Glossary
Entries are sorted alphabetically. Each one carries a short definition and a cross-reference to the BAGF section where the concept is used in context.
Accountability
Section titled “Accountability”Every AI feature has a single named human who carries final responsibility for it. See: Pillar III §1.
Agentic AI / AI agent
Section titled “Agentic AI / AI agent”An AI system that can plan, use tools (call APIs, query databases), and chain decisions to complete a complex goal. See: Pillar IV §11.
Agentic Development Lifecycle (ADLC)
Section titled “Agentic Development Lifecycle (ADLC)”Bizzi’s five-stage process for taking an AI agent from design to production operation. See: Pillar IV §5–10.
Agentic observability
Section titled “Agentic observability”Real-time tracking of an agent’s reasoning trace, latency, and token usage. See: Pillar IV §14.
AI Center of Excellence (CoE)
Section titled “AI Center of Excellence (CoE)”Bizzi’s central AI engineering team. See: Pillar I §2, §6.
AI gateway
Section titled “AI gateway”The routing and security layer in front of LLMs, with automatic fallback routing. See: Pillar IV §9.
AI Governance Board
Section titled “AI Governance Board”The top-level body, composed of the CEO, CPTO, and Legal. See: Pillar I §3.
Audit trail
Section titled “Audit trail”An immutable record of every system action, traceable back to model version, dataset, and parameters. See: Pillar III §11.
Bias audit
Section titled “Bias audit”An assessment of whether a system discriminates against any defined group. See: Pillar III §2.
Change Data Capture (CDC)
Section titled “Change Data Capture (CDC)”Synchronises changes from OLTP to OLAP and vector stores in near real time. See: Pillar IV §1.
Circuit breaker
Section titled “Circuit breaker”See: Kill-switch.
an OLAP database
Section titled “an OLAP database”A columnar database used for OLAP workloads. See: Pillar IV §1.
Confidence score
Section titled “Confidence score”The model’s reported confidence in a result. surfaced through colour-coding in the UI. See: Pillar III §7.
Cost per transaction
Section titled “Cost per transaction”The cost KPI. AI cost per document processed. See: Pillar I §12.
Data card
Section titled “Data card”A document describing a dataset. source, size, and labelling methodology. See: Pillar III §6.
Data classification (four levels)
Section titled “Data classification (four levels)”Public / Internal / Confidential / PII. each level has its own handling rules. See: Pillar IV §2.
Data drift
Section titled “Data drift”The condition where production data distribution diverges from the training distribution. See: Pillar IV §10.
Data Protection Impact Assessment (DPIA)
Section titled “Data Protection Impact Assessment (DPIA)”A risk assessment for personal-data processing activities. See: Pillar II §8.
Data residency
Section titled “Data residency”The requirement that data be stored and processed within a defined jurisdiction. See: Pillar II §4.
Data Subject Access Request (DSAR)
Section titled “Data Subject Access Request (DSAR)”A request by an individual to access, correct, or delete their personal data. See: Pillar II §3.
Denial of wallet
Section titled “Denial of wallet”A DoS variant. an attacker forces the AI vendor to charge fees beyond budget. See: Pillar V §10.
Excessive agency
Section titled “Excessive agency”OWASP LLM08. an agent granted more agency than the task requires. See: Pillar V §9.
Extraction accuracy
Section titled “Extraction accuracy”The KPI for AI field-extraction accuracy. target greater than 99% for critical fields. See: Pillar I §12.
Fairness
Section titled “Fairness”The principle that an AI system does not produce unjustified disparate outcomes across protected groups. See: Pillar III §2.
Fine-tuning
Section titled “Fine-tuning”Additional training of a base model on domain-specific data.
Generative AI (GenAI)
Section titled “Generative AI (GenAI)”A class of AI capable of producing new content.
Groundedness
Section titled “Groundedness”The degree to which an AI answer is anchored in the supplied source documents. See: Pillar IV §7.
Grounded reasoning
Section titled “Grounded reasoning”The requirement that AI cite its sources when reaching a decision. See: Pillar III §10.
Hallucination rate
Section titled “Hallucination rate”The frequency with which an AI fabricates information not present in the source data. See: Pillar I §12.
Hub-and-spoke
Section titled “Hub-and-spoke”The governance model. a central CoE plus peripheral squads. See: Pillar I §2.
Human-in-the-loop (HITL)
Section titled “Human-in-the-loop (HITL)”The AI requires human approval before acting. See: Pillar III §3.
Human-on-the-loop (HOTL)
Section titled “Human-on-the-loop (HOTL)”The AI acts on its own. a human supervises and can intervene. See: Pillar III §3.
Inference
Section titled “Inference”The process of a trained model producing a prediction or response.
Input guardrail
Section titled “Input guardrail”A filter or scanner that runs on input before the LLM sees it. See: Pillar V §3.
Jailbreaking
Section titled “Jailbreaking”Bypassing an LLM’s safety constraints.
Kill-switch
Section titled “Kill-switch”The mechanism to cut every AI feature in an emergency while keeping the manual flow available. See: Pillar V §11.
Key Performance Indicator. Bizzi tracks STP rate, accuracy, hallucination rate, cost per transaction, and others. See: Pillar I §12.
an LLM observability platform
Section titled “an LLM observability platform”An observability platform for LLM and agentic workflows. See: Pillar IV §14.
LLM-as-a-judge
Section titled “LLM-as-a-judge”Using an independent LLM to score the output of another LLM. See: Pillar IV §7.
Machine learning (ML)
Section titled “Machine learning (ML)”A class of algorithms that learn from data rather than from explicit programming.
Model card
Section titled “Model card”A document describing a model’s purpose, training data, and limitations. See: Pillar III §6.
Model Context Protocol (MCP)
Section titled “Model Context Protocol (MCP)”An open standard that lets LLMs access system data safely. See: Pillar IV §12.
Model drift
Section titled “Model drift”Decline in model prediction quality over time. See: Pillar IV §10.
Multi-agent system (MAS)
Section titled “Multi-agent system (MAS)”An architecture in which multiple AI agents coordinate. See: Pillar IV §11.
Decree 13/2023
Section titled “Decree 13/2023”Vietnam’s Personal Data Protection Decree (Decree 13/2023/NĐ-CP). See: Pillar II §1, §3.
NIST AI RMF
Section titled “NIST AI RMF”The NIST AI Risk Management Framework. See: Appendix A.
Online Analytical Processing. systems designed for large-scale analytical queries. See: Pillar IV §1.
Online Transactional Processing. systems designed for high-frequency transactional workloads. See: Pillar IV §1.
OWASP Top 10 for LLMs
Section titled “OWASP Top 10 for LLMs”The list of the ten most common risks for LLM applications, maintained by OWASP. See: Pillar V §2.
Personally Identifiable Information (PII)
Section titled “Personally Identifiable Information (PII)”Data that identifies an individual. See: Pillar II §3.
PII redaction
Section titled “PII redaction”Removing or masking identifying data before processing or storage. See: Pillar II §3, Pillar V §7.
Post-Incident Review (PIR)
Section titled “Post-Incident Review (PIR)”The structured review conducted after an incident. See: Pillar I §11.
an OLTP database
Section titled “an OLTP database”The open-source relational database used for OLTP. See: Pillar IV §1.
Prompt injection
Section titled “Prompt injection”OWASP LLM01. An attack that inserts hidden instructions into the LLM’s input. See: Pillar V §3.
Prompt versioning
Section titled “Prompt versioning”Versioned prompt management. See: Pillar IV §6.
Population Stability Index (PSI)
Section titled “Population Stability Index (PSI)”A standard metric for distribution drift. See: Pillar IV §10.
Rate limiting
Section titled “Rate limiting”Per-tenant and per-IP quota enforcement. See: Pillar V §10.
Records of Processing Activities (ROPA)
Section titled “Records of Processing Activities (ROPA)”The inventory of personal-data processing activities. See: Pillar II §8.
Red team
Section titled “Red team”A team that simulates attacks to find weaknesses. See: Pillar I §10.
Retrieval-Augmented Generation (RAG)
Section titled “Retrieval-Augmented Generation (RAG)”Supplying an LLM with relevant documents before it generates a result.
Right to explanation
Section titled “Right to explanation”A data subject’s right to demand an explanation of an automated decision. See: Pillar III §12.
Role-Based Access Control (RBAC)
Section titled “Role-Based Access Control (RBAC)”Access control granted by role. See: Pillar V §9.
Sandbox
Section titled “Sandbox”An isolated environment that runs untrusted code. See: Pillar V §8.
Severity levels (SEV1–4)
Section titled “Severity levels (SEV1–4)”The incident severity scale. See: Pillar I §11.
Shadow mode
Section titled “Shadow mode”A new model runs in parallel but does not return results to the user. See: Pillar IV §8.
Standards alignment
Section titled “Standards alignment”The mapping to ISO/IEC 42001, NIST AI RMF, EU AI Act, OWASP LLM Top 10, and Decree 13/2023. See: Appendix A.
Straight-Through Processing (STP) rate
Section titled “Straight-Through Processing (STP) rate”The KPI for the share of transactions processed by AI without a human touch. Target greater than 85%. See: Pillar I §12.
Sub-processor
Section titled “Sub-processor”A third party that processes data on behalf of the primary processor. See: Pillar II §9.
Temperature
Section titled “Temperature”The LLM parameter that controls randomness.
Token inheritance
Section titled “Token inheritance”The pattern where an agent inherits the user’s access token. there is no super-admin. See: Pillar V §9.
Traceability
Section titled “Traceability”The ability to trace a decision or result back to its origin. See: Pillar III §11.
Training data poisoning
Section titled “Training data poisoning”OWASP LLM03. corruption of the training dataset. See: Pillar V §4.
Transparency report
Section titled “Transparency report”The quarterly customer report covering KPIs, incidents, and model changes. See: Pillar I §13.
Vector database
Section titled “Vector database”A database specialised for storing embeddings for similarity search. See: Pillar IV §1.
Vector embedding
Section titled “Vector embedding”A numerical representation of text or images in a high-dimensional space.
Vendor risk management
Section titled “Vendor risk management”The discipline of evaluating and monitoring third-party risk. See: Pillar II §6.
WCAG 2.2 AA
Section titled “WCAG 2.2 AA”Web Content Accessibility Guidelines. the accessibility standard Bizzi adopts. See: Pillar III §4.
Zero data retention
Section titled “Zero data retention”A vendor commitment not to retain Bizzi data after processing. See: Pillar II §6.