Core Concepts

Governed remediation

Policy-bound fixes.

Overview

Governed remediation is how Zof proposes, reviews, and applies fixes to failing validation outcomes without bypassing enterprise policy. AI agents may suggest code or configuration changes, but policy packs, human authorization, verification runs, and audit logs constrain what can execute automatically.

Use governed remediation when you want faster recovery from test failures while preserving separation of duties: engineers propose, security or release managers approve, and the platform records every decision for compliance review.

Who should read this

  • New users, technical writers, and integration engineers aligning internal documentation with Zof terminology.

Prerequisites

  • Basic familiarity with Zof Console navigation
  • Organization member access

When to use this workflow

  • Onboarding engineers unfamiliar with Zof terminology
  • Writing internal runbooks that align with Console UI labels
  • Mapping customer CMDB or ITSM fields to Zof entities

Governed remediation flow

Governed remediation flow

From failure signal to verified fix

Step-by-step procedure

Enable remediation policy

Governance → Policies → enable remediation pack for target applications.

Require human authorization for production environments; allow auto-apply only in staging when policy permits.

Triage failed runs

Operate → Runs → open failed run → Results tab.

Open remediation suggestion when agent or workflow surfaces a plan.

Approve and verify

Governance → Remediation → Approvals queue → review diff and blast radius.

After apply, confirm verification run passes before closing release gate exceptions.

Key concepts

Remediation plan
Structured proposal listing affected files, tests, and rollback steps before any change is applied.
Verification run
Mandatory re-execution of linked suites after apply to prove the fix resolves the failure without regressions.
Human authorization
Explicit approver action recorded in audit logs; distinct from automated policy checks.

Best practices

  • Separate approvers from authors of the original failing change
  • Scope auto-apply to staging; require approval for production-adjacent environments
  • Attach run IDs and plan URLs to change tickets for SOC and release audits

Was this page helpful?

Governed remediation | Zof AI Documentation