy fires, the system pauses and shows you an inline override dialog:
⚠️ This request matched a governance policy.
Detected: credit_card (confidence: 94%) Rule: finance-pii-review
To proceed, provide a reason: [ _________________________ ]
[ Cancel ] [ Submit and proceed ]What this means: Your content matched a policy, but your organization has configured this rule to allow you to proceed if you provide a valid business reason. The AI request has not been sent yet.
What to do:
- Review what was detected (shown in the dialog).
- If this was a mistake — for example, the content is synthetic test data, not real PII — type a brief explanation in the reason field.
- Click Submit and proceed. Your request (with the override reason logged) will be forwarded to the AI.
- If you do not have a valid reason, click Cancel.
You have 5 minutes to submit the override before the token expires. If it expires, simply send your message again — a fresh challenge will appear.
This is logged. Your override reason, the detected entity type, and your identity are written to your organization’s audit log. Your administrator can review override activity in the compliance dashboard.
DLP banners in the chat UI
Section titled “DLP banners in the chat UI”The chat interface shows several different banners depending on what the DLP system found. Here is a quick reference:
| Banner | What it means |
|---|---|
| Your message was modified — N items redacted | Parts of your input were removed before being sent to the AI |
| DLP ENFORCEMENT — Request blocked — [policy] | The AI’s response was blocked; you see a placeholder instead |
| Content modified by security policy — N additional entities redacted | After the AI responded, a final scan found and removed additional content |
| ⏳ Waiting for administrator review | Your request is on hold pending admin approval (PROMPT hold) |
| ⚠️ Governance policy matched — provide reason to proceed | Override challenge — you can proceed with a justification |
All these banners are shown only for the current session. If you reload the page, banners do not reappear — but [REDACTED] tokens in message text are preserved.
How to request a policy exception
Section titled “How to request a policy exception”If you routinely need to work with content that your current policies block or challenge, you can request a policy exception from your administrator.
What to include in your request:
- Your name and user group/department
- A description of the type of content you need to work with (e.g., “account numbers for customer support workflows”)
- The business reason this access is necessary
- Whether you need full access (ALLOW) or a softer control like ALLOW_WITH_OVERRIDE (audit with self-service override)
How to submit:
- Your organization may have a dedicated IT request form, ticketing system, or Slack channel for AI governance exceptions. Check with your IT help desk.
- Reference the policy name shown in the block or challenge dialog if you have it — this helps admins identify the exact rule quickly.
What your admin can do:
- Add your user account to a group that has a less-restrictive policy rule
- Create a specific exception rule for your group
- Change the action for a rule from BLOCK to ALLOW_WITH_OVERRIDE (allowing you to proceed with a logged justification)
- Grant temporary access for a specific project
Privacy and what is logged
Section titled “Privacy and what is logged”Arbitex does not store the content of your messages or the AI’s responses in the audit log. What is logged for compliance purposes:
| What is logged | Example |
|---|---|
| That a request was made | Timestamp, your user ID, model used |
| That a policy fired | Rule name, detected entity type (e.g., credit_card) — not the actual value |
| That a redaction occurred | Count and types of entities redacted |
| Override reason (if you submitted one) | The exact text you typed as your reason |
| Admin decisions on PROMPT holds | Approve or deny, with admin identity |
Your actual prompt content and the AI’s response are not retained in audit logs. If your organization uses SIEM integration, the same log fields (without message content) are forwarded.
See also
Section titled “See also”- DLP Redaction Visibility — detailed explanation of each DLP banner and
[REDACTED]token in the chat interface - Governance prompt (admin) — how PROMPT holds work (admin documentation)
- ALLOW_WITH_OVERRIDE (admin) — how override governance works (admin documentation)
- Policy Engine overview — how your organization’s policies are structured