System Boundaries & Non-Goals
Explicit declaration of what Govula does and does not do, defining the platform's operational scope.
This section is intended for: Technical Team, Auditor, Management. Unauthorised access is restricted.
Formal Boundary Declaration
This document is a formal boundary declaration. It exists to prevent over-promise, audit ambiguity, or security misrepresentation. All claims in Govula documentation and reports are bounded by the declarations in this document.
1. Purpose of This Declaration
Regulatory and audit environments require clarity about what a system claims to do. Ambiguity in system scope can lead to over-reliance, misrepresentation during audits, or security assumptions that the platform was never designed to fulfil.
This document defines Govula's operational boundaries explicitly. It declares what the platform does, what it does not do, and where human authority is required. These boundaries are referenced by all governance documentation and enforced at the application level.
2. What Govula Does
Govula provides the following capabilities within its declared operational scope:
- Maintains a Living Statement of Applicability (SoA) with point-in-time versioning
- Manages evidence lifecycle with quality tracking, lineage, and integrity verification
- Generates audit-grade documents with canonical eight-section structure
- Enforces governance through structured decision workflows with separation of duties
- Provides controlled disclosure via workspace binding and audience governance
- Offers AI-powered analysis, narrative generation, and compliance recommendations
- Tracks compliance drift and control health with automated detection and alerting
3. Explicit Non-Goals
The following capabilities are explicitly outside Govula's operational scope. The platform does not provide, claim to provide, or substitute for these functions:
- NOT a continuous monitoring system (SIEM) — Govula does not ingest real-time security events, correlate log streams, or provide security event alerting
- NOT an auto-remediation engine — the platform does not automatically fix security issues, patch systems, or deploy corrective measures
- NOT a security analytics dashboard — Govula does not perform threat intelligence, attack surface mapping, or security posture scoring
- NOT a vulnerability scanner — the platform does not scan infrastructure, applications, or networks for vulnerabilities
- NOT a ticketing or incident management system — Govula does not manage service desk tickets, incident response workflows, or SLA tracking
- NOT a penetration testing tool — the platform does not perform offensive security testing, exploit validation, or attack simulation
4. AI Authority Boundary
Govula includes AI-powered components that support compliance operations. The authority of these AI components is strictly bounded to ensure that human judgement remains the final authority on all governance and compliance matters.
AI May
- Analyse evidence and identify gaps
- Generate compliance narratives and rationale
- Recommend actions and remediation steps
- Score evidence quality and confidence
AI Cannot
- Approve governance decisions
- Sign or certify documents
- Publish reports or modify governance state
- Override human compliance determinations
All AI outputs require human review before becoming authoritative. AI-generated content is classified at the ADVISORY or CONTEXTUAL truth level until elevated by human decision.
5. Automation Scope
Govula includes scheduled workflows that automate routine compliance operations. The scope of automation is strictly bounded to ensure that human authority is maintained over all compliance-affecting actions.
Automation Does
- Generate SoA documents on schedule
- Create compliance reports at defined intervals
- Detect compliance drift and alert stakeholders
- Track evidence expiry and quality degradation
Automation Does Not
- Take corrective action on detected drift
- Modify control status or compliance determinations
- Change governance state without human approval
- Publish or distribute reports without authorisation
6. Framework Scope
Each workspace within Govula is bound to a single compliance framework. This binding is a fundamental architectural constraint that ensures clarity of scope and prevents cross-framework contamination in compliance outputs.
- Single framework binding — each workspace operates under exactly one compliance framework (e.g., ISO 27001, SOC 2, NIST CSF)
- Multi-framework operations — organisations requiring multiple frameworks must maintain separate workspaces with explicit governance bindings for each
- Cross-framework evidence — evidence may be referenced across workspaces for efficiency, but compliance determinations remain workspace-specific and cannot be inherited
7. Enforcement
The boundaries declared in this document are not aspirational — they are enforced at the application level through the Production Truth Envelope. This enforcement mechanism ensures that the platform cannot operate outside its declared scope.
Enforcement Mechanisms
- Truth EnvelopeThe Production Truth Envelope validates all operations against declared boundaries before execution
- Violation LoggingBoundary violations are logged to the immutable audit trail with full context and actor attribution
- Scope BlockingCapabilities that exceed declared scope are blocked at the API level, not merely hidden from the UI
- Runtime ValidationSystem capabilities are validated against this boundary declaration at startup and during operation
8. Document Control
This boundary declaration is a governed document. Changes to declared boundaries require BINDING_GOVERNANCE_DECISION class approval and are subject to the change and amendment rules defined in the Governance Constitution.