Governance Scoring
Every session processed by VeriProof receives a governance score between 0 and 100. The score summarizes how well the AI system’s behavior in that session aligns with governance expectations: guardrail discipline, transparency, human oversight, decision quality, and absence of safety concerns.
Governance scores are used in the compliance dashboard, alert rules, and evidence exports. A session with a high governance score was well-governed; a session with a low score warrants review.
Score components
The governance score is a weighted composite of five factors:
| Factor | Weight | What it measures |
|---|---|---|
| Guardrail compliance | 30% | Guardrail actions fired and their outcomes (allowed, flagged, blocked) |
| Decision transparency | 25% | Completeness of DecisionContext — intent, model, reasoning present |
| Human oversight | 20% | Whether human review was indicated when required by risk level |
| Content safety | 15% | Absence of content safety flags; safe handling when flags were present |
| Grounding quality | 10% | Grounded vs. ungrounded responses (when grounding status is recorded) |
Score interpretation
| Range | Label | Typical meaning |
|---|---|---|
| 90–100 | Excellent | All governance controls active and operating; no concerns |
| 75–89 | Good | Minor gaps in annotation coverage; no active safety concerns |
| 55–74 | Fair | Some governance controls missing or triggered; review recommended |
| 35–54 | Poor | Multiple governance gaps or active safety issues |
| 0–34 | Critical | Significant governance failures; immediate review required |
Factors that lower the score
Guardrail compliance factor
The guardrail compliance score is highest when:
- Guardrail rules were active and evaluated (
guardrail.actionrecorded) - Outputs were either allowed or appropriately blocked
The score decreases when:
- No guardrail annotations are present at all (suggests instrumentation gap)
- Guardrail actions were
bypassedor annotation is malformed
Decision transparency factor
This factor rewards complete DecisionContext. A session with intent, model identifier, decision value, and confidence score recorded gets full credit. Missing or null fields reduce the score proportionally.
Human oversight factor
When risk_level is HIGH or CRITICAL, the governance engine checks whether human_oversight.type is present and non-null in the session’s governance annotations. Sessions at high risk without a recorded human oversight indicator lose points on this factor.
This does not mean a human must actually review every high-risk decision. It means your instrumentation must record the oversight arrangement — for example, human_oversight.type = "human_in_loop" or human_oversight.type = "human_review_available".
Content safety factor
Any session with a content_safety.action of blocked that also has a guardrail.action of blocked gets full credit — the system detected and stopped a safety issue correctly. A session with content_safety.action = "blocked" but no corresponding guardrail block loses points. A session with no content safety annotation in a high-risk application loses some credit (the engine applies a small penalty for annotation gap at high risk).
Grounding quality factor
If your application records grounding.status (“grounded”, “partially_grounded”, “ungrounded”), this factor scores accordingly. Sessions without a grounding annotation are treated as neutral (mid-point credit) unless the application is configured as a RAG application in the portal, in which case missing grounding annotations incur a penalty.
Annotating your sessions for better scores
The governance score reflects the quality of your instrumentation, not just the behavior of the model. Sessions that record all available annotation types score consistently higher.
with session.step("generate_response") as step:
response = model.generate(prompt)
step.tags(
decision=Decision.APPROVED,
confidence=0.85,
intent="loan_eligibility_inquiry",
model="gpt-4o",
)
step.annotate(
{"guardrail.action": "allowed"},
{"grounding.status": "grounded"},
{"human_oversight.type": "human_review_available"},
{"content_safety.action": "allowed"},
)The more thoroughly you annotate, the more accurate and useful the governance score becomes.
Application-level scoring
The Customer Portal summarizes governance scores at the application level with two metrics:
- Average governance score — rolling 7-day and 30-day averages across all sessions for the application
- Score distribution — histogram of session scores (Excellent / Good / Fair / Poor / Critical)
You can set an alert rule to notify when the application-level average drops below a threshold. See Alert Rules for configuration.
Governance score in evidence exports
When you export a compliance evidence package for a session, the governance score and its factor breakdown are included in both the JSON bundle and the PDF report. This gives auditors a normalized, quantified view of governance quality alongside the raw session record.
FAQ
Can the governance score be wrong?
The score is only as good as the instrumentation. A perfect score on a session that was not fully annotated means the system had no evidence of governance failures — not that none occurred. Scores are a monitoring and alerting tool, not a certification.
Does the score affect session storage or anchoring?
No. All sessions that pass Merkle validation at ingest are stored and anchored regardless of governance score. The score is a post-ingest analysis signal.
Can I customize score weights for my use case?
Custom governance score weight profiles are available on Enterprise plans. Contact your account team.
Next steps
- Alert Rules — configure alerts based on governance score thresholds
- Compliance Monitoring — use scores in compliance dashboards
- First Integration — add annotations to maximize score accuracy