Drift Alerts
Drift is the gap between what an agent was declared to do (its approved governance profile) and what it actually does at runtime. Drift Alerts surface those gaps so you can investigate and close them before they become compliance failures.
Enterprise feature. Open it from AI Governance → Compliance → Drift Alerts. Drift also appears on the Risk Dashboard.
The five drift types
| Drift type | Raised when… |
|---|---|
| Control Drift | A stated security control is disabled or absent at runtime |
| Scope Drift | The agent operates outside its documented use cases |
| Data Drift | An unexpected data source or handling deviation appears |
| Risk Drift | The observed risk profile differs from the declared classification |
| Performance/Safety Drift | Latency, error, or accuracy exceeds documented thresholds |
Anatomy of a drift alert
Each alert records:
- Type and severity
- Declared vs. observed — what the profile says vs. what was seen
- Framework(s) impacted — which of EU AI Act / NIST AI RMF / ISO 42001 this affects
- SLA deadline — when it must be resolved
- Owner — who's accountable
- Resolution notes — the record of how it was closed
Working the queue
The Drift Alerts view lists active (unresolved) alerts, with filtering and sorting by type, severity, and SLA. A typical remediation:
- Triage — sort by severity and SLA; pick the most urgent.
- Assign an owner — make accountability explicit.
- Escalate (optional) — push the alert to Slack or Jira to mobilize the team.
- Fix the gap — either correct the runtime behavior, or update the agent's governance profile if the declared baseline was wrong.
- Resolve — mark the alert resolved with notes; it leaves the active queue and is retained for audit.
Resolving drift by updating the declared profile is legitimate — sometimes the baseline was wrong — but it should be a deliberate, reviewed decision, since it changes what "compliant" means for that agent. Re-approve the affected evidence in Requests & Review.
Next steps
- Risk Dashboard — drift feeds each agent's risk score.
- Framework Coverage — keep approved controls true over time.
- Audit & Export — drift history is part of the audit record.