Inter-Pillar Interfaces

A to B: Entitlement definitions and runtime policy decisions consumed by retrieval enforcement points.

B to A: Retrieval coverage gaps, prompt-injection-induced bypasses, and ungoverned access paths identified during Pillar B operations surfaced back to Pillar A for policy correction and control-plane hardening.

A to C: Policy definitions for read, transform, and reveal rules plus clearance tiers consumed by abstraction output governance.

C to A: Abstraction tier compliance gaps, seal-break events, and overexposure patterns surfaced back to Pillar A for policy refinement and tier model evolution.

A to D: Policy version metadata, entitlement baselines, and credential or access change events consumed by Pillar D for anomaly detection and SOC workflows.

D to A: DLP violations, abuse patterns, red-team findings, and DSPM discoveries used by Pillar A to adjust entitlements, segmentation, and technical controls—the core technical feedback loop from operations to policy.

A to E: Implementation status, coverage metrics, and certification results for identity and authorization policies consumed by E-AIG for AI risk assessment and reporting.

E to A: Governance decisions, control objectives, and prohibited use cases translated into specific policy-engine rules, IGA roles, and technical constraints in Pillar A.

B to D: Retrieval audit logs—who retrieved what, from which corpus, using which policy version—consumed by SIEM, DLP, and anomaly detection.

D to B: Retrieval-scope anomalies, prompt-injection-derived bypasses, and data exfiltration patterns used to tune retrieval filters, corpus partitioning, and hardening in Pillar B, in parallel with D’s technical feedback to Pillar A.

B to E: Retrieval coverage reports, ungoverned AI access paths, and corpus risk profiles provided to Enterprise AI Governance for inclusion in the AI risk register and use case decisions.

E to B: Governance directives on which corpora may be used for which AI use cases, jurisdictions, and tenants, typically expressed via Pillar A policy or GRC workflows that then drive changes in Pillar B configuration.

C to D: Output classification, clearance tiers, and redaction actions for each AI response provided to DLP, SIEM, and disclosure logs.

D to C: Output DLP violations, disclosure anomalies, and abuse patterns used to refine abstraction schemas, redaction rules, and seal-break handling in Pillar C, alongside D’s technical feedback to Pillar A.

C to E: Abstraction tier compliance, seal-break events, and disclosure patterns reported to E-AIG for AI risk reporting and policy review.

E to C: Governance decisions on acceptable abstraction tiers, redaction defaults, and disclosure constraints that shape Pillar C schemas, filters, and escalation rules, usually implemented via Pillar A policies and governance-aligned design guidelines.

D to E: AI security incident summaries, DLP trends, red-team results, and operational risk metrics delivered to Enterprise AI Governance for AI risk register updates and board-level reporting.

E to D: Governance-defined AI risk tiers, escalation thresholds, and reporting expectations that shape alert severity, playbooks, and SOC workflows in Pillar D.