# Enterprise-Grade Control Over Every Action

Approval gates, PII detection, content policies, and execution limits. Your AI employees operate within strict boundaries you define.

Sistava gives you full control over what your AI employees do and do not do. Set up approval gates that require human sign-off before sensitive actions. Detect and redact PII automatically. Define content policies that prevent off-brand or inappropriate responses. Set execution limits to control costs and scope. Enforce company-wide policies across your entire AI workforce.

## Overview

Trust is built through control, not promises. Sistava provides five layers of governance that ensure your AI employees operate within the boundaries you set. Approval gates add human oversight for sensitive actions. PII detection prevents data leaks. Content policies keep responses on-brand and compliant. Execution limits control costs and scope. Company policies enforce organization-wide standards.

These controls work together, not in isolation. A customer service AI employee might have content policies preventing it from discussing legal matters, PII detection redacting phone numbers, execution limits capping at 100 actions per hour, and an approval gate requiring human sign-off before issuing refunds over $100.

Every guardrail generates an audit log entry. When compliance asks "what did your AI do last Tuesday?", you have a timestamped, searchable record of every action, every decision, and every guardrail that fired.

## Before / After

- **Before:** You deployed an AI chatbot and it told a customer your product was free. It shared internal pricing tiers it found in training data. Nobody caught it until the screenshot went viral on Twitter.
  **After:** Content policies prevent your AI employee from discussing topics you define as off-limits. Pricing, legal advice, competitor comparisons, or anything else. It refuses gracefully and redirects the conversation.
- **Before:** Your AI tool has access to customer data but no guardrails on how it uses that data. It included a customer's phone number in a public-facing response. Your compliance team spent a week on the incident report.
  **After:** PII detection scans every outgoing message. Phone numbers, email addresses, social security numbers, credit card numbers, and other sensitive data are automatically redacted before the response reaches the customer.
- **Before:** An AI assistant sent 500 API calls in 10 minutes, blew through your rate limit with a third-party service, and triggered a $2,000 overage charge. Nobody had set usage boundaries.
  **After:** Execution limits cap how many actions your AI employee takes per hour, per day, or per task. Cost controls prevent runaway spending. You set the ceiling, and the system enforces it.
- **Before:** Your legal team asks "what exactly can this AI do?" and you have no clear answer. There is no documented scope, no approval process for high-stakes actions, and no audit trail showing what it decided.
  **After:** Every action is logged. Approval gates require human sign-off for sensitive operations. Company policies define clear boundaries. Your legal team has a complete answer in a single dashboard.

## Benefits

### Approval Gates

Define actions that require human approval before execution. Refunds over a certain amount, messages to VIP customers, data deletions, or any action you flag as sensitive. The AI employee pauses, notifies the approver, and waits.

### PII Detection and Redaction

Every outgoing message is scanned for personally identifiable information. Phone numbers, email addresses, SSNs, credit card numbers, and other sensitive data are automatically redacted. Configurable sensitivity levels and entity types.

### Content Policies

Define topics your AI employees must never discuss: internal pricing details, legal advice, competitor bashing, or politically sensitive subjects. The AI employee recognizes restricted topics and responds with a configured redirect message.

### Execution Limits

Cap the number of actions per hour, per day, or per task. Set cost ceilings per employee or per team. When a limit is reached, the AI employee pauses and notifies you rather than continuing to execute.

### Company-Wide Policies

Set policies that apply to every AI employee in your organization. Brand voice guidelines, compliance requirements, data handling rules, and communication standards. New hires inherit these policies automatically.

### Complete Audit Trail

Every action, every decision, every guardrail trigger is logged with timestamps, context, and outcomes. Export audit logs for compliance reviews. Search by employee, action type, date range, or guardrail event.

## How It Works

1. **Define Your Policies** — Set company-wide policies in the security dashboard. Specify content restrictions, PII handling rules, execution limits, and actions that require approval. Policies apply to all current and future AI employees.
2. **Configure Approval Gates** — Select the specific actions that need human sign-off. Define who approves (by role or by person), how long the AI employee waits, and what happens if approval is not granted within the timeout window.
3. **Enable Detection and Filtering** — Turn on PII detection for specific data types. Configure content policies with specific topics, keywords, and response redirects. Each policy fires in real-time, before the response reaches the customer.
4. **Monitor and Audit** — Review guardrail activity in the security dashboard. See which policies fire most often, which employees trigger the most approvals, and where content restrictions are catching potential issues. Adjust policies based on real data.

## Comparison

| Dimension | Traditional | With Sista |
|---|---|---|
| Human oversight | AI operates autonomously. You review outputs after they reach the customer | Approval gates pause sensitive actions for human sign-off before execution |
| Data leak prevention | Hope the AI does not include PII in responses. Manual review to catch leaks after the fact | Automatic PII detection and redaction on every outgoing message. Leaks stopped before delivery |
| Content control | Prompt engineering and prayer. Jailbreaks bypass instructions regularly | Policy-based content filtering that operates independently of the AI model. Cannot be bypassed through prompt injection |
| Cost control | Monitor spending dashboards manually. Set billing alerts that notify after overspend | Execution limits enforce hard ceilings before the cost occurs. AI employee stops, not alerts after the fact |
| Compliance readiness | Piece together audit trails from logs, screenshots, and tribal knowledge | Complete, timestamped, searchable audit log of every action and guardrail event. Export-ready for auditors |
| Policy consistency | Each AI tool has its own configuration. Inconsistent policies across tools and teams | Company-wide policies cascade to every AI employee. New hires inherit all existing policies automatically |

## FAQ

### How does the approval gateway work?

You define which actions require human approval: sending emails to customers, processing refunds, accessing specific data, or any custom action type. When the AI employee needs to perform a gated action, it pauses, sends a notification to the designated approver with full context, and waits. The approver reviews and either approves or rejects. If no response within the timeout window, the action is denied by default.

### What types of PII does the system detect?

The system detects and redacts phone numbers, email addresses, social security numbers, credit card numbers, bank account numbers, passport numbers, driver license numbers, dates of birth, and physical addresses. You configure which entity types to scan for and whether to redact, mask, or flag them for review.

### Can the AI employee bypass content policies through prompt injection?

No. Content policies operate as a separate filtering layer that runs after the AI model generates its response but before the response reaches the customer. Even if someone tricks the AI model through prompt injection, the content filter catches restricted topics, PII, and policy violations independently.

### How do execution limits prevent cost overruns?

You set hard ceilings on actions per hour, actions per day, and total cost per billing period for each employee or team. When an AI employee reaches a limit, it pauses execution and notifies you. This is a hard stop, not a soft alert. The AI employee resumes only after you raise the limit or the time window resets.

### Are guardrail events logged for compliance audits?

Yes. Every guardrail event is logged with a timestamp, the AI employee involved, the action attempted, the guardrail that fired, and the outcome (blocked, redacted, sent for approval, or allowed). Logs are searchable, filterable, and exportable in standard formats for compliance review.

### Can I set different security policies for different AI employees?

Yes. Company-wide policies set a baseline that applies to all employees. On top of that, you configure employee-specific or team-specific policies. For example, your customer-facing employees might have stricter content policies than your internal research employees. Specific policies always override when they are more restrictive than the company baseline.