Metricus
Security and data architecture

Customer control over data, scope and AI inputs.

Process Advisor is designed around customer-controlled access, in-instance processing by default, dataset AI privacy controls and report-scoping controls that let teams refine what is sent to AI before content is generated.

Data Security StatementPrivacy Policy
In-instance by defaultAI privacy controlsScoped evidence to AI
AI report scope
Process Advisor AI report scope screenshot showing controls over samples, variants and transition-path exclusions
Security principles

Security and privacy controls built into the operating model.

The goal is simple: customers should understand where data is processed, have control over what evidence informs AI outputs, and be able to remove or anonymise sensitive inputs before advisory content is created.

In-instance processing by default

For the Jira and ServiceNow app versions, workflow datasets are processed within the customer’s authorised platform environment for normal app operation.

Platform-native processing

AI privacy controls

Dataset AI Privacy controls can exclude selected fields from AI or anonymise field values before AI-assisted content is generated.

Field-level privacy options

AI report scope

AI Report Scope controls can exclude sample items, variants, transition paths, field values and known exceptions before prompts are built.

Scoped evidence before prompts
Operational controls

Refine the evidence before generating AI-assisted output.

AI-assisted output should be based on the evidence customers choose to include. Process Advisor provides controls to refine samples, exclude non-representative records, remove sensitive fields and anonymise person-related or selected attribute data.

What teams can control

These controls are intended to help teams improve signal quality, reduce noise and manage privacy concerns before content is generated.

  • Set sample sizes and exclude records that are not representative of the workflow being reviewed.
  • Exclude variants, transition paths or specific work items that should not influence the report.
  • Mask or remove selected fields before AI-assisted analysis and reporting is run.
Customer-controlled scope

Supporting documentation

Where customers need more formal documentation, the supporting legal and security material is already published and can be referenced directly.

  • Read the detailed Data Security Statement for architecture and control information.
  • Review the Privacy Policy for broader handling and policy commitments.
  • Use these documents alongside customer questionnaires or procurement reviews.
Security review ready