Skip to content

Latest commit

 

History

History
86 lines (62 loc) · 4.18 KB

File metadata and controls

86 lines (62 loc) · 4.18 KB

Assessment Provenance And Manager Review Boundary Model

Purpose

This document closes public issue #3: Document assessment provenance and manager approval evidence for AI-assisted learning workflows.

It provides concrete agentic-enterprise evidence for SkillForge Learning. The repo remains independent: it is not an AAIF project, not a Linux Foundation project, and not endorsed by either organization.

High-Risk Action Boundary

AI-assisted learning path recommendations, assessment generation, assessment scoring, certification issuance, manager review, compliance reporting, and learner record export.

Actors

Actor Responsibility
Learner Completes content, assessments, and skill evidence.
Manager Reviews progress, certification readiness, and exceptions.
Learning administrator Owns curriculum, role mapping, compliance reporting, and retention.
AI learning assistant Proposes learning paths, practice questions, summaries, and coaching notes.
Maintainer Reviews assessment, certification, provider fallback, and audit evidence.

Identity Boundary

  • Learner identity, manager authority, administrator permissions, and AI assistant capability must be separate.
  • The AI learning assistant cannot certify completion, override assessment scores, or approve compliance evidence.
  • Every assessment and certification record must preserve learner, content source, scoring method, reviewer, and retention state.
  • Private learner records, HR data, and regulated training outcomes must never be exposed in public examples.

Tool And Action Boundary

Action Boundary
recommend_learning_path Advisory only; role mapping and prerequisites must remain visible.
generate_assessment Draft until administrator or reviewer approves question source and scoring rules.
score_assessment Must preserve rubric, attempt evidence, and reviewer state for high-stakes paths.
issue_certification Requires completion evidence and manager or administrator approval.
export_compliance_report Requires authorized requester, purpose, retention class, and audit event.

Human Approval Gates

  • Before using AI-generated assessments in compliance or certification paths.
  • Before issuing certificates, badges, or completion records for regulated training.
  • Before exporting learner progress or manager reports.
  • Before changing role mapping, prerequisites, scoring thresholds, or retention policy.
  • Before deleting assessment, certification, or compliance-report audit records.

Audit Event Model

Event Minimum Evidence
path.recommended learner, role, source rules, assistant reason, reviewer state
assessment.generated assessment id, source content, prompt hash, reviewer state
assessment.scored learner, assessment id, rubric, score, attempt evidence
certification.approved learner, certification, approver, completion evidence
compliance_report.exported requester, audience, purpose, destination, retention

Local Proof Path

  • npm install to prove dependency resolution.
  • npm run lint to prove static project health.
  • npm run test for learning-path, assessment, certification, and audit fixtures when available.
  • npm run build to prove the application compiles.
  • Use synthetic learners, courses, assessments, and manager approvals in public proof.

OSS And Self-Hosted Fallbacks

  • Use local content fixtures and open scoring rubrics before hosted learning analytics products.
  • Use PostgreSQL or SQLite for learner progress, assessment, and audit records.
  • Keep hosted content, AI generation, reporting, notification, and analytics providers behind adapters.
  • Prefer standards-friendly export formats for compliance evidence where feasible.

Contributor Follow-Up

Add a small assessment fixture that maps learner, role path, generated assessment, scoring rubric, manager approval, and compliance export.

Issue Closure Evidence

This document satisfies the issue checklist by separating:

  • identity or actor boundary
  • tool/provider/action boundary
  • human approval or escalation point
  • audit or observability events
  • OSS/self-hosted fallback direction
  • validation and static inspection path