KYE Production Action Authority Pack™ for AI SRE, incident & production actions.
When an AI SRE agent drafts a mitigation, proposes a rollback, assembles a hotfix, or recommends an infra-change and that fix starts to move from being found toward being applied to a running production system, the consequential moment has arrived. The KYE Production Action Authority Pack™ governs that action boundary: it binds every consequential action to a named SRE's or change-owner's delegated authority, records the change-class due diligence before the action, holds the action advisory until a named engineer signs off — with two-person sign-off on the irreversible rollback, hotfix, or infra-change — and seals it into a replay-provable provenance record. Autoheal finds the fix; KYE Protocol™ proves the fix had authority. KYE Protocol™ governs whether the action may proceed — it does not detect the incident, perform root-cause analysis, monitor the system, or judge whether the fix is technically correct.
AI now drives production fixes — and the rollback / hotfix deploy is the irreversible action where accountability concentrates.
Autoremediation copilots, incident-intelligence agents, and AI SRE assistants are producing fixes that move quickly toward the running system — a rollback applied, a hotfix deployed, an infra-change committed, an alert suppressed. The high-value problem is not finding the fix — it is the action boundary. Three facts converge:
- The consequential moment is the apply, the rollback, and the deploy — not the recommendation. A fix in a model's output is inert; a rollback applied, a hotfix deployed, or an infra-change committed is consequential. The rollback / hotfix is irreversible — a customer-facing change to a running system that cannot be cleanly unwound. SRE and change-owner accountability attaches at the moment an action proceeds — exactly where governance is weakest.
- The change-management standards already exist; the enforcement of authority does not. ITIL 4 change enablement, ISO/IEC 20000-1.5.1, NIST 800-53 CM-3 configuration change control, SOC 2 CC8.1, and Google SRE change-management practice define what is required. KYE Protocol™ governs whether an AI-driven production action may proceed under those standards, under whose authority, with change-class due diligence recorded before the action.
- Provenance is now an audit and change-board expectation. A rollback applied under a NIST 800-53 CM-3 control, a change recorded for a SOC 2 CC8.1 review, and a deploy that must be reconstructable each demand documented data integrity and lineage. KYE Protocol™ produces a signed, replay-derivable provenance pin at the moment the action commits.
- This is a governance wedge, not an incident engine. KYE Protocol™ does not compete with the incident-detection, RCA, or autoremediation tools (Autoheal / PagerDuty / Datadog). It governs the action boundary they feed — the named-authority + due-diligence + two-person sign-off + provenance layer the AI SRE ecosystem currently lacks. Autoheal finds the fix; KYE Protocol™ proves the fix had authority.
Survives an auditor, a change-board review, or an incident post-mortem — due-diligenced, two-person-signed-off, and derivable from public keys alone.
- Due-diligenced by construction. An AI-generated production action that moves toward an apply, rollback, or deploy must carry a recorded change-class due-diligence result — a change-classification (standard / normal / emergency), a blast-radius / impact-and-rollback-plan assessment (NIST 800-53 CM-3/CM-4; Google SRE rollback-readiness), and a safety-floor / freeze-window / dependency screen where applicable. An unscreened, high-blast-radius, freeze-window, or rollback-plan-absent action is refused at the action-admissibility gate.
- Sign-off-gated, two-person on the irreversible change. An action stays advisory until a named on-call SRE, incident commander, or responsible change-owner records sign-off. The irreversible / high-blast-radius rollback / hotfix / infra-change additionally requires GovernedUI two-person sign-off — the proposing engineer and an approving change-owner. Unreviewed AI-driven consequential actions are refused and routed dual-channel.
- Authority-bound with delegation. Every consequential action maps to a recorded named-authority decision — the agent, the proposed action artefact, the intended action class, and the named SRE or change-owner under whose delegated authority it proceeds. An AI authorised for one action class cannot proceed under another.
- Replay-provable provenance. A signed provenance pin binds the model and version, the pinned incident signals, the change class and rollback plan, the due-diligence result, and the authority outcome — audit-grade data integrity an auditor, a change-board, or an incident reviewer can verify offline, against published keys alone, satisfying NIST 800-53 CM-3 change records and SOC 2 CC8.1 evidence.
- Framework-anchored. ITIL 4 change enablement, ISO/IEC 20000-1, NIST 800-53 CM, SOC 2 CC8, and Google SRE change management each map to a control row — with a 90-day attestation cadence.
Every consequential production action — authority-bound at the action boundary.
One coherent spine governs three specializations — incident-mitigation, change-deployment, and alert-and-comms — with no parallel packs. Each AI-driven action that moves toward a consequential effect flows through the same four rules, on the canonical KYE Protocol™ envelopes. You can walk it on four synthetic mitigations in the rollback-authority sandbox demo.
- 1 — Mitigation proposed. An incident-intelligence tool (Autoheal / PagerDuty / Datadog) detects the incident, performs RCA, and proposes a fix; an AI SRE agent produces a mitigation, rollback, hotfix, or infra-change that begins to move toward being applied. KYE Protocol™ does none of the detection or diagnosis.
- 2 — Due diligence + authority check. The Action Admissibility™ Gate verifies a recorded change-class due-diligence result (change-class + blast-radius / rollback-plan + safety-floor / freeze-window screen) and resolves the named-authority and delegation under which the action proceeds, under the §25 Edge Governance Safety Floor. No due diligence, no authority = no action.
- 3 — Advisory pending sign-off. The action is advisory until a named on-call SRE, incident commander, or change-owner records sign-off — with two-person sign-off (engineer and change-owner) required on the irreversible rollback / hotfix / infra-change. Low-confidence or unreviewed actions are refused and routed dual-channel.
- 4 — Provenance pin sealed. The runtime emits kye.purpose.request.v1 + kye.purpose.admissibility.v1 + kye.evidence.decision_map.v1 + kye.evidence.pack.v1 in lockstep, binding the model and version, the pinned incident signals, the change class and rollback plan, the named signing engineer, and the Authority Finality™ outcome — signed and replay-derivable for an auditor, a change-board, or a post-mortem.
Bound to the AI production-action authority + due-diligence + provenance perimeter.
The pack binds the canonical KYE™ artefact set to the change-management and SRE standards perimeter. Every claim resolves to a control row on the bound framework — the five frameworks are consumed by the rule pack, never re-mapped, and coverage is never inflated: KYE Protocol™ governs only the runtime-authority-resolvable subset, and the incident-detection / RCA / monitoring substance is honestly out of scope.
| Framework | Control area | Pack coverage |
|---|---|---|
| ITIL 4 Change Enablement | Change authority & assessment before deployment | partial |
| ISO/IEC 20000-1 (.5.1) | Change management — authorization & change records | partial |
| NIST 800-53 CM | CM-3 configuration change control + CM-4 impact analysis (blast radius) | partial |
| SOC 2 CC8 | CC8.1 change authorization & evidence | partial |
| Google SRE Change Mgmt | Progressive-rollout authority & rollback readiness | partial |
Honest scope. KYE Protocol™ governs the authority, due diligence, sign-off, and provenance of the AI-driven production action at the action boundary — whether the action may proceed. It does not detect the incident, perform root-cause analysis, monitor the system, run the autoheal engine, or judge whether the fix is technically correct — that substance is ceded to the incident-intelligence tools (Autoheal / PagerDuty / Datadog), complement-not-compete. Partial coverage means the bound surface satisfies the control area when paired with the team’s own detection, diagnosis, and execution tooling.
Qualified AI SRE / DevOps partners — apply through the Foundry.
The KYE Production Action Authority Pack™ is a §68 sector product productised through the KYE Sector Pack Foundry™ Build tier across three commercial tiers (Starter / Enterprise / Regulated); commercial distribution is value-based, qualification-gated, and disclosed under NDA to qualified applicants.