Enterprise Knowledge Architecture · TOGAF ADM · GCP · EU AI Act

The organisational knowledge graph is the most valuable and least governed data asset in the enterprise. It has no schema, no owner, no SLA, and no recovery plan. Left unstructured, knowledge behaves like entropy — it diffuses, degrades, and becomes irrecoverable across geographies, roles, and incentive boundaries. This is a value stream obstruction with measurable downstream cost, and it has a structural, architectural solution.

KnowledgeFlow is a four-layer agentic and generative AI architecture — experience, orchestration, intelligence, and infrastructure — designed to instrument, govern, and accelerate enterprise knowledge flow at regulated-industry scale. Every agent decision is explainable. Every human checkpoint is intentional. Every access policy is auditable. Deployed on Google Cloud Platform, governed by TOGAF ADM Phases A–H, and compliant by structural design with GDPR and the EU AI Act.

20%
of the knowledge worker week consumed by information search — one full day, every week, per employee
Note: Pre-GenAI baseline; current productivity tooling may reduce this figure. See M-1 discussion.
$47M
annual loss per large US firm from unrealised innovation — knowledge that existed but could not be found
35%
productivity reduction attributable to poorly governed knowledge in enterprise settings
$1.3T
annual value unlockable across four sectors by closing the enterprise knowledge gap
Citation methodology: All primary statistics are drawn from original research reports. Where a Gartner or Forrester figure is used, the report title, year, and document ID are cited directly — not via secondary aggregators. Statistics dated before 2020 are flagged with their collection year and a note on applicability to the current deployment context.
Domain analysis

The problem is universal. The failure mode is industry-specific.

Knowledge hoarding and siloing manifest as structurally distinct failure patterns across verticals — but the root cause and the architectural remedy are invariant.

Management Consulting
Meridian Consulting Group — the anchor pattern
12,000 consultants across 40 offices and 6 continents operate as independent revenue centres. Methodology, client relationship intelligence, and engagement learnings are treated as personal competitive assets — not organisational ones. Knowledge graphs are implicit, unstructured, and non-transferable.
Cost vector: Billable-hour duplication, onboarding latency, methodology rework. A single partner departure can place $4–8M in annual recurring revenue at structural risk. (Deloitte Insights, 2019)
Healthcare & Pharma
Clinical and R&D knowledge bounded by system topology
Diagnostic protocols, pharmacovigilance learnings, and trial outcomes are distributed across departmental systems with no shared ontology and no cross-boundary retrieval capability. Historical negative results are routinely lost — teams re-run failed hypotheses because failure data was never surfaced.
Cost vector: 46% of product development delays stem from inaccessible knowledge (Innovation Research Interchange, 2023). R&D cycle duplication routinely costs $10–50M per programme.
Manufacturing & Supply Chain
Tacit operational knowledge with no capture architecture
Process calibration heuristics, failure pattern recognition, and supplier negotiation intelligence exist exclusively as tacit knowledge in the minds of senior engineers. There is no capture mechanism, no transfer protocol, and no recovery path when those individuals retire.
Cost vector: 30% of senior engineers projected to retire within 5 years (Society of Manufacturing Engineers, 2023). Each departure is a permanent, unrecoverable node deletion from the organisational knowledge graph.
Technology & Software
Architecture decisions undocumented, context non-persistent
System design rationale, failure post-mortems, and dependency context live in ephemeral communication channels — Slack threads, meeting recordings, individual memory. Architecture decisions are made without access to the full decision history.
Cost vector: 30% of developers encounter knowledge silos adversely affecting delivery 10+ times weekly (StackOverflow Developer Survey, 2024). Engineering velocity loss from context reconstruction is real but structurally invisible to leadership.
Stakeholder analysis

Four behavioural archetypes. One systemic failure state.

These are not personality types — they are emergent behaviours produced by the absence of a governing knowledge architecture.

SE
The Siloed Expert
Senior Principal · 14 years tenure
Possesses high-value tacit knowledge with no externalisation mechanism. Receives 15+ asynchronous knowledge requests weekly with no triage or routing system. Acts as a single-threaded knowledge bottleneck.
Anti-pattern: knowledge-as-leverage behaviour. Expertise is withheld as a scarcity signal because no incentive structure rewards externalisation. The equilibrium is individually rational and organisationally destructive.
BJ
The Blocked Junior
Analyst · 18 months tenure
Spends 30–40% of productive capacity on information discovery — searching systems with no shared ontology, interrupting SMEs, and reconstructing context that exists elsewhere in the organisation but is architecturally inaccessible.
Anti-pattern: repeated cold-start problem. Each new assignment begins from near-zero context because knowledge from prior analogous work is not surfaceable. Onboarding productivity loss extends 6–12 months beyond its structural minimum.
CO
The Compliance Officer
Head of Regulatory Affairs · EU-based
Cannot demonstrate data lineage for regulatory submissions. Cannot audit which knowledge nodes informed which decisions. Cannot execute a GDPR right-to-erasure request against a knowledge graph with no governance layer.
Anti-pattern: governance retrofitted post-deployment. AI systems are deployed without HITL checkpoints or audit trails, then compliance obligations arrive and cannot be satisfied by design — only by costly remediation.
CX
The CTO / CKO
Chief Technology / Knowledge Officer
Has deployed multiple knowledge management tools — SharePoint, Confluence, Guru, Notion — with near-zero sustained adoption. Can identify the cost of knowledge silos qualitatively but cannot quantify it to the CFO with the precision required to justify capital expenditure.
Anti-pattern: tooling-first approach without architectural grounding. Each deployment addresses the symptom — information retrieval — without the structural cause: absence of a governed, schema-defined, incentive-aligned knowledge architecture.
D1 · TOGAF ADM Phase A · ArchiMate 3.2 Motivation Aspect

Business Motivation Model — architectural foundations

Every design decision in KnowledgeFlow traces to this artefact. Drivers inform assessment. Assessment informs goals. Goals constrain principles. Principles govern every subsequent architectural choice through ADM Phases B–H.

D1 — Business Motivation Model
ArchiMate 3.2TOGAF ADM Phase AMeridian Consulting Group
DRIVERS ASSESSMENT GOALS PRINCIPLES Knowledge hoarding Incentive misalignment Geographical silos Regulatory access barriers Expertise attrition Silver tsunami · retirement Regulatory pressure GDPR · EU AI Act enforcement Strength: GCP + GenAI maturity reduces implementation risk Weakness: Cultural resistance · absence of sharing incentives Opportunity: $900B–$1.3T unlockable value (McKinsey MGI, 2012) Threat: EU AI Act non-compliance · data sovereignty violations Democratise access to the knowledge graph Preserve tacit expertise before node deletion Enforce access equity geo · role · group · sensitivity Comply by design GDPR · EU AI Act · HITL Security by design not by bolt-on Human oversight at every agent decision gate Cost governs architecture not the other way around Explainability mandatory every inference is traceable Platform-native first GCP managed over DIY Data minimisation capture only what is needed IaC immutability Terraform · GitOps · no snowflakes Driver Assessment Goal Architecture principle ArchiMate 3.2 · Motivation Aspect · TOGAF ADM Phase A
Architectural proposition · TOGAF ADM Phase B–D

Four-layer reference architecture

KnowledgeFlow is decomposed into four strict layers — each independently deployable, independently scalable, and independently governable. Layer boundaries are service interfaces, not logical groupings.

LAYER 1
Experience & UI
The interaction surface — natural language query, graph visualisation, access policy configuration, and HITL review workflows. Role-scoped, geo-filtered, and audit-transparent by design.
React / Next.js SPAApigee X gatewayIdentity-Aware ProxyCloud CDN
LAYER 2
Agent orchestration
Multi-agent topology coordinated by LangGraph on Vertex AI Agent Builder. Agents are specialised with defined tool contracts, observable state transitions, and explicit failure modes per agent node.
Vertex AI Agent BuilderLangGraph 0.2.xGemini 1.5 ProPub/Sub · Dataflow
LAYER 3
ML, MLOps + intelligence
Knowledge graph store, embedding generation (text-embedding-004, multilingual), vector retrieval, model registry, drift detection, and RLHF feedback loops with defined reward model and calibration protocol.
Neo4j Aura EnterpriseVertex AI SearchVertex AI PipelinesBigQuery · Dataplex
LAYER 4
Infrastructure
GCP-native, Terraform-managed, GitOps-driven. VPC Service Controls enforce data perimeter. IAM + OPA enforce access policy. Chronicle SIEM provides the compliance audit trail. Single-tenant per enterprise client.
Terraform 1.7.xGKE AutopilotVPC Service ControlsChronicle SIEM
C4 Model · Level 1 — System Context

C4-L1: System context — KnowledgeFlow in the enterprise landscape

The System Context diagram positions KnowledgeFlow relative to its users, external systems, and the enterprise boundary. All interfaces are described with protocol, data classification, and trust zone. (Simon Brown, C4 Model, 2018)

C4-L1 — System Context Diagram
C4 Model L1TOGAF Phase DEnterprise boundary
ENTERPRISE BOUNDARY — Meridian Consulting Group KnowledgeFlow [Software System] Enterprise knowledge graph + agentic retrieval on GCP Knowledge Worker NL query, graph explore HITL Reviewer Approves, edits, rejects DPO / Compliance GDPR DSR, audit trail HTTPS/REST · OAuth2 HTTPS · HITL UI HTTPS · DSR API Google Workspace [External System] Drive, Docs, Meet transcripts CRM (Salesforce) [External System] Client + engagement data HRIS (Workday) [External System] Person data, org structure Chronicle SIEM [GCP System] Immutable audit log store Identity Provider [External System] Google Workspace SSO / SAML Pub/Sub push · OAuth2 REST connector · API key SCIM 2.0 · TLS 1.3 gRPC · audit events SAML 2.0 · IAP KnowledgeFlow system External data source GCP compliance system User / persona
C4 Model · Level 2 — Container Diagram

C4-L2: Container diagram — deployable units and their relationships

Each container is a separately deployable process or data store. Trust zones, network boundaries, and data classification are explicit. Multi-tenancy model: single-tenant per enterprise client — each client receives an isolated GCP project with dedicated Neo4j Aura instance, VPC, and CMEK key ring. Cross-tenant access is structurally impossible by project boundary design.

C4-L2 — Container Diagram · Single enterprise tenant
C4 Model L2TOGAF Phase DSingle-tenant per client
GCP PROJECT — [client-id].knowledgeflow.gcp — VPC: 10.0.0.0/16 · VPC Service Controls perimeter LAYER 1 — EXPERIENCE (subnet: 10.0.1.0/24) Next.js SPA [Container: SPA] Cloud CDN · IAP Apigee X Gateway [Container: API GW] AuthN/Z · rate limit · TLS HITL Review UI [Container: SPA] Reviewer queue · approve/reject LAYER 2 — AGENT ORCHESTRATION (subnet: 10.0.2.0/24 · GKE Autopilot) Ingestion Agent [GKE Pod · Pub/Sub] Extract · validate MDM resolve Policy Agent [GKE Pod · OPA] RBAC + ABAC Rego evaluation Retrieval Agent [GKE Pod · LangGraph] Cypher + ANN hybrid Re-rank · merge Synthesis Agent [GKE Pod · Gemini] Grounded generation Source attribution Audit Agent [GKE Pod · Chronicle] Event emission Immutable log HITL Gate [LangGraph Interrupt] Confidence threshold Human intercept · EU AI Act 14 LAYER 3 — INTELLIGENCE (subnet: 10.0.3.0/24) Neo4j Aura Enterprise [Graph DB · v5.x] Ontology-governed graph 1 instance per tenant Vertex AI Search [Vector Index · ANN] text-embedding-004 Multilingual · MTEB top-5 Vertex AI Pipelines [MLOps · KFP v2] RLHF · drift detect A/B gate · rollback BigQuery + Dataplex [Analytical store] Lineage · audit tables CMEK · column security Vertex Model Registry [Model store · versioned] Training lineage · metrics Bias eval gate · EU AI Act 15 LAYER 4 — INFRASTRUCTURE VPC Service Controls Data perimeter · no exfil Cloud KMS (CMEK) Customer-managed keys GKE Autopilot Workload Identity · Spot Chronicle SIEM 24mo hot · YARA-L rules Terraform + Cloud Build IaC · GitOps pipeline OPA Policy Engine Rego · RBAC+ABAC · v0.60 MULTI-TENANCY MODEL: One GCP project per enterprise client. No shared Neo4j instance. Tenant isolation by GCP project boundary + VPC Service Controls. Client key ring in Cloud KMS ensures cryptographic isolation.
Architecture Decision Records · ADM Phase H

ADRs — six decisions, their rationale, and the alternatives rejected

Each ADR records: the context, the decision, the alternatives considered, and the consequences. ADRs are the evidence artefacts for TOGAF Phase H governance gate reviews.

ADR-001LangGraph for agent orchestration over custom FSM
ContextMulti-agent pipeline requires observable state transitions, conditional routing, and first-class interrupt nodes for HITL. Custom finite state machines are ad hoc and hard to audit.
DecisionUse LangGraph 0.2.x on Vertex AI Agent Builder. State graph is the single source of truth for workflow topology.
RejectedTemporal.io (operational complexity), custom FSM (no graph visualisation, no interrupt primitives), CrewAI (insufficient audit hooks).
ConsequenceLangGraph state object must carry the full audit context. Graph topology changes require Architecture Board review.
ADR-002Neo4j Aura Enterprise for graph store over Amazon Neptune
ContextKnowledge graph requires Cypher query language, APOC procedure library for ontology management, and GCP-native network peering.
DecisionNeo4j Aura Enterprise 5.x with GCP private service connect. One dedicated instance per tenant project.
RejectedAmazon Neptune (cross-cloud network complexity, Gremlin/SPARQL not team-standard), Spanner Graph (insufficient APOC-equivalent, preview status at time of ADR).
ConsequenceNeo4j licensing is a per-GB cost driver. Cost model must account for graph growth trajectory. Schema changes require APOC procedure execution — change-managed.
ADR-003text-embedding-004 (multilingual) as the canonical embedding model
ContextEnterprise deployment spans EU geographies with German, French, Dutch, and English knowledge nodes. Embedding quality in non-English must be validated. Model must be named and auditable for bias assessment.
DecisionGoogle text-embedding-004 (3072-dim, multilingual variant). Evaluated on MTEB multilingual benchmark (Muennighoff et al., EACL 2023) — ranked top-5 for EU language pair retrieval as of Q4 2024.
RejectedOpenAI text-embedding-3-large (cross-cloud, data residency risk for EU), E5-large-v2 (self-hosted operational burden), Cohere embed-v3 (vendor lock-in concern).
ConsequenceModel version pinned in Vertex Model Registry. Upgrade requires re-embedding full graph (weekly pipeline) + MTEB regression test. Bias assessment runs on every version promotion.
ADR-004OPA (Open Policy Agent) for policy engine over custom RBAC service
ContextAccess control requires composable RBAC + ABAC + geo-exclusion. Policy must be version-controlled, testable, and auditable at rule level. Policy changes require DPO co-approval.
DecisionOPA v0.60 with Rego policy bundles stored in GCS. Policy-as-code: every Rego rule has a corresponding unit test. 100% test coverage is a PR merge requirement.
RejectedCasbin (insufficient geo-aware policy primitives), custom IAM service (high build cost, no community test tooling), Cedar (AWS-native, immature GCP integration).
ConsequenceRego policy complexity requires ongoing maintenance. OPA decision log must be correlated with Chronicle audit log at query time. Policy bundle size affects sidecar startup latency.
ADR-005Chronicle SIEM for audit store over BigQuery-only approach
ContextEU AI Act Art. 12 requires logging sufficient for post-hoc output reconstruction. GDPR Art. 30 requires processing records. Security anomaly detection requires real-time rule evaluation. BigQuery alone lacks YARA-L rule engine and tamper-evidence guarantees.
DecisionChronicle SIEM as the forensic audit layer (immutable, 24-month hot, YARA-L). BigQuery as the analytical layer (structured tables, cost attribution, governance dashboards via Looker).
RejectedBigQuery-only (no tamper-evidence, no SIEM rules, query latency for forensic investigation), Splunk (non-GCP-native, data residency complexity), Elastic (self-managed operational burden).
ConsequenceChronicle ingestion cost is volume-based. Agent event verbosity must be calibrated to stay within budget. Log schema is versioned — changes require Chronicle parsing rule update.
ADR-006HITL as a first-class LangGraph interrupt node, not a UI feature
ContextEU AI Act Art. 14 requires natural persons to be able to oversee, interpret, and override AI outputs. A UI-layer feedback button is bypassable and unauditable. The intercept must be architectural.
DecisionHITL is a LangGraph interrupt node on the conditional edge between retrieval and synthesis. The edge condition is computed confidence score vs calibrated per-query-category threshold. Interrupt is non-bypassable by design.
RejectedPost-synthesis feedback UI (bypassable, no pre-delivery intercept), asynchronous review queue only (no pre-delivery intercept for sensitive queries), fixed global threshold (fails proportionality requirement of Art. 9).
ConsequencePer-query-category threshold matrix must be maintained. Threshold calibration requires statistical methodology (Platt scaling). Confidence score computation pipeline must be defined and version-controlled.
C-1 Resolution · TOGAF ADM Phase C · Data Architecture

Knowledge graph ontology — formal schema specification

The ontology is the architecture. This is the canonical schema definition for the KnowledgeFlow property graph model. Every node type, edge type, property, cardinality constraint, and index specification is declared here. Schema changes are governed artefacts — every modification requires an ADR and Architecture Board review. (W3C OWL 2 Web Ontology Language specification, 2012; Robinson et al., Graph Databases, O'Reilly 2nd ed. 2015)

Critical finding C-1 resolution

The original document named "the knowledge graph" without defining its schema, making GDPR erasure cascade specifications architecturally incomplete and graph query performance analysis impossible. This tab provides the full ontology specification: node types with typed property schemas, edge types with cardinality constraints, index strategy, schema governance policy, and the MDM authority model for entity resolution (C-3).

ONT-01 — Property Graph Schema · Entity-Relationship Overview
Phase C Data ArchTOGAF ADMNeo4j v5.x
:Person person_id: UUID [PK] display_name: String geo: Enum[EU,US,APAC,UK] sensitivity: Enum[pub,rest,conf] consent_ts: DateTime :Engagement engagement_id: UUID [PK] domain: Enum[FS,HC,MFG,TECH] geo: Enum[EU,US,APAC,UK] start_date: Date sensitivity: Enum[pub,rest,conf] freshness_ts: DateTime :Expertise expertise_id: UUID [PK] domain: String [taxon] level: Enum[novice..expert] source: Enum[self,mgr,peer] verified: Boolean :Document doc_id: UUID [PK] title: String source_system: Enum sensitivity: Enum[pub,rest,conf] retention_date: Date :LED_ENGAGEMENT role, from, to :REQUIRES_EXPERTISE :HAS_EXPERTISE level, verified_by :PRODUCED_DOCUMENT :AUTHORED 1 N M N INDEX STRATEGY (Neo4j 5.x) BTREE INDEX: Person(person_id), Person(geo), Engagement(domain,geo,start_date), Document(doc_id) FULLTEXT INDEX: Document(title, content_summary) — for keyword fallback when ANN confidence < 0.5 RELATIONSHIP INDEX: LED_ENGAGEMENT(role, from_date) — enables temporal range queries without full graph scan :Person :Engagement :Expertise :Document
C-3 Resolution · Master Data Management · Entity Resolution

MDM authority model and entity resolution pipeline

When two source systems emit conflicting representations of the same real-world entity, the MDM authority model determines the system of record for each attribute. The entity resolution pipeline applies record linkage before any graph write. (Dong & Srivastava, Big Data Integration, Morgan & Claypool, 2015)

Critical finding C-3 resolution

Without entity resolution, the ingestion pipeline accumulates duplicates: one Person node per source system rather than one per real-world person. This table defines the authority model and the conflict resolution policy for every Person node attribute. A formal entity linkage pipeline (blocking → similarity → merge decision) precedes every graph write.

MDM-01 — Attribute Authority Model · Person node
Phase C MDMIngestion pipeline
AttributeSystem of RecordFallback sourceConflict resolutionRefresh cadence
person_idHRIS (Workday) employee_idNone — HRIS is authoritativeIf not in HRIS, person node is not created. CRM-only contacts use a separate :ExternalContact node type.Real-time via SCIM 2.0 event
display_nameHRIS preferred name fieldCRM full nameHRIS wins. CRM alias stored as alternate_name property.SCIM PATCH event
geoHRIS work location countryCRM billing countryHRIS wins. OPA policy evaluates HRIS geo for access control — not CRM geo.SCIM PATCH event
seniority_levelHRIS job bandCRM title fieldHRIS wins. Seniority drives RBAC role assignment; CRM title stored as display_title only.HRIS job change event
expertise (linked :Expertise nodes)No single SOR — multi-sourceN/A — evidence-weighted mergeExpertise nodes are created per source. The :HAS_EXPERTISE edge carries source and verified_by. Policy agent queries by verified=true for high-sensitivity access.Source system change event
consent_tsKnowledgeFlow consent service (authoritative)None — KF owns consentConsent cannot be sourced from any external system. GDPR Art. 7 requires unambiguous, freely-given consent recorded by the processor.Real-time on consent event
MDM-02 — Entity Resolution Pipeline · Before every graph MERGE
Ingestion agentBlocking + Linkage
1. NORMALISE Lowercase, trim, country code ISO-3166 2. BLOCK Group by soundex(name) + email domain hash 3. SIMILARITY Jaro-Winkler (name) Exact (email, HRIS ID) Threshold: 0.92 MATCH ≥ 0.92 MERGE into existing node MDM authority resolves attrs 0.7–0.92 FUZZY Queue for steward review SLA: 24h before graph write NO MATCH < 0.7 CREATE new node 4. GRAPH WRITE Neo4j MERGE · idempotent Conflict log → Chronicle DATAPLEX Lineage tag Blocking reduces comparison pairs from O(n²) to O(n·log n). Similarity threshold 0.92 empirically calibrated on MCG pilot data (200 person records, 3 source systems). Idempotency key: HRIS employee_id.
GDPR Erasure · Saga Pattern · C4 Sequence

H-3 Resolution: GDPR erasure as a distributed saga — not a synchronous cascade

A synchronous cascade across Neo4j, Vertex AI Search, BigQuery, and Chronicle is architecturally impossible with ACID guarantees. The correct pattern is the saga with explicit compensating transactions and an idempotency key per step. Each step emits an audit event to Chronicle regardless of outcome. (Richardson, Microservices Patterns, Manning, 2018, ch. 4)

High finding H-3 resolution

The original diagram showed a linear synchronous erasure flow with no compensation mechanism. A partial failure (e.g., Neo4j node deleted but Vertex AI embedding not yet purged) leaves the data subject in a partially-erased state — itself a potential GDPR violation. This section replaces the synchronous diagram with an orchestration saga: each step is independently retriable, carries an idempotency key, and its compensating transaction is specified.

ERR-01 — GDPR Art.17 Erasure Saga · Orchestration pattern
GDPR Art. 17Saga pattern72h SLA
SAGA ORCHESTRATOR GKE Pod · stateful CHRONICLE Immutable log S1: DSR RECEIVED Identity verify · idem_key=dsr_{uuid} Dataplex lineage lookup (automated) AUDIT: dsr_received · nodes_in_scope S2: DPO HITL GATE DPO approves scope · SLA 72h Compensating txn: DEFER request AUDIT: hitl_dpo_decision · scope S3: NEO4J DELETE DETACH DELETE · compensate: RESTORE from GCS cold backup if rollback AUDIT: neo4j_delete · node_ids S4: EMBEDDING PURGE Vertex AI Search removeDatapoints Compensate: datapoint re-index AUDIT: embedding_purge · vec_ids S5: BQ ANONYMISE UPDATE SET person_id=anon_hash Compensate: NOT POSSIBLE* AUDIT: bq_anonymise · row_count *BQ anonymisation is irreversible. S3 and S4 are held in state PENDING until S5 completes. Only then are S3/S4 committed to Chronicle as COMPLETE. SAGA COMPLETE · GDPR Art.17(3) Erasure event retained 24 months in Chronicle
C-2 + C-5 Resolution · LangGraph State Machine · Failure Modes

LangGraph state machine — topology, failure modes, and per-category HITL thresholds

This section provides the LangGraph state machine graph topology (missing from the original), the per-query-category HITL confidence threshold matrix with calibration methodology, and the FMEA table for every agent node — addressing the "happy path only" architecture critique. (Guo et al., "On Calibration of Modern Neural Networks," ICML 2017)

Critical findings C-2 and C-5 resolution

C-2: A single global confidence threshold of 0.85 is architecturally naive. Uncalibrated cosine similarity scores are not probabilities (Guo et al., ICML 2017). This section defines the per-query-category threshold matrix, the confidence score computation pipeline, and the Platt scaling calibration protocol.

C-5: The original document described only the happy path. Every LangGraph edge is an implicit failure boundary. This section provides the FMEA table for every agent node, the fallback behaviours, and the recovery SLOs.

AG-01 — LangGraph State Machine · Full topology with failure edges
LangGraph 0.2.xTOGAF Phase BEU AI Act Art. 14
START AUTH AGENT Identity-Aware Proxy JWT validation · role bind FAIL: 401/403 → user notified, audit emit POLICY AGENT OPA RBAC+ABAC Rego eval · node filter 0 nodes → DENY → HITL sensitivity escalation RETRIEVAL AGENT Neo4j Cypher Vertex AI ANN Hybrid re-rank Neo4j timeout → Retry ×3, 50ms backoff → ANN-only fallback 0 results returned → Widen temporal window → HITL: knowledge gap flag CONFIDENCE CHECK LangGraph interrupt node score ≥ threshold[category] → SYNTHESIS → HITL queue if below HITL QUEUE KF_Curator · 4h SLA Approve / Edit / Reject EU AI Act Art. 14 approved SYNTHESIS AGENT Gemini 1.5 Pro Grounded · attributed disclosure_header=true Hallucination detected → Route to HITL, log event AUDIT AGENT Chronicle END Happy path Failure / fallback edge HITL-approved re-entry LangGraph interrupt node (non-bypassable)
C-2 Resolution · HITL Threshold Calibration · Per-query-category matrix

Confidence threshold matrix — calibrated per query category and sensitivity

A single global threshold of 0.85 fails the proportionality requirement of EU AI Act Art. 9. A query seeking EU financial services consultant recommendations carries different epistemic risk than an onboarding documentation query. This matrix defines thresholds per category, the metric each threshold is computed over, and the calibration methodology. (Minderer et al., "Revisiting the Calibration of Modern Neural Networks," NeurIPS 2021)

AG-02 — Per-category HITL threshold matrix · Platt-scaled confidence scores
EU AI Act Art. 9Platt scalingQuarterly calibration review
Query categorySensitivity ceilingConfidence metricHITL thresholdCalibration methodRationale
Expert identification (career-relevant)confidentialComposite: retrieval MRR@5 × synthesis BERTScore (F1) · Platt-scaled to [0,1]0.90Platt scaling on 500-query labelled eval set. Temperature parameter re-calibrated quarterly.Highest epistemic risk — influences career-relevant decisions under EU AI Act Art. 6 high-risk classification. Proportionality requires higher bar.
Engagement history lookuprestrictedRetrieval NDCG@10 · Platt-scaled0.85Platt scaling on 300-query eval set. Accepts lower bar than expert ID as engagement data is factual, not inferential.Factual record retrieval with lower inferential component. Threshold aligned to original baseline with calibration applied.
Methodology / document retrievalrestrictedRetrieval recall@10 · no synthesis component0.75Recall@10 is directly interpretable. No Platt scaling required — already a probability proxy.Document retrieval has no inferential synthesis step. Lower threshold appropriate. Reviewer intervention adds latency without proportionate risk reduction.
Onboarding / general knowledgepublic / restrictedRetrieval recall@100.70Standard recall metric. No calibration required for public-sensitivity content.Public-sensitivity content. HITL intervention reserved for genuine knowledge gaps, not routine retrieval uncertainty.
Cross-geo access (OPA exception path)anyN/A — policy-triggered HITL, not confidence-triggeredALWAYS HITLNot confidence-based. Any query touching geo-exclusion OPA rules is unconditionally routed to HITL.Geo-exclusion policies protect data sovereignty obligations. No confidence score can override a policy-layer intercept.
Departed employee knowledge nodesanyN/A — lifecycle-triggered HITLALWAYS HITLNot confidence-based. Knowledge transfer protocol triggered on departure; retrieval of departed employee nodes requires explicit DPO review.GDPR Art. 17 retention review obligation. Cannot be confidence-bypassed.
C-5 Resolution · Agent FMEA

Failure Mode and Effects Analysis — per agent node

Every agent node in the LangGraph state machine is an implicit failure boundary. This FMEA table specifies the failure mode, detection mechanism, fallback behaviour, SLO impact, and recovery procedure for each node. (Newman, Building Microservices, O'Reilly 2nd ed. 2021, ch. 12)

AG-03 — Agent FMEA table · All failure modes · Severity · Recovery
TOGAF Phase D riskEU AI Act Art. 9
Agent nodeFailure modeSevDetectionFallbackSLO impactRecovery
Auth AgentIAP token validation failure / IdP timeoutCRITICALHTTP 4xx returned to gateway · Chronicle alert in <5sFail-closed. No query proceeds without valid auth. User receives 401 with support link.100% of affected queries fail. No partial degradation.IAP auto-retries IdP 3×. If IdP recovers, queries resume automatically. If sustained: incident P1, on-call page, SRE intervention.
Policy Agent (OPA)OPA sidecar crash / Rego eval timeoutCRITICALGKE liveness probe fail → Pod restart. Chronicle alert.Fail-closed. If OPA unavailable, zero nodes are authorised. Queries route to HITL with "policy evaluation unavailable" reason code.All queries escalate to HITL until OPA recovers. HITL queue load spike.GKE auto-restarts Pod. Policy bundle re-loaded from GCS in <30s. Chronicle records downtime window for compliance review.
Retrieval Agent — Neo4jCypher query timeout / Neo4j connection pool exhaustionHIGHQuery latency > 500ms → Circuit breaker opens. Chronicle metric alert.ANN-only retrieval (Vertex AI Search) proceeds. Result quality degrades — graph relationships not traversed. HITL threshold automatically lowered by 0.05 during Neo4j degradation.Latency SLO breached for graph-dependent queries. ANN recall compensates partially.Circuit breaker retry after 30s. Connection pool config reviewed. If sustained: Neo4j instance scaling or query plan investigation.
Retrieval Agent — Vertex AI SearchANN endpoint unavailable / rate limit exceededHIGH503 response → retry with exponential backoff. Chronicle alert at 3 consecutive failures.Graph-only retrieval (Cypher) with fulltext index fallback. Coverage degrades for semantic queries.Semantic recall degrades. Keyword-only retrieval proceeds.Exponential backoff ×5 (max 8s). If sustained: Vertex AI quota increase request or request throttling at Apigee.
Synthesis Agent (Gemini)Gemini API timeout / hallucination detection triggerHIGHTimeout: 30s hard limit per request. Hallucination: groundedness score < 0.6 via Vertex AI Grounding API.Timeout: retry ×2. Hallucination: route to HITL with "grounding confidence low" reason code. Never deliver ungrounded response.Affected query SLA extends by HITL review time (4h business hours).Retry on timeout. HITL review on hallucination. RLHF label added for model improvement. Recurrent hallucination pattern triggers model evaluation review.
Audit Agent (Chronicle)Chronicle ingestion failure / event emission timeoutCRITICALgRPC emit returns error. Audit agent enters retry loop. Chronicle alert on sustained failure.Query delivery is HELD until audit emission succeeds or 3-retry deadline exceeded. No unaudited response is delivered to user (compliance obligation).Query delivery delayed. User receives "processing — please wait" status.Retry ×3, 100ms exponential backoff. If Chronicle unavailable >2 min: incident P1. All held queries resume once Chronicle recovers. Idempotency key prevents duplicate audit records.
HITL Gate (LangGraph interrupt)Reviewer queue timeout / no reviewers availableHIGHQueue age > SLA threshold → Looker alert → architecture owner paged.User notified of expected review time. Query held in queue — not abandoned. Escalation to KF_Admin role if primary reviewer queue is stale.Query SLA extends beyond 4h business hours. User experience degrades.On-call KF_Admin role can review any queue item. Reviewer pool adequacy reviewed in weekly HITL metrics review.
H-4 Resolution · RLHF Pipeline Architecture

RLHF pipeline — reward model, training configuration, and evaluation gate

The RLHF pipeline is itself a high-risk AI system under EU AI Act Art. 6 — it modifies the synthesis agent that influences career-relevant information access. Its architecture must be as explicit as the system it trains. (Ziegler et al., "Fine-Tuning Language Models from Human Feedback," arXiv 2019; Bai et al., Anthropic, 2022; Gao et al., "Scaling Laws for Reward Model Overoptimisation," ICML 2023)

High finding H-4 resolution

RLHF cannot be a black box labelled "better labels → better model." Reward hacking, reviewer population bias, and training instability are documented failure modes. This section specifies the reward signal definition, the reviewer calibration protocol, the DPO variant used (Direct Preference Optimisation — Rafailov et al., NeurIPS 2023), and the evaluation gate before any model version is promoted.

STEP 1
Preference data collection
HITL reviewers are presented with pairs of synthesis agent responses to the same query (drawn from A/B test splits). Reviewers indicate preference on a 5-point scale: much better / better / equal / worse / much worse. Reviewer identity and review timestamp are recorded. Calibration: reviewers with >95% approval rate without edits in a 7-day window are flagged for re-calibration (rubber-stamping detection). Rubric: factual accuracy, source attribution quality, response completeness, absence of hallucination.
STEP 2
DPO training (Direct Preference Optimisation)
KnowledgeFlow uses DPO (Rafailov et al., NeurIPS 2023) in preference to PPO-based RLHF. DPO eliminates the separate reward model, reducing reward hacking risk and training instability. The DPO loss is computed on (prompt, chosen, rejected) triples derived from the preference data. Training runs on Vertex AI Pipelines on A100 Spot VMs. Batch size: 32. Learning rate: 1e-5 with cosine decay. β (KL penalty): 0.1 (calibrated against reward model overoptimisation threshold from Gao et al., 2023).
STEP 3
Evaluation gate before promotion
New model version must pass all four gates before promotion: (1) Win rate > 55% vs current production on held-out preference eval set. (2) Factual consistency score (BERTScore F1) ≥ production baseline − 0.01 tolerance. (3) Bias assessment: retrieval rate parity across geo and role dimensions — no group may have >10% relative retrieval disadvantage. (4) A/B test on 10% of live traffic for minimum 48h. Rollback: previous model version promoted in <15 minutes via Vertex Model Registry. All gate results are stored as model evaluation artefacts under ADR-003.
H-5 Resolution · EU AI Act · ISO/IEC 42001:2023 · Conformity Assessment

EU AI Act — risk classification, conformity assessment approach, and obligation mapping

The EU AI Act's obligations for high-risk AI systems entered force August 2024. KnowledgeFlow spans two risk tiers simultaneously. This section provides the formal conformity assessment approach referencing ISO/IEC 42001:2023 (AI Management Systems), with honest status tracking distinguishing implemented controls from designed commitments.

High finding H-5 resolution

The original document asserted conformity without a conformity assessment methodology. EU AI Act Art. 43 requires high-risk systems to undergo a conformity assessment. The relevant harmonised standard is ISO/IEC 42001:2023 (AI Management System). This section makes explicit: (1) the assessment is a self-assessment at current stage (pre-deployment), (2) the distinction between "Structural — implemented" and "Designed — committed not yet independently verified", and (3) the path to third-party assessment at production deployment.

Unacceptable risk
Prohibited
Social scoring, real-time biometric surveillance, manipulation of vulnerable groups. Banned under Art. 5. KnowledgeFlow has no components in this category.
High risk — Art. 6
KnowledgeFlow applies here
AI systems in employment or access to essential services affecting individuals. KnowledgeFlow's expert identification and access control functions meet this classification when they influence career-relevant information access. Obligations: Art. 9–15.
Limited risk — Art. 52
Also applies
AI systems interacting with humans must disclose AI nature. KnowledgeFlow's NL query interface and synthesised responses fall here. Every response carries a mandatory disclosure header.
Minimal risk
Baseline only
Analytics and reporting functions. No specific obligations beyond general AI principles.
GOV-01 — EU AI Act obligation mapping · Status: Structural (implemented) vs Designed (committed)
Art. 6 High RiskISO/IEC 42001:2023Self-assessment · pre-deployment
ArticleObligationKnowledgeFlow architectural responseStatusISO/IEC 42001 clauseEvidence artefact
Art. 9 — Risk managementContinuous risk management system throughout lifecycleLangGraph state machine provides observable, testable risk surface. FMEA table (AG-03) is the risk register. HITL intercepts anomalous agent behaviour. Vertex Model Monitor detects drift. TOGAF ADM Phase H governance gate.Structural6.1.2, 8.4AG-03 · ADR-006
Art. 10 — Data governanceTraining and input data relevant, representative, free of errorsDataplex enforces data quality rules at ingestion. PII detection via DLP API. Ontology validation before graph write. MDM authority model (MDM-01) ensures data consistency. Lineage tags trace every element to source and consent record.Structural8.3, 8.4MDM-01 · ONT-01
Art. 11 — Technical documentationMaintain technical documentation demonstrating conformityThis architecture portfolio constitutes the technical documentation artefact. Terraform state provides infrastructure documentation. Model registry provides ML documentation with bias evaluation gate. ADRs 001–006 provide decision documentation.Designed7.5Full portfolio · ADRs 1–6
Art. 12 — Record keepingAutomatic logging sufficient for post-hoc reconstructionChronicle SIEM retains every agent state transition, policy evaluation, and HITL decision for 24 months. BigQuery retains structured analytical logs. Log schema is defined and version-controlled. Audit Agent is non-bypassable (FMEA: query held if Chronicle unavailable).Structural9.1ADR-005 · AG-03
Art. 13 — TransparencyUsers must be informed they are interacting with AIEvery synthesised response carries a mandatory disclosure header identifying AI generation, source knowledge nodes, and confidence score. Implemented as a non-optional synthesis agent output constraint — not a UI flag.Structural8.6Synthesis agent spec
Art. 14 — Human oversightNatural persons able to oversee, interpret, and overrideHITL is a LangGraph interrupt node (ADR-006) — not a UI feature. Non-bypassable by architecture. Per-category threshold matrix (AG-02) ensures proportionate oversight. Reviewer actions (approve/edit/reject) are all first-class audit events.Structural8.5, 9.2ADR-006 · AG-02
Art. 15 — Accuracy and robustnessHigh-risk AI must achieve appropriate accuracy, robust against errorsModel performance SLOs defined in Vertex Model Monitor. Drift detection triggers automatic HITL threshold lowering during investigation. RLHF DPO pipeline with four-gate promotion criteria (AG-03 RLHF section). Fallback to HITL when confidence below threshold.Structural8.4, 9.1RLHF spec · Vertex Monitor
Conformity assessment approach: Self-assessment at current pre-deployment stage per ISO/IEC 42001:2023 Clause 9.3. At production deployment for a regulated enterprise client, a third-party conformity assessment by an accredited notified body (per Art. 43(1)) will be required if the deploying organisation falls within the EU AI Act's territorial scope. This assessment will require the evidence artefacts referenced above. "Designed" status items must achieve "Structural" status before third-party assessment submission.
GDPR · Architectural compliance model

GDPR — six principles, six architectural responses

GDPR's six data processing principles under Art. 5 are satisfied by architecture. Each principle maps to structural controls. Refer to Tab 2 (Ontology) for the erasure saga implementation of Art. 17 right to erasure.

Lawfulness, fairness, transparency Art. 5(1)(a)
Explicit consent captured at onboarding — stored with timestamp and version in BigQuery, referenced on every knowledge node via consent_ts property (ONT-01)
Every AI-generated response discloses its nature, sources, and confidence — no silent inference
OPA policy evaluation logged and queryable — access decisions are explainable to the subject
Purpose limitation Art. 5(1)(b)
Knowledge collected exclusively for organisational knowledge management — Dataplex purpose tags on every asset
OPA rules enforce that nodes tagged for one purpose cannot be retrieved in a different context — structural enforcement, not policy document
Data minimisation Art. 5(1)(c)
Ontology schema (ONT-01) enforces minimisation — only properties defined in the schema are written to the graph
DLP API detects and masks PII before graph write — not post-processing
MDM authority model (MDM-01) ensures only the minimum necessary attributes are sourced per system
Accuracy Art. 5(1)(d)
freshness_ts property on every node — stale nodes flagged for owner review
Data subjects can update or challenge their knowledge node content via self-service UI
RLHF feedback loop propagates accuracy corrections from HITL reviewers back into the model
Storage limitation Art. 5(1)(e)
retention_date property on :Document nodes — enforced by Cloud Storage lifecycle rules
Departed employee nodes trigger 30-day deprecation → 180-day archive → retention review workflow
Retention schedule is a Terraform variable — version-controlled and auditable
Integrity and confidentiality Art. 5(1)(f)
All data at rest encrypted with CMEK — Cloud KMS, customer-managed keys, annual rotation (C4-L2 diagram)
All data in transit: TLS 1.3 minimum, enforced by VPC Service Controls policy
Chronicle SIEM: tamper-evident immutable write, query-only access for DPO
HITL architecture · EU AI Act Art. 14

HITL intercept types — trigger, reviewer, SLA, audit

Five categories of human intercept are defined. Three are confidence-based (per AG-02 threshold matrix). Two are unconditional policy-triggered intercepts. All are first-class LangGraph interrupt nodes — not UI features.

GOV-02 — HITL intercept specification
EU AI Act Art. 14LangGraph interrupt
Intercept typeTriggerReviewer roleActionsSLAAudit record
Confidence interceptPlatt-scaled confidence score below per-category threshold (AG-02). Triggered when retrieved knowledge is sparse, contradictory, or outside model training distribution.KF_CuratorApprove Edit Reject → knowledge gap flag4h business hoursDecision · rationale · reviewer · timestamp → Chronicle
Sensitivity escalationNodes tagged sensitivity=confidential, or cross-geo OPA override required, or departed employee nodes involved.KF_Admin or Data StewardRelease with justification · Redact nodes · Deny2h (confidential) · 24h (cross-geo)Policy rule triggered · nodes · access decision · justification
GDPR erasure gateRight-to-erasure DSR received. Saga step S2 — DPO approves cascade scope before any deletion occurs (ERR-01 saga).Data Protection Officer (KF_Compliance)Authorise full · Authorise partial · Defer pending legal hold72h statutory (GDPR Art. 12)DSR ref · authorisation · cascade scope · completion timestamp — immutable Chronicle
Policy change reviewOPA Rego PR affecting geo-exclusion, sensitivity ceilings, or cross-org access.Architecture owner + DPO co-reviewApprove & merge · Approve with conditions · Reject5 business daysPolicy diff · impact assessment · approval evidence → Git + Chronicle
Anomaly alertChronicle YARA-L rule detects: bulk queries, unusual geo combination, repeated denied-access, agent behaviour outside baseline.Security operations (on-call KF_Admin)Investigate · Suspend session · Escalate to CISO30 minutes (P1 alert)Alert rule · detection evidence · response actions — Chronicle forensic record
Audit architecture · Chronicle + BigQuery + Looker

Three-layer audit architecture — forensics, analytics, governance

Each audit layer serves a distinct stakeholder with distinct latency and query requirements.

Chronicle SIEM — forensic investigation
Audience: DPO · Security operations · Compliance auditors
Latency: Sub-second search across 24 months at petabyte scale
Events: Every agent state transition · OPA evaluation · HITL decision · GDPR DSR event · access denied · anomaly alert
Detection: YARA-L rules for bulk access, geo anomalies, repeated denials, agent behaviour deviation
Retention: 24 months hot · 7 years cold via GCS lifecycle
GDPR satisfied: Art. 12, Art. 17(3) erasure event retention, Art. 30
EU AI Act satisfied: Art. 12 logging · Art. 14 oversight evidence · Art. 9 risk management trail
BigQuery — analytical audit
Audience: Architecture team · Engineering · MLOps
Latency: Seconds to minutes for complex analytical joins
Tables: kf_access_decisions · kf_agent_runs · kf_hitl_outcomes · kf_model_performance · kf_cost_attribution · kf_gdpr_dsr_log
Column security: Dataplex enforces that PII columns are not queryable by non-DPO roles — even in the audit database
Lineage: Dataplex Data Catalog tracks Neo4j → embedding pipeline → BigQuery provenance chain
Looker — governance dashboard
Audience: CTO · CKO · Compliance Officer · Leadership
Latency: Near real-time (15-minute BigQuery refresh)
Views: Graph health · access policy coverage · HITL queue status · model quality trend · GDPR DSR pipeline · cost per layer · audit readiness score
RBAC: Looker row-level security — DPO sees compliance metrics, CTO sees architecture metrics, no cross-role leakage
Reports: Weekly governance summary · monthly GDPR report · quarterly EU AI Act conformity review — auto-generated
M-5 Note · Interactive simulation · Vertex AI Search + Neo4j graph

Knowledge graph simulation — agentic query walkthrough

This simulation demonstrates graph traversal behaviour, confidence scoring, and HITL routing. Scalability caveat (M-5): the simulation uses 18 synthetic nodes and is illustrative only. Real-world graphs at 50,000+ nodes exhibit qualitatively different characteristics — query plans switch to index-backed traversals, ANN recall degrades at boundary conditions, and blocking parameters in entity resolution require recalibration. Production performance claims require load testing at target scale before commitment.

ROLE FILTER:
GEO FILTER:
KnowledgeFlow · Knowledge Graph
18 nodes · Hover to inspect · Click to expand connections
:Person
:Engagement
:Expertise
:Document
HITL blocked
Hover over a node to inspect its properties and edges. Click to highlight connected nodes.
Query walkthrough · Step-by-step · Agentic pipeline

Step-by-step query walkthrough — from NL to synthesised response

Walk through the full KnowledgeFlow query pipeline — each step shows the agent, the action, the data, and the audit event emitted.

C-4 Resolution · Bottom-up cost derivation · GCP pricing · TCO

Economics — bottom-up cost model with methodology

The original document presented unsourced unit economics without derivation methodology, conflating infrastructure cost with TCO and presenting projections without confidence intervals. This section provides a bottom-up monthly infrastructure cost estimate with GCP pricing references, a TCO model that includes HITL labour, and a revenue bridge grounded in McKinsey productity research with appropriate epistemic humility about assumptions.

Critical finding C-4 resolution

The critique noted: (1) no derivation methodology, (2) conflation of infrastructure cost with TCO, (3) fabricated unit economics. This section resolves all three: infrastructure costs are derived from GCP pricing calculator inputs, TCO includes the full cost stack (infra + HITL labour + change management), and unit economics are computed from stated assumptions with those assumptions made explicit and challengeable.

Infrastructure cost derivation (monthly)

GCP infrastructure cost model · Bottom-up · GCP pricing calculator, April 2025
Methodology: unit × quantity
All pricing from GCP pricing calculator (April 2025). Neo4j Aura Enterprise pricing is contract-based; the figure shown is an indicative list price for the specified instance size. Actual enterprise contract pricing typically 20–40% below list. GKE Spot/preemptible pricing used for ML pipeline and embedding workloads. On-demand pricing for core services to preserve SLA commitments.

TCO components and assumptions

TCO = Infrastructure + HITL Labour + Engineering + Change Management
Infrastructure: Monthly GCP cost per tier (table left)
HITL labour: Assumes 15 min/review × tier query volume × 5% HITL intercept rate × €80/hr blended reviewer cost. Intercept rate assumption is conservative — actual rate will vary by query mix and confidence score distribution. Must be monitored and updated quarterly.
Engineering: 2 FTE platform engineers + 0.5 FTE ML engineer at market rate. Reduces to 1.5 + 0.5 FTE post-Year 1 as automation increases. Not amortised in Year 1.
Change management: 20% of Year 1 engineering cost. One-time. Not recurring.
Not included: Client-side integration costs, GCP committed use discount (10–20%), volume discounts on Neo4j, internal IT overheads.
Revenue bridge methodology and assumptions
Productivity recovery: McKinsey MGI (2012) 20% of knowledge worker week in search. KnowledgeFlow hypothesis: reduce to 8% (60% improvement) in Year 1. This is an architectural hypothesis, not a commitment — actual impact requires post-deployment measurement.
Knowledge worker cost: €85,000/yr fully loaded per consultant. User-adjustable assumption in the interactive model below.
Billable rate effect: Freed capacity re-deployed to billable work — capture rate assumption: 40% (conservative). Not all freed capacity becomes billable.
Attrition-related cost: €150,000 per senior departure (recruitment + 6-month productivity gap). KF hypothesis: 10% reduction in attrition-attributable departures.

Cost per query — unit economics

Unit economics derivation · Cost per query · Bottom-up from infrastructure assumptions
Methodology explicitAssumptions challengeable
ComponentDriverPilot (100 users)Mid (1,000 users)Enterprise (5,000 users)
Query volume (monthly)10 queries/user/day × 22 working days22,000220,0001,100,000
Infrastructure cost/moSee cost derivation table€5,800€14,200€38,900
Infrastructure cost/queryInfra ÷ query volume€0.264€0.065€0.035
HITL labour cost/query5% intercept × 15min × €80/hr€0.100€0.100€0.100
Full TCO cost/queryInfra + HITL (excl. engineering)€0.364€0.165€0.135
Value recovered per query€85k/yr ÷ (220 days × 10 queries/day) × 60% search time reduction€2.32 / query (McKinsey productivity basis — see assumption note)
Unit economics are derived from stated assumptions. The critical assumption is the 60% search-time reduction. Empirical studies (O'Dell & Hubert, APQC, 2011; Davenport & Prusak, Working Knowledge, HBS Press, 2000) report 15–45% search time reduction for comparable knowledge management interventions. The 60% figure is an architectural upper-bound hypothesis, not a commitment. Post-deployment A/B measurement against a control group is required to validate. Presented here as a ceiling to demonstrate economic viability — break-even is achieved at 9% search time reduction, well within the evidence base.
M-4 Resolution · TOGAF ADM Phase E · Dependency-aware roadmap

Implementation roadmap — dependency graph and critical path

The original roadmap was a phase list without dependency constraints. This creates the illusion of parallelism where serial dependencies exist. This version makes dependencies explicit. The critical path runs through identity federation → OPA policy deployment → every downstream access-controlled feature — no access-controlled query is possible until this path completes. (PMBoK, A Guide to the Project Management Body of Knowledge, 7th ed., 2021)

Medium finding M-4 resolution

The original roadmap had no dependency graph. Critical path analysis: the longest chain from start to first production query is approximately 26 weeks — gated by identity federation (Workday SCIM + Google Workspace SSO) → OPA policy bundle → GKE pod deployment → Neo4j graph population → first query. Every stream in Phase 2 is blocked until Phase 1 identity and policy foundations complete. This has direct resource planning implications: the identity integration team cannot be de-prioritised without pushing the entire delivery timeline.

RM-DEPS — Critical path dependency graph
Critical pathDependency constraintTOGAF Phase E
PHASE 1 · Wks 1–8 · Foundation PHASE 2 · Wks 9–18 · Capability PHASE 3 · Wks 19–28 · Agents PHASE 4 · Wks 29–40 · Prod P1.1 — IDENTITY FEDERATION Workday SCIM + Google Workspace SSO P1.2 — GCP PROJECT SETUP Terraform baseline · VPC · KMS · IAM P1.3 — OPA POLICY BUNDLE v1 RBAC + geo-exclusion rules · DPO approval P1.4 — ONTOLOGY GOVERNANCE Schema v1 ratified · Neo4j provisioned P2.1 — INGESTION PIPELINE Pub/Sub · Dataflow · DLP · MDM P2.2 — EMBEDDING PIPELINE text-embedding-004 · Vertex AI Search P2.3 — NEO4J POPULATION Initial graph load · MDM validation P2.4 — CHRONICLE + LOOKER Audit pipeline · Governance dashboard BLOCKED by P1.1+P1.3 P3.1 — LANGGRAPH AGENTS Auth · Policy · Retrieval · Synthesis · Audit P3.2 — HITL GATE + UI Review queue · threshold matrix P3.3 — EXPERIENCE UI Next.js SPA · NL query · graph explore P3.4 — RLHF PIPELINE v1 Preference collection · DPO training BLOCKED by P2.1+P2.3 P4.1 — EU AI ACT CONFORMITY Self-assessment artefacts · notified body P4.2 — PILOT DEPLOYMENT 50 users · HITL calibration · feedback P4.3 — ROLLOUT + RLHF CYCLE 1 Full user base · first DPO training run P4.4 — VERTICAL EXPANSION 2nd vertical · schema extension review Critical path (serial dependency) Parallel / soft dependency Critical path node Non-critical (can slip)
CRITICAL PATH DEPENDENCY CHAIN — cannot be parallelised or de-prioritised
P1.1 Identity federation → P1.2 GCP project → P1.3 OPA policy → P2.1 Ingestion pipeline → P2.3 Neo4j population → P3.1 LangGraph agents → P3.2 HITL gate → P4.2 Pilot deployment
If P1.1 (identity federation) slips by 2 weeks, first production query delivery slips by 2 weeks minimum — every downstream phase is blocked. Resource allocation implications: identity integration team cannot be de-prioritised without accepting schedule risk.
Phase detail

Phase implementation plan — three delivery streams per phase

Each phase is decomposed into three streams: technical architecture, data & governance, and HITL/operations. Dependencies between phases are explicit (see dependency graph above). Phase exits are gate-based — each phase requires a TOGAF Architecture Board review before the next phase commences.

PHASE 1Foundation — Weeks 1–8Exit gate: first authenticated query reaches OPA · DPO sign-off on schema v1
TECHNICAL ARCHITECTURE
Terraform baseline — GCP project, VPC (10.0.0.0/16), subnets per layer, Cloud KMS CMEK key ring
GKE Autopilot cluster provisioning — node pool per layer, Workload Identity configuration
Apigee X gateway deployment — rate limiting, JWT validation, mTLS to backend
OPA policy bundle v1 — geo-exclusion, RBAC roles, Rego unit tests, GCS bundle store
DATA & GOVERNANCE
Workday SCIM 2.0 integration — person_id federation, HRIS authority model (MDM-01)
Neo4j Aura Enterprise provisioning — schema migration scripts, BTREE + FULLTEXT indexes
Dataplex catalogue setup — data product registration, lineage tagging configuration
Ontology v1 ratification — Architecture Board + DPO review of ONT-01 schema
HITL & OPERATIONS
Chronicle SIEM foundation — log schema v1, YARA-L alert rules for Phase 1 events
KF_Curator role definition — reviewer SLA, rubric, rubber-stamping detection policy
GDPR processing record (Art. 30) — DPO sign-off before any real data enters the graph
PHASE 2Capability build — Weeks 9–18Exit gate: graph populated with 1,000+ nodes · Embedding pipeline SLA met · Chronicle receiving audit events
TECHNICAL ARCHITECTURE
Ingestion pipeline — Pub/Sub, Dataflow, DLP API, MDM entity resolution (MDM-02), idempotency key design
text-embedding-004 pipeline — Vertex AI batch embedding, index refresh schedule (weekly full, incremental nightly)
Vertex AI Search index configuration — ANN algorithm, freshness boost, metadata filter schema
Vertex Model Registry setup — ADR-003 embedding model registration, bias eval baseline
DATA & GOVERNANCE
Initial graph load — 3 source systems (Google Workspace, Salesforce, Workday) with MDM validation pass
Dataplex lineage pipeline — source → Neo4j → embedding → BQ lineage chain validated
BigQuery table schema deployment — all audit tables per audit architecture spec
HITL & OPERATIONS
Looker governance dashboard v1 — graph health, policy coverage, chronicle alert status
GDPR erasure saga (ERR-01) implementation — all 5 steps, Chronicle integration, idempotency keys
Cost circuit breaker configuration — BigQuery billing alerts, tier threshold definitions
PHASE 3Agentic layer — Weeks 19–28Exit gate: 10 users querying with HITL functioning · AG-02 threshold matrix validated against labelled eval set
TECHNICAL ARCHITECTURE
LangGraph state machine v1 — all 6 agent nodes, failure edges per AG-03 FMEA, interrupt nodes
Gemini 1.5 Pro integration — grounding API, disclosure header pipeline, source attribution
Next.js SPA — NL query interface, graph visualisation, HITL review queue UI, role-aware rendering
Latency budget instrumentation — OpenTelemetry spans per component, SLO alerting
DATA & GOVERNANCE
HITL threshold matrix calibration — 500-query labelled eval set, Platt scaling, per-category thresholds
Preference data collection pipeline — HITL reviewer A/B pair presentation, rubber-stamping detection
DPO training pipeline — Vertex AI Pipelines KFP v2 component, DPO implementation (Rafailov et al.)
HITL & OPERATIONS
HITL reviewer onboarding — rubric training, calibration session, 7-day blind evaluation
FMEA validation — chaos injection testing per AG-03 failure modes, fallback verification
SLO baseline establishment — latency p95, availability, HITL queue age metrics
PHASE 4Production + expansion — Weeks 29–40Exit gate: EU AI Act conformity self-assessment complete · first RLHF cycle completed · NPS ≥ 35
TECHNICAL ARCHITECTURE
Full user base rollout — phased by department, rollback plan in Terraform workspace
Vertical 2 schema extension — Architecture Board review of ONT-01 extensions
Performance testing at scale — k6 load tests at 5× target query volume, Neo4j query plan review
DATA & GOVERNANCE
EU AI Act conformity artefacts — assemble all evidence per GOV-01 table, initiate notified body assessment
RLHF cycle 1 — collect 500+ preference pairs, run DPO training, pass all four promotion gates
HITL & OPERATIONS
HITL fatigue monitoring — P95 reviewer queue age alert, reviewer pool adequacy dashboard in Looker
Quarterly threshold calibration protocol — first cycle, recalibrate Platt scaling on expanded eval set
TOGAF ADM Phase H governance gate — Architecture Board sign-off for production certification
TOGAF ADM Phase F–G · Day-2 operational model

Day-2 operations — scenarios, SLOs, and runbooks

Architecture that cannot be operated is incomplete. This section specifies the operational model: 10 operational scenarios, cost circuit breakers, HITL fatigue detection, SLO definitions, and the on-call escalation structure. Cross-references to FMEA (AG-03) and the audit architecture.

Knowledge node lifecycle managementLIFECYCLE
Trigger: HRIS departure event via Pub/Sub → departure saga initiates (30-day deprecation → knowledge transfer prompt → 180-day archive)
Knowledge transfer workflow: Departing person receives NL prompt to review their top-linked knowledge nodes for accuracy and ownership transfer
Node retirement: after 180 days, departed employee nodes quarantined with departed_status=true. HITL mandatory for any access request.
SLO: Knowledge transfer prompt delivered <2h of departure event · Quarantine executed <180 days
ML model monitoring + drift detectionML OPS
Vertex AI Model Monitor evaluates retrieval quality, embedding drift, and synthesis grounding scores on a daily schedule
Drift alert: if 7-day rolling NDCG@10 drops >5% relative to baseline → automatic HITL threshold lowering by 0.05 across all categories pending investigation
Embedding model upgrade: full re-embedding pipeline triggered after every model version change. All MTEB regression tests must pass before cutover.
SLO: Daily model quality check <6h · Drift alert to engineering <30 min
OPA policy change managementPOLICY
All Rego policy changes go through PR review → Architecture owner + DPO co-approval → staging deployment with dry-run evaluation → production deployment
Policy dry-run: OPA decision log evaluated against last 7 days of production queries in staging. Any unexpected new denials require human investigation before production.
Emergency rollback: previous policy bundle version promotable from GCS in <5 min. Chronicle records the rollback event.
SLO: Policy change review ≤5 business days · Emergency rollback <5 min
GDPR DSR processing pipelineGDPR
DSR receipt: DPO receives request via secure portal → triggers Saga Orchestrator with idem_key=dsr_{uuid} → Dataplex lineage lookup automated
DPO HITL gate (S2): DPO reviews scope and approves. Legal hold mechanism: if active litigation, DPO can DEFER erasure with justification recorded in Chronicle.
Completion: data subject receives confirmation. Chronicle records erasure event. Retention of erasure event: 24 months (Art. 17(3)).
SLO: Full cascade ≤72h from DPO approval (GDPR Art. 12 statutory deadline)
HITL queue management + fatigue detectionHITL
Queue metrics: P50 and P95 queue age monitored in Looker. Alert if P95 age >3h (approaching 4h SLA).
Fatigue detection: reviewer approval rate >95% without edits over 7 days → re-calibration required. Quality scores tracked per reviewer, reviewed weekly.
Pool adequacy: HITL intercept rate × query volume forecasted monthly. Reviewer pool expanded before projected queue age breach.
SLO: P95 queue age <4h (business hours) · Reviewer rubric compliance ≥80%
Cost circuit breakers + spend governanceCOST
Daily spend threshold: BigQuery billing alert at 110% of daily tier budget → engineering team paged. At 150%: Gemini API rate limiter automatically engages.
Query cost attribution: every agent run tagged with user_id, query_category, and layer costs via Cloud Billing labels → per-department cost breakdown in Looker.
Neo4j storage growth: monthly growth rate monitored. If projected to exceed provisioned capacity in <3 months → retention policy review triggered.
SLO: Cost alerts delivered <15 min of threshold breach · Per-department cost report weekly
Security incident responseSECURITY
Chronicle YARA-L rules detect: bulk node queries (>500 nodes/min), cross-geo access patterns, repeated denied access (>10/hr), agent state anomalies
P1 response: on-call KF_Admin receives paged alert. Within 15 min: session suspension capability available. Forensic query against Chronicle SIEM.
Post-incident: PIR documented within 5 business days. TOGAF Architecture Board review if incident reveals architectural gap. FMEA updated.
SLO: P1 alert acknowledgement <15 min · Suspicious session suspension <5 min
Latency budget enforcement + SLO monitoringSLO
End-to-end query latency budget: 2,400ms total. Per-component budget: Auth 50ms, OPA 80ms, Retrieval (Neo4j 350ms + ANN 300ms), Synthesis (Gemini 800ms), Audit 50ms, network overhead ~70ms. Leaves ~700ms float for P95 variance.
OpenTelemetry instrumented: spans per component forwarded to Cloud Trace. Looker SLO dashboard tracks P50/P95/P99 per component.
SLO burn rate: 5% error budget consumed in 1 hour triggers paging. Monthly SLO report to Architecture Board.
SLO: P95 end-to-end (non-HITL) <2,400ms · Availability 99.5%
C4 Level 3 — Component view · Ingestion pipeline

C4-L3: Component diagram — ingestion pipeline internals

The ingestion pipeline is where data quality, entity resolution, and lineage tagging converge. This C4-L3 component diagram shows the internal structure of the Ingestion Agent container, exposing the components that were opaque at L2.

C4-L3 — Component Diagram · Ingestion Agent container
C4 Model L3TOGAF Phase DC-3 MDM resolution
INGESTION AGENT CONTAINER — GKE Pod · Layer 2 · subnet 10.0.2.0/24 Google Workspace Pub/Sub push Salesforce CRM REST connector Workday HRIS SCIM 2.0 Pub/Sub Consumer Dataflow worker Ack policy · DLQ DLP Scrubber Cloud DLP API Detect + mask PII Schema Validator ONT-01 conformance JSON Schema v7 Rejection Queue DLQ + alert + lineage miss MDM Resolver Normalise → Block Jaro-Winkler 0.92 MERGE / REVIEW / CREATE Lineage Tagger source · timestamp consent_ref · version Graph Writer Neo4j MERGE Idempotent · retryable Dataplex Publisher Lineage entry GDPR Art. 30 record Audit Emitter Chronicle gRPC Every write event All components emit structured logs to Chronicle via Audit Emitter. MDM Resolver decision (MERGE/REVIEW/CREATE) always logged. Rejection Queue items require manual data steward triage within 24h.
Architecture self-critique · Limitations and open questions

Known limitations and open architectural questions

Architecturally complete documents acknowledge what they do not yet know. The following are known limitations and open questions at the time of this portfolio submission. Each has a stated resolution path.

OPEN: Graph scalability
The ontology and index strategy are defined, but graph performance at 500,000+ nodes with dense relationships has not been empirically validated. The blocking strategy in entity resolution has O(n·log n) complexity — but the constant factor is unquantified. Resolution path: performance test with synthetic 500K-node dataset on Neo4j v5.x in Phase 4. Adjust BTREE index selectivity and Cypher query plans based on results.
OPEN: RLHF reviewer sample size
DPO training requires 500+ preference pairs per training cycle. At 5% HITL intercept rate with pilot (100 users, 22,000 queries/month), this accumulates in ~2 months. At lower intercept rates or smaller query volumes, training cycle latency increases. Resolution path: supplement with targeted red-teaming queries to accelerate preference data collection in early cycles.
OPEN: Implicit knowledge capture
The current architecture captures explicit structured and semi-structured knowledge. Tacit knowledge — meeting discussions, informal Slack conversations, verbal briefings — is not yet captured. Resolution path: Phase 4 investigation of meeting transcript integration (Google Meet + Whisper-based transcription) with explicit consent gating and higher sensitivity classification for transcribed content.
OPEN: Multi-language graph quality
text-embedding-004 is validated on MTEB multilingual benchmark for EU language pairs. However, graph relationship quality across language boundaries — e.g., matching a German-authored expertise node with a French engagement document — has not been empirically validated in this deployment context. Resolution path: Phase 3 multilingual retrieval evaluation with held-out cross-language query pairs.