Screening
Use setup answers and free-text checks to identify excluded sectors, manual-review categories, data sensitivity, and residency needs.
Loading AI Team page
A clear path for work that may still be commercially interesting but cannot be treated as ordinary setup without review, re-scope, special controls, or decline.
Buyer question
Good-fit buyers are not lost, but sensitive workflows do not slip into standard go-live. UAE SMEs often operate near sensitive sectors or family-business people decisions. Manual review preserves commercial opportunity without pretending every workflow is routine.
Package outcome
Good-fit buyers are not lost, but sensitive workflows do not slip into standard go-live.
What buyers should see
Each section should be short enough for an SME owner, manager, or procurement reviewer to understand before approving access or go-live.
Use setup answers and free-text checks to identify excluded sectors, manual-review categories, data sensitivity, and residency needs.
Record whether the work stays standard, moves to Complex review, needs legal/security review, is re-scoped, or is declined.
If accepted, add tighter authority tiers, reviewer ownership, data map, Arabic QA where needed, and explicit residual-risk decision.
Artifact template
Route sensitive, regulated-adjacent, residency-sensitive, public-sector, minors, privileged-data, or high-impact workflows into explicit review before setup proceeds.
List the trigger: sector, data class, residency need, public-sector context, minors, HR impact, legal privilege, or regulated-adjacent request.
manual_review_reason
Record standard, manual review, Complex review, excluded, re-scope required, or decline.
compliance_profile
State what is excluded, what can proceed, what must remain human-owned, and what cannot be offered.
excluded_scope_record
Name AI Team, client, legal, privacy, security, or domain reviewers required for the exception.
human_review_decision
Record accepted, blocked, reduced scope, declined, or needs external review with reviewer date.
residual_risk_decision
Add stricter approval, data, Arabic, authority, evidence, monitoring, or publication controls if the scope proceeds.
approval_policy
At intake, before quote acceptance, before go-live, and whenever scope, data class, sector, or residency need changes.
Risk handling
A package only builds trust when it also explains when AI Team should pause, escalate, re-scope, or decline instead of pushing the Agent live.
Source records
These are the implementation records and public surfaces that should remain aligned as the package becomes a dashboard, PDF, or sales handoff.
Related paths
Use these links when a buyer needs supporting context before setup review.
FAQ
These answers are intentionally practical so owner-operators can decide whether the package is ready, needs review, or should pause setup.
Good-fit buyers are not lost, but sensitive workflows do not slip into standard go-live.
Healthcare, medical, regulated finance, lending, insurance, investment, diagnosis, treatment, triage, or regulated advice is detected. Public sector, education/minors, legal privileged data, residency-sensitive work, high-impact HR, or sensitive data appears. The buyer asks for an Agent to make consequential decisions without human review. The reviewer cannot define a safe reduced scope.
Use src/lib/compliance.ts, src/app/api/setup-intake/route.ts, supabase/tests/operator_go_live_compliance_sector_tests.sql, config/compliance-governance.json as the starting source records for this package.