Spanda’s Operational Governance Framework extends the platform with abstractions for how autonomous systems are designed, validated, deployed, operated, audited, and maintained — without becoming a generic GRC product or a repository of regulatory text.
Disclaimer: Spanda provides governance abstractions and validation mechanisms. It does not provide legal or regulatory advice.
The spanda-governance crate (crates/spanda-governance/) implements:
| Responsibility | Integration |
|---|---|
| Standards awareness | StandardsProfileRef via packages/plugins |
| Compliance validation | Composes with spanda-compliance, spanda-readiness, spanda-trust |
| Deployment governance | DeploymentProfile + entity metadata |
| Operational policies | GovernancePolicyRef (versioned, signed, auditable) |
| Certification tracking | Independent lifecycle from health |
| Risk assessment | OperationalRisk influencing decision/recovery |
| Audit support | spanda-audit + evidence export |
| Human accountability | HumanAccountability on missions/deployments |
spanda.governance.toml → ResolvedSystemConfig → EntityRegistry
↓
EntityGovernanceMeta
↓
spanda-governance::evaluate_entity_governance
↓
CLI / REST / SDK / Control Center governance views
Governance does not duplicate readiness, assurance, trust, or health engines. It composes them through the unified entity model and validation orchestration.
Every EntityRecord may expose optional governance via
governance: Option<EntityGovernanceMeta>:
Configure system-wide defaults in spanda.governance.toml (auto-loaded when present, or via
[config] governance = "spanda.governance.toml"). Override per-robot in device tree metadata.
spanda compliance check [--strict] [--entity <id>] [--json]
spanda governance validate [--strict] [--json]
spanda governance report [--json]
spanda certification list|inspect|report [entity-id] [--json]
spanda deployment profile [name] [--json]
spanda deployment verify [--strict] [--json]
spanda risk report [--json]
| Method | Path | Description |
|---|---|---|
| GET | /v1/governance |
Framework summary |
| GET | /v1/compliance |
Compliance posture summary |
| POST | /v1/compliance/check |
Run compliance check |
| POST | /v1/governance/validate |
Validate governance configuration |
| GET | /v1/certifications |
List entity certification records |
| GET | /v1/deployment-profiles |
List or fetch deployment profile |
| GET | /v1/risk |
Operational risk rollup |
| GET | /v1/certifications/report |
Certification report |
| POST | /v1/deployment/verify |
Deployment verification |
| GET | /v1/governance/policies |
Policy assignments + audit |
| POST | /v1/governance/policies/assign |
Assign/sign policy to entity |
| GET | /v1/governance/audit |
Governance audit history |
| GET | /v1/governance/accountability |
Responsible owners |
| PUT/POST | /v1/governance/accountability |
Update owners / contacts / approval chain (entity overlay) |
| POST | /v1/governance/policies/detach |
Detach a policy assignment |
Live decision authorization (authorize_action / distributed decision engine) loads entity
governance from the project config and entity overlay. High/life/mission-critical risk and
manual/assisted autonomy require human approval for non-reflex actions; emergency stop and other
safety actions remain permitted.
| RPC | REST parity |
|---|---|
GetGovernance |
GET /v1/governance |
GetCompliance |
GET /v1/compliance |
CheckCompliance |
POST /v1/compliance/check |
ValidateGovernance |
POST /v1/governance/validate |
ListCertifications |
GET /v1/certifications |
ListDeploymentProfiles |
GET /v1/deployment-profiles |
GetDeploymentProfile |
GET /v1/deployment-profiles?name= |
GetOperationalRisk |
GET /v1/risk |
Rust, Python, and TypeScript SDKs expose dedicated clients:
GovernanceClient — framework summary, validateComplianceClient — summary, checkCertificationClient — list certificationsDeploymentProfileClient — list/get profilesRiskClient — risk summaryThe Governance tab (Governance & config group) shows deployment profiles, compliance validation, certification status, operational risk, and accountability fields.
./scripts/operational_governance_smoke.sh
SPANDA_GOVERNANCE_SKIP_SOAK=1 ./scripts/operational_governance_stable_promotion_gate.sh
See stable-hardening-operational-governance.md.