Solution components in Governance console

Solutions in Governance console in IBM watsonx include predefined components, such as object types, workflows, profiles, and more.

Your Governance console might include one or all of these solutions.

watsonx.governance Model Risk Governance solution: Manage all tracked models and prompt templates so that you can review all of your AI solutions across the AI lifecycle.
watsonx.governance Operational Risk Management solution: Track model risk and other operational risks across the enterprise. Link use cases to business processes.
watsonx.governance Regulatory Compliance Management solution: Manage AI regulations for models and use cases. Track regulations that impact models and model use cases. Respond to regulatory changes to make sure that your models and use cases align with changes to related regulations. Link use cases to regulatory mandates.

Learn more about these components:

Object types
Profiles
Role templates
Views
Workflows
Tags
Questionnaires
AI risk library
Use case library
Foundation model library

Object types

Each solution includes predefined object types. For more information, see Object types in Governance console.

Profiles

To view a list of profiles, click Settings > Solution Configuration > Profiles.

The following table describes the predefined profiles.

Name	Description
watsonx-governance MRG Master	Administrator profile for the watsonx.governance Model Risk Governance (MRG) solution. The watsonx.governance MRG Master profile gives administrative access to the object types for model risk governance. The profile includes object types to give you insight into business processes and regulations.
watsonx-governance ORM Master	Administrator profile for the watsonx.governance Operational Risk Management solution. The watsonx.governance ORM Master profile gives administrative access to the model risk and operational risk object types. This profile gives you an integrated view of operational risk and model risk.
watsonx-governance RCM Master	Administrator profile for the watsonx.governance Regulatory Compliance Management solution. The watsonx.governance RCM Master profile gives administrative access to model risk object types and regulatory compliance object types. This profile gives you an integrated view of regulatory compliance and model risk.
watsonx-governance RCM - Compliance Officer	Profile for compliance officers who are tasked with ensuring that regulatory obligations are being met by the organization.
watsonx-governance RCM - Use case owner	Profile for users who create and own AI use cases and are interested in the compliance activities occurring in their organization.
watsonx-governance Modules Master	Administrator profile for the watsonx.governance solutions. Administrators use the Governance console Modules Master profile to see a comprehensive view of model risk governance, operational risk governance, and regulatory compliance management. The Modules Master profile gives administrators access to the combined resources of the other Governance console profiles.

Role templates

The following table describes the predefined role templates for MRG, ORM, and RCM.

Table 1. Role templates
Name	Description
Modules Master - All Permissions	Full R/W/D/A access to all enabled-by-default object types for all solutions. Full admin rights.
Modules Master - All Data - Limited Admin	Full R/W/D/A access to all enabled-by-default object types for all solutions. No admin rights except those associated with workflows, files, and folders.
MRG - All Data - Limited Admin	Full R/W/D/A access to all default MRG objects. Limited admin rights.
MRG - All Permissions	Full R/W/D/A access to all default MRG objects. Full admin rights.
MRG - Model Developer Owner	Used by model owners and developers. This role template is similar to the Model Risk Management role template except that no write access is granted to the Review object. Most admin application permissions are not granted.
MRG - Model Risk Management	Used by model risk managers (second line of defense). Read, write, and associate access rights are granted to MRG object types. Write access is denied to the two shared object types, Preference and Business Entity. Most admin application permissions are not granted. Delete access is not granted to any object types.
MRG - Model Validation	Used by model validation users. Read, write, and associate access rights are granted to a subset of MRG object types, including Model, Use Case, Review, Change Request, and Challenge. Write access is denied to other MRG object types. Write access is denied to shared object types, Preference, and Business Entity. Most admin application permissions are not granted. Delete access is not granted to any object types.
MRG - AI Factsheets - API Access	Limited role template for AI Factsheets to access the Governance console API.
ORM - All Data - Limited Admin	Full R/W/D/A access to all default ORM objects. No admin rights except the rights that are associated with workflows, files, and folders.
ORM - All Permissions	Full R/W/D/A access to all default ORM objects. Full admin rights.
[ORM] Business User	ORM role template for users who log loss events, perform RCSAs, approve risk assessments, capture KRIs, manage issue and action closure, and participate in scenario workshops.
[ORM] Operational Risk Team	ORM role template for users who maintain Process, Risk, and Control libraries, scope RCSAs, perform and oversee the RCSA process, perform loss event administration, define and capture KRIs, manage issue and action closure, and coordinate scenario workshops.
[ORM] Simplified User	ORM role template for users who need minimum access for their work on loss events, KRI value capture, and issue management.
RCM - All Data - Limited Admin	Full R/W/D/A access to all default RCM objects. No admin rights except the rights that are associated with workflows, files, and folders.
RCM - All Permissions	Full R/W/D/A access to all default RCM objects. Full admin rights.
RCM - Subscriber	Read access to all default RCM objects. No admin rights exceptthe rights that are associated with workflows, files, and folders.

Views

Each object type has a set of predefined system views.

To see a list of views, click Settings > Solution Configuration > Views, and then click Include system views. To see only system views, type sysview in the Search box.

Workflows

Each solution includes predefined workflows.

To view a list of workflows, click Settings > Solution Configuration > Workflows.

For more information, see the following topics:

Questionnaires

Governance console includes predefined questionnaire templates.

AI Agent Onboarding Risk Identification: This questionnaire assessment is based on the AI Agent Onboarding Risk Identification questionnaire template. The assessment is used during the agent onboarding process to identify risks that are associated with the AI agent. The questions are independent of any specific use case and ask about the agent and its underlying model's training, inputs, and output behavior. This assessment is used in the AI Agent Onboarding workflow.
AI Model Onboarding Risk Identification questionnaire: This questionnaire assessment is based on the AI Model Onboarding Risk Identification questionnaire template. The assessment is used during the model onboarding process to help identify the risks that are associated with a model. This assessment is used in the Foundation Model Onboarding workflow.
AI Use Case Risk Identification questionnaire: This questionnaire assessment is based on the AI Use Case Risk Identification questionnaire template. This assessment is used to help identify the risks that are associated with AI use cases. This assessment is used in the Use Case Review workflow.
AI Use Case and Model Risk Identification questionnaire: This questionnaire assessment is based on the AI Use Case and Model Risk Identification questionnaire template. This assessment is used to help identify the risks that are associated with to the combination of an AI use case and a model. This assessment is used in the Use Case Development and Documentation workflow.
EU AI Act Applicability Assessment: The Applicability Assessment is based on the EU AI Act Applicability Assessment questionnaire template. This assessment enables clients to assess their AI uses cases by using a simple questionnaire that aids in determining whether a use case is in scope for the EU AI Act and which risk category the use case aligns to (Prohibited, High, Limited, Minimal).
AI Risk Identification Questionnaire: This questionnaire is no longer used. It is replaced by the AI Use Case Risk Identification questionnaire.

To see a list of questionnaire templates, click Primary menu icon > Assessments > Questionnaire templates.

Use case library

The use case library provides a parent entity for your AI use cases. The use case library is under the /Library/MRG/Use Case Library business entity. To view the use case library, click Primary menu > Inventory > Use Cases. Filter the grid to show the /Library/MRG/Use Case Library

Agent library

The Agent library provides a parent entity for your AI agents and agentic applications.

The library is under the /Library/MRG/Agent Library business entity. To view the library, click Primary menu > Inventory > AI Agents.

Foundation model library

The foundation model library provides a parent entity for your foundation models. The use case library is under the /Library/MRG/Foundation Models business entity.

If you use watsonx.ai, your models are added to Governance console under /Library/MRG/Foundation Models.

To view the use case library, click Primary menu > Inventory > Use Cases. Filter the grid to show the /Library/MRG/Foundation Models.

AI risk library

The risks from the AI risk atlas are available under the /Library/MRG/AI Risk Library business entity.

The predefined Risk Identification questionnaire assessment uses the AI Risk Library. You can also manually associate risks to use cases, models, and other objects.

To view the AI Risk Library, click Primary menu > Assessments > Risks. Filter the grid to show the /Library/MRG/AI Risk Library business entity.

The risks in the AI Risk Library are shown in a table.

Tool library

The Tool library provides a parent entity for your AI tools.

The library is under the /Library/MRG/Tool Library business entity. To view the library, click Primary menu > Inventory > AI Tools.

AI compliance plan library

The compliance plan library provides a parent entity for your compliance plans for AI. This library is provided with the watsonx.governance Regulatory Compliance Management solution.

The library is under the /Library/RCM/AI Compliance Plan Library business entity. To view the library, click Primary menu > Inventory > Compliance Plans. Filter the grid to show the /Library/RCM/AI Compliance Plan Library.