Overview: Governance

In enterprise, speed without control is a liability. Arkham's Governance framework is engineered to provide both. It is not a separate, bolted-on feature; it is woven into the fabric of every component to provide the security, visibility, and control needed to manage complex data and AI workflows with confidence.

Our approach is built on three pillars: Resource Organization & Permissions, Operational Monitoring, and Infrastructure Security. Together, they ensure that the right people have the right access to the right resources, with a complete audit trail of all activities. This is how our platform enables you to innovate quickly while giving security and operations teams the peace of mind they require.

Our Governance settings, where you can manage team members and assign roles to ensure secure, purpose-based access control.

Arkham's Three Pillars of Enterprise Governance

This diagram illustrates Arkham's three pillars of governance, which combine to create a secure, auditable, and controlled environment for all data and AI workflows.

• Purpose-Based Access Control: Our foundational element of governance in Arkham is the Project. It is a collaborative workspace that groups resources for a specific business initiative. While project membership provides a baseline of access, Arkham's Access Control Lists (ACLs) enable granular permissions to be set on individual resources—from data assets to AI models. This ensures users have precisely the access they need, adhering to the principle of least privilege while maintaining the organizational benefits of a project-based workflow.
• Operational Monitoring: Arkham provides granular, real-time visibility into all data and AI jobs through our Pipeline Monitoring service. Every execution is tracked with a unique ID, and detailed logs are securely stored and auditable. This is crucial for debugging, ensuring operational excellence, and providing a complete audit trail.
• Infrastructure Security: Each client is provisioned with their own dedicated AWS account, providing the highest level of resource and data isolation and configured from the ground up with security best practices like VPC isolation and encryption at rest and in transit.

Core Components

Our Governance framework is comprised of two core components that provide the foundation for secure and auditable work.

• Projects: Our core workspace for organizing resources and managing Purpose-Based Access Control.
• Pipeline Monitoring: Your tool for ensuring operational excellence and auditing all data and AI pipeline executions.

Core Concepts

Builder's Journey: A Governed Experience

Governance in Arkham is not an obstacle; it's a guardrail that makes it safe to move fast. For a builder, the experience is seamless and secure by default.

• Start in a Project: A builder is invited to or creates a Project, which acts as their centralized, secure workspace for a specific initiative.
  
• Permissions are Set: They are granted a role (Viewer, Editor, or Owner) at the Project level. This role provides a baseline of access to resources within the project. For more restrictive access, granular permissions can be applied to individual assets, ensuring builders have exactly the permissions they need—no more, no less.
• Work with Confidence: As they build pipelines or train models, all actions are automatically scoped to their Project and logged in our Pipeline Monitoring. If a pipeline fails, they are notified automatically. This creates a secure, transparent, and efficient environment to get work done.

Related Capabilities

• Projects: Our core workspace for organizing resources and managing permissions.
• Pipeline Monitoring: Your tool for ensuring operational excellence and auditing pipeline executions.
• Data Catalog: Our central registry where data is classified and access is controlled.
• TARS: Our AI co-pilot that inherits and respects all user permissions defined in our governance model.