Standalone article · part of a sequenced guide
What you'll unlock: AI-augmented automation succeeds when deterministic orchestration wraps probabilistic steps: rules enforce policy, AI suggests, confidence gates decide, humans approve high-risk actions, and logs make every decision auditable.
Process Automation and AI-augmented Workflows
The convergence of Flow Designer, IntegrationHub, and AI — where work gets done without humans
Chapter context
Most organisations buy AI to reduce work, but they deploy it as assist panels and wonder why nothing changes. Real value comes when AI is embedded in workflows: it routes, drafts, extracts, and triages — and Flow enforces the policy.This chapter gives you the architecture patterns to ship automation that survives compliance and production: confidence gates, exception queues, integration governance, and blueprint anatomy you can reuse across domains.
Is this chapter for you?
Do you need AI to change operational outcomes (not just drafts)?
Start with Concept 1: design AI steps in Flow with confidence gating and degraded mode.
Do you need external AI providers or cross-system automation?
Concept 2: IntegrationHub spokes with auth, cost controls, and testing discipline.
Is routing accuracy and auditability a concern?
Concept 3: decision tables + PI confidence gating + feedback loops.
Are attachments blocking automation (invoices, forms, contracts)?
Concept 4: Document Intelligence pipeline with validation and exception handling.
This chapter is where ServiceNow AI stops being 'intelligence' and becomes execution. Flow Designer orchestrates deterministic policy. Predictive Intelligence and GenAI add probabilistic judgment. IntegrationHub connects external systems. Document Intelligence turns attachments into data. Together, they create end-to-end workflows that run with minimal human touch — and clear human checkpoints where required.You will learn how to place AI steps inside flows safely, how to design AI spokes with cost and security controls, how to build hybrid routing with decision tables and confidence gating, how to build document pipelines with exception handling, and how to automate change management while reducing risk.By the end you will have reusable blueprint patterns you can adapt for ITSM, CSM, HR, and GRC — plus PDI walkthroughs that demonstrate real automation, not demos.
Chapter insight
AI-augmented automation succeeds when deterministic orchestration wraps probabilistic steps: rules enforce policy, AI suggests, confidence gates decide, humans approve high-risk actions, and logs make every decision auditable.
Reference diagrams
AI-augmented Flow pattern
A repeatable pattern: pre-checks → AI step → confidence gate → deterministic action → audit.
Document processing pipeline
Document Intelligence becomes automation only with validation and exception handling.
Implementation paths
The workflow is the product: build it with gates, evidence, and ownership.
Concept 1
Flow Designer and AI Actions
AI steps in Flow Designer — Generate Text, Classify, Recommend — and the patterns that make AI-augmented workflows production-grade
1.1
AI Action Steps in Flow Designer
Built-in steps that call GenAI capabilities from within a flow
Key takeaway
AI actions are first-class Flow steps that invoke GenAI or ML capabilities and return structured outputs you can branch on — with logging, retries, and governance consistent with the platform.
Why this matters
Flow is where AI becomes operational work. If AI lives only in a chat panel, it doesn’t change outcomes.
Think of AI actions as probabilistic steps inside deterministic orchestration. Your job is to design how those steps are used safely: thresholds, fallbacks, and approvals.
Flow creates the enterprise advantages: audit, error handling, change control, and integration. AI actions inherit those benefits when used correctly.
Rule: never let an AI action be the final authority for a high-risk write. AI actions propose; Flow enforces policy.
Workflow — do this next
- 01Pick a record-triggered flow (incident created).
- 02Insert one AI action step (summary/classify) and store output in fields.
- 03Branch on confidence and route low confidence to a human queue.
Real example
AI summary + deterministic escalation
Flow generated a summary and proposed assignment, but CAB policy still required a deterministic escalation for P1. AI improved speed; rules preserved compliance.
1.2
The Generate Text action
Calling Now Assist from a flow and using the response downstream
Key takeaway
Generate Text is the GenAI bridge: assemble context → generate draft/synthesis → parse/validate → write to records or send for approval.
Why this matters
Most GenAI failures in automation happen because teams treat output as final truth instead of a draft requiring validation.
Design for structure: request bullet templates or JSON-like outputs. Free prose is hard to validate and risky to auto-apply.
Grounding: include record fields and KB snippets; require citations or reference ids when possible. If grounding is missing, force escalation.
Downstream logic: use generated output to create tasks, propose updates, or draft comms — but gate external sends behind approval.
Workflow — do this next
- 01Assemble context (fields + capped notes + KB snippet).
- 02Generate text in a constrained format (sections + max length).
- 03Validate: if missing required sections, route to human review queue.
Real example
Executive update draft in change flow
Flow generated an exec update draft after a change approval. A manager approved before sending. The update was consistent and faster without risking unreviewed comms.
1.3
The Classify action
Using Predictive Intelligence classification as a decision node
Key takeaway
Classify steps use PI to predict labels (category, assignment group) with confidence — enabling confidence-gated routing inside Flow.
Why this matters
Classification is one of the safest and highest-ROI AI steps because it’s measurable and cheap at scale.
Use confidence bands: high → auto-apply, medium → suggest, low → triage. This keeps accuracy high while preserving human control.
Capture overrides: when humans change the suggested label, log it for retraining. This is how routing improves over time.
Do not treat classification as static. Reorgs, new apps, and taxonomy changes cause drift — schedule retraining and monitor overrides.
Workflow — do this next
- 01Add Classify step to incident-create flow.
- 02Route based on confidence bands.
- 03Log overrides and run monthly model health review.
Real example
Hybrid routing improved MTTR
Flow used PI classification for most incidents and routed low-confidence cases to triage. Misroutes fell and MTTR improved without risky automation.
1.4
The Recommend action
Inserting ML recommendations at the right point in a process
Key takeaway
Recommendations (similar records, KB articles, next-best action) should appear at decision points where humans or downstream flows benefit — not as noisy popups everywhere.
Why this matters
Recommendation fatigue kills adoption. Place recommendations where they reduce rework and decision time.
Great placement: on assignment, on escalation, or before resolution. Poor placement: on every form load or every note save.
Use 'recommend then confirm': show top 1–3 with rationale and allow one-click accept. Track accept rate and resolution success.
Tie recommendations to knowledge lifecycle: if KB recommendation leads to wrong answers, fix KB quality and ranking first (Chapter 3).
Workflow — do this next
- 01Choose one recommendation type (KB).
- 02Expose it at one decision point (before agent response).
- 03Measure accept rate and effect on resolution time.
Real example
KB recs improved first-contact resolution
Flow suggested the most effective KB article based on history. Agents used it quickly, improving FCR without changing ticket volume.
1.5
Chaining AI and non-AI steps
Mixing deterministic logic with probabilistic output
Key takeaway
Best pattern: deterministic guardrails → AI suggestion → confidence gate → deterministic execution. AI should be sandwiched between rules and verification.
Why this matters
This pattern prevents AI from becoming an uncontrolled decision maker.
Sequence: validate policy constraints (rules) → classify/summarise (AI) → route by thresholds (decision table) → execute action (Flow) → log and verify.
Avoid chaining multiple AI steps without checkpoints. Errors compound and become hard to debug.
Use stable intermediate fields (u_ai_*). Keep AI output separate from final business fields until approved.
Workflow — do this next
- 01Add pre-checks (ACL, required fields).
- 02Run AI step and store output in staging fields.
- 03Gate execution with confidence and approvals; then commit to final fields.
Real example
Safe incident automation chain
Flow validated category field, ran PI routing, staged assignment, asked triage approval for medium confidence, then committed assignment. No uncontrolled writes.
1.6
Error handling for AI steps
Low confidence, timeouts, and failures
Key takeaway
AI steps fail differently than deterministic steps. Handle: low confidence, missing sources, provider errors, and schema mismatches — with degraded mode and escalation paths.
Why this matters
Production workflows must continue when AI is unavailable. If AI failure breaks ticket creation, the program will be shut off.
Failure classes: quality failures, system failures, and contract failures. Each needs a different handler.
Degraded mode: skip AI step and proceed with deterministic routing, or route to human triage. Never silently drop actions.
Log failures with reason codes so you can measure reliability and decide when to expand autonomy.
Workflow — do this next
- 01Add retry with cap for transient failures.
- 02Branch on low confidence to human triage queue.
- 03Record AI failure reason code on the record.
Real example
Degraded mode preserved operations
GenAI step timed out during a service outage. Flow routed incidents using deterministic rules and queued summaries for later. Operations continued without breaking intake.
1.7
Flow Builder for non-developers
How Now Assist helps business users build flows from natural language
Key takeaway
GenAI can draft flow skeletons from natural language, accelerating citizen development — but governance is required: approvals, templates, and testing before activation.
Why this matters
AI makes it easier to create automation. It also makes it easier to create unsafe automation unless guardrails exist.
Use GenAI for scaffolding: trigger, conditions, and common actions. Humans must review: ACLs, idempotency, error handling, and notifications.
Provide sanctioned templates and subflows. Citizen developers should assemble from approved blocks, not invent integrations.
Policy: flows generated by non-devs require platform team review before production.
Workflow — do this next
- 01Define an approved flow template library.
- 02Allow GenAI flow generation only inside templates.
- 03Add approval step in change process for new flows.
Real example
Citizen flow governance prevented outage
A generated flow would have spammed customers due to missing condition. Review policy caught it. AI increased speed, not risk.
1.8
Configuration walkthrough
Building an AI-augmented incident flow on PDI
Key takeaway
PDI lab: incident created → PI classify assignment group → GenAI generate summary → decision table routes by confidence → create task or assign → log outcomes.
Why this matters
This lab demonstrates the convergence: Flow + PI + GenAI + governance in one repeatable build.
Step 1: Create record-triggered flow on incident insert.
Step 2: Add Classify step (PI) for assignment group; store confidence.
Step 3: Add Generate Text step to draft summary; store in u_ai_summary.
Step 4: Decision table: if confidence high → auto-assign; medium → triage task; low → manual queue.
Step 5: Log AI actions and overrides for monitoring and retrain.
Workflow — do this next
- 01Create 20 test incidents across 5 categories.
- 02Run flow; measure assignment overrides and summary accept rate.
- 03Adjust thresholds and rerun until stable.
Ready-to-use artifacts
Complete templates — paste directly into your AI tool or automation workflow.
PDI AI-augmented incident flow test pack
Minimum tests before calling it production-shaped.
| # | Scenario | Expected | |---|----------|----------| | 1 | Clear VPN issue | High confidence route | | 2 | Ambiguous “help” | Triage task | | 3 | Missing description | Fail safe (manual queue) | | 4 | GenAI timeout | Degraded mode routing | | 5 | PI low confidence | Manual triage | Track: override %, AI failures, average runtime.
Concept 2
IntegrationHub and AI Spokes
Spokes, actions, auth, streaming, cost controls, pattern library, and testing for external AI integrations
2.1
IntegrationHub architecture
How spokes, actions, and steps connect ServiceNow to external systems
Key takeaway
IntegrationHub is ServiceNow’s integration runtime: spokes bundle reusable actions; actions become Flow steps; connections manage credentials; and executions are logged and governable.
Why this matters
Agentic AI and AI-augmented workflows are only as powerful as their tool access. IntegrationHub is the safest way to reach external systems at scale.
Think in layers: connection (credentials) → spoke (package) → action (unit of work) → flow step (or tool). Keep each layer versioned and owned.
Governance advantage: IntegrationHub provides execution logs, error handling, and centralized credential management — better than embedding API keys in scripts.
Design rule: treat spokes like APIs. Stable contracts, strict schemas, and change control prevent breaking production flows.
Workflow — do this next
- 01Inventory external systems you need (Slack, monitoring, CRM, LLMs).
- 02Prefer spokes over ad hoc REST whenever possible.
- 03Define a spoke ownership and versioning policy.
Real example
One spoke, many workflows
A 'StatusPage Draft Update' spoke action was reused across incident comms flows, VA handoffs, and agent tools. Governance improved because the integration was centralized.
2.2
AI platform spokes
Pre-built spokes for OpenAI, Azure OpenAI, Hugging Face, and others
Key takeaway
AI spokes wrap common LLM providers into reusable actions. Use them when you need external AI beyond Now Assist — but apply strict governance and cost controls.
Why this matters
External AI calls are powerful but risky: data exposure, cost spikes, and provider outages. Spokes help standardize.
Use external LLM spokes for: niche models, specialized embeddings, or when corporate policy mandates a specific provider.
Do not use external AI spokes to bypass Now Assist governance for core ITSM/HR workflows. Keep system-of-record workflows on-platform.
Always define what data leaves ServiceNow. Many AI integrations fail in security review because data flow is undocumented.
Workflow — do this next
- 01Define which use cases require external AI and why.
- 02Implement data minimization: send only needed fields.
- 03Add fallback path when provider is unavailable.
Real example
Embeddings for niche corpus
Company used an external embeddings model for a large engineering doc corpus not in ServiceNow. Spoke returned embeddings; ServiceNow stored only IDs and retrieval snippets — minimizing data exposure.
2.3
Building a custom AI spoke
Wrapping an external AI API as a reusable IntegrationHub action
Key takeaway
Custom AI spokes should be designed like product integrations: fixed endpoints, strict schemas, redacted logs, retries with caps, and versioned actions.
Why this matters
Most integration failures are caused by loose contracts. A good spoke makes AI callable safely from any flow or agent.
Define action contract: inputs (prompt/context), outputs (structured fields), and error codes. Avoid returning unstructured text that downstream steps can’t validate.
Credential management belongs in connections. Never embed keys in scripts or flow variables that get logged.
Add safety: allowlist endpoints and enforce payload size limits to prevent accidental data dumps.
Workflow — do this next
- 01Define the action: 'Generate_Summary_From_Incident'.
- 02Add schema validation and max payload constraints.
- 03Return: summary + confidence + citations + request_id.
Real example
Custom spoke used across multiple domains
One spoke action generated customer comms drafts. It returned a structured response and always required approval before send. It was reused across ITSM and CSM safely.
2.4
Streaming responses
Handling token-by-token output in flow context
Key takeaway
Streaming improves UX for interactive channels but complicates Flow. Most background automations should use non-streaming calls and treat outputs as single artifacts.
Why this matters
Streaming is seductive but often unnecessary for back-end workflows. Use it only when humans are waiting on the response in a UI.
For Flow, streaming usually means: accumulate partial tokens into a buffer, update a draft field progressively, and handle mid-stream failure gracefully.
For background processes, streaming adds complexity without value. Generate once, validate, then write.
If streaming is used, enforce timeouts and maximum tokens to avoid runaway costs.
Workflow — do this next
- 01Decide: interactive UI vs background flow.
- 02If interactive, stream into a draft field with cancel option.
- 03If background, disable streaming and validate output structure.
Real example
Streaming in agent workspace
Agents liked seeing drafts appear progressively for customer emails. For incident routing flows, streaming was removed to simplify and reduce failure modes.
2.5
Authentication patterns for AI APIs
OAuth, API keys, and credential management
Key takeaway
Use connection objects for credentials; prefer OAuth where supported; scope secrets minimally; rotate keys; and ensure logs redact sensitive values.
Why this matters
Credential mistakes are the fastest path to security incidents in AI integrations.
API keys are simple but risky: rotation and scope control are harder. OAuth provides better control and revocation.
Never pass secrets through prompts. Keep secrets out of LLM context entirely.
Implement rate limits per credential to prevent cost spikes and provider bans.
Workflow — do this next
- 01Create least-privilege connection credentials.
- 02Enable rotation schedule and owner.
- 03Test redaction: ensure logs do not store secrets.
Real example
Key leak avoided
A flow accidentally logged request headers. Redaction policy ensured API keys were not stored. Without it, incident response would have been required.
2.6
The AI spoke pattern library
Five common spoke patterns and when to use each
Key takeaway
Common patterns: draft generation, classification, extraction, retrieval/embedding, and evaluation. Choose pattern by output type and governance needs.
Why this matters
Patterns make integration design repeatable and reviewable.
Draft generation Classification
Extraction Retrieval/embedding
Evaluation — especially important before autonomous actions.
Workflow — do this next
- 01For each AI integration, label which pattern it is.
- 02Apply standard schema + monitoring per pattern.
- 03Create reusable subflows for each pattern.
Real example
Evaluation gate prevented unsafe email
Draft generation action was followed by an evaluation action that checked for forbidden claims. Unsafe drafts were routed to human review automatically.
2.7
Cost management for external AI calls
Token counting, rate limiting, and caching in spoke design
Key takeaway
External AI spend scales with context size and call frequency. Control it with payload caps, model routing, rate limits, caching, and batch processing where possible.
Why this matters
The #1 operational surprise with external AI is cost. Design cost controls before you scale.
Cap inputs: truncate notes, limit retrieved chunks, and store summaries for reuse. Most flows don’t need the full transcript every time.
Cache stable outputs: policy summaries and known responses shouldn’t be regenerated for every user.
Add circuit breakers: if cost spikes or provider errors increase, degrade to non-AI flow paths.
Workflow — do this next
- 01Add max input size and max token output to actions.
- 02Implement caching for repeated requests (by key).
- 03Set monthly cost dashboard and alert thresholds.
Real example
Caching cut spend by half
Policy answers were regenerated constantly. Caching by policy version reduced LLM calls significantly while keeping responses consistent and grounded.
2.8
Testing and debugging spokes
Tools and techniques for validating spoke behaviour
Key takeaway
Test spokes like APIs: unit tests for schema, integration tests for auth/latency, failure injection, and log inspection — before embedding in critical flows.
Why this matters
Spoke defects cascade across every workflow that depends on them.
Test success and failure modes: auth failures, timeouts, rate limits, and malformed outputs. Ensure downstream flows handle each safely.
Observe logs: request_id, latency, token usage (if available), and error codes. Debugging without telemetry becomes guesswork.
Version actions: never change output structure without bumping version and updating dependent flows.
Workflow — do this next
- 01Create test harness flow that calls the spoke action.
- 02Inject failures and verify degraded mode behavior.
- 03Document action contract and version history.
Ready-to-use artifacts
Complete templates — paste directly into your AI tool or automation workflow.
AI spoke test checklist
Minimum validations before production use.
## Spoke tests - [ ] Auth success + auth failure - [ ] Timeout handling - [ ] Rate limit handling - [ ] Output schema validation - [ ] Redaction of secrets in logs - [ ] Payload size limits - [ ] Retry caps + backoff - [ ] Cost telemetry captured - [ ] Versioned outputs + rollback
Concept 3
Decision Tables and AI Routing
Hybrid routing: rules + ML confidence gating + feedback loops — with a PDI walkthrough
3.1
When to use a decision table vs an AI model
Determinism-vs-learning trade-off
Key takeaway
Decision tables encode known policy deterministically. AI models learn patterns from history. Use tables when rules are explicit; use AI when patterns are complex and labeled; combine both for safe routing.
Why this matters
This choice determines auditability and maintenance cost. Most routing should be hybrid, not pure AI.
Decision table is best when policy is explicit: VIP users → special queue; security incidents → SOC; region-based routing → fixed rules.
AI is best when language patterns predict the correct team and you have labels: assignment group prediction from descriptions.
Hybrid wins when you need both: AI proposes; table enforces policy and thresholds.
Workflow — do this next
- 01List routing policies that are mandatory (rules).
- 02Identify parts that are pattern-based (AI).
- 03Design hybrid: rules first, then AI, then fallback.
Real example
VIP override rule + AI routing
Decision table routes VIP incidents to dedicated queue regardless of AI. For non-VIP, AI routes when confident; otherwise triage. Policy and learning coexist safely.
3.2
Decision table architecture
Structure, conditions, outcomes, admin experience
Key takeaway
Decision tables are structured if/then matrices: inputs (conditions), outputs (decisions), and versioned rulesets that non-developers can maintain with governance.
Why this matters
Decision tables are the fastest way to make routing behavior transparent and auditable.
Keep tables small and layered: one table for mandatory exceptions, one for standard routing, and one for fallback.
Governance: version changes, require approvals, and track who changed what. Decision tables are code in disguise.
Use clear outcome contracts: assignment group, priority floor, and required tasks.
Workflow — do this next
- 01Define the inputs you’ll use (category, CI class, VIP flag, AI confidence).
- 02Define outcomes (queue, assignment, escalation).
- 03Implement versioning and approval policy for changes.
Real example
Audit-friendly routing behavior
An auditor asked why a ticket went to a queue. Decision table row and version explained it instantly. AI was only used inside a confidence gate.
3.3
AI-assisted decision tables
Using ML predictions as inputs to a decision table
Key takeaway
Treat ML outputs (predicted label + confidence) as decision table inputs. This lets deterministic logic decide when to trust AI and what to do when AI is uncertain.
Why this matters
This is the core safety pattern for ML in operations: AI proposes; rules decide.
Inputs include: predicted assignment group, confidence score, and top-3 alternatives. Table defines: auto-assign, suggest, or triage.
Use different thresholds by category: routing for VPN may be easier than routing for complex app issues. Thresholds should be data-driven.
Log decision outcome and later human override as feedback for retraining.
Workflow — do this next
- 01Add PI Classify step to Flow and capture confidence.
- 02Pass confidence + predicted group to decision table.
- 03Branch based on table outcome (auto/suggest/triage).
Real example
Policy enforced regardless of AI
Even if AI predicted Network with high confidence, decision table rerouted security incidents to SOC. AI stayed inside policy boundaries.
3.4
Hybrid routing
Combining rule-based and AI-based routing in one flow
Key takeaway
Hybrid routing flow: apply deterministic exceptions first, then AI classification, then fallback rules — ensuring correctness and auditability.
Why this matters
Pure AI routing breaks on edge cases; pure rules are expensive to maintain. Hybrid gives the best of both.
Sequence: exception rules → AI classify → confidence gate → fallback triage. Document the sequence as architecture policy.
Do not hide AI inside complex flows without transparency. Always write predicted value and confidence to fields for audit and monitoring.
Use “suggest” mode during pilots to build trust and capture overrides.
Workflow — do this next
- 01Implement exceptions in decision table v1.
- 02Implement AI classify and store confidence.
- 03Add fallback routing and a triage queue.
Real example
Routing quality improved without brittleness
Rules handled mandatory routing; AI handled patterns; low-confidence cases went to triage. Over time, retraining reduced triage load and improved automation safety.
3.5
Confidence-gated routing
Use AI when confidence is high; rules when low
Key takeaway
Confidence gating is the operational contract: AI is allowed only above a threshold that meets precision targets. Below that threshold, deterministic routing or human triage takes over.
Why this matters
This prevents low-quality predictions from damaging operations and user trust.
Set thresholds from evaluation data: pick precision targets (e.g., 95% for auto-assign). Different domains may have different targets.
Use three bands: auto / suggest / manual. Two-band systems often oscillate between too risky and too conservative.
Monitor confidence distribution; if it shifts, drift is happening.
Workflow — do this next
- 01Choose thresholds A and B from test metrics.
- 02Implement three bands in Flow.
- 03Review monthly: override rate and misroutes per band.
Real example
Three-band gating scaled safely
Auto-assign only for ≥0.82 confidence; suggest for 0.65–0.82; triage below 0.65. Misroutes stayed low while automation coverage grew over time.
3.6
Routing accuracy feedback loop
Capturing outcomes to improve routing continuously
Key takeaway
Feedback loop = logging predictions + human overrides + downstream outcomes → retraining datasets → new model versions → A/B tests.
Why this matters
Routing improves only when you capture reality and retrain. Without feedback, models drift and automation fails silently.
Capture: predicted group, confidence, final group, override reason, and time-to-resolution. These are the features of MLOps in ServiceNow.
Use overrides as labeled data: when humans correct AI, that’s high-value training signal.
Run scheduled retrains and A/B tests. Do not deploy new models blindly.
Workflow — do this next
- 01Add fields: u_ai_predicted_group, u_ai_confidence, u_ai_overridden.
- 02Create monthly retrain job from override log.
- 03Run A/B for 2 weeks before full deploy.
Real example
Overrides drove rapid improvement
In month one, override rate was 14% for a new category. After retraining with overrides, it dropped to 7%. The loop made the model better without endless manual rules.
3.7
Real use case: multi-tier incident routing
Before/after architecture
Key takeaway
Multi-tier routing uses decision tables for exceptions and policy tiers, plus PI classification for pattern-based routing — reducing triage time while preserving compliance.
Why this matters
This is the architecture story stakeholders understand: faster routing without uncontrolled AI.
Before: manual triage, scattered rules, inconsistent assignment. After: exception table → AI routing with confidence gate → triage queue for low confidence.
Metrics: fewer reassignments, faster time-to-first-touch, lower MTTR, and transparent audit fields.
Change management: publish routing policy and train agents on override reasons — the human system matters.
Workflow — do this next
- 01Baseline misroutes and time-to-assign.
- 02Deploy hybrid routing to one team.
- 03Scale after precision targets met and audit satisfied.
Real example
Routing transformed in 12 weeks
Enterprise reduced reassignments and improved SLA compliance by combining deterministic policy tables with PI routing. The biggest win was trust: humans understood why routing happened and could override safely.
3.8
Configuration walkthrough
Build a hybrid routing flow on PDI
Key takeaway
PDI lab: create PI routing model → add classify step → decision table on confidence → route/triage → log overrides → retrain cadence.
Why this matters
This is the hands-on proof you can ship hybrid AI + rules in ServiceNow.
Step 1: Train PI assignment group classifier (from Chapter 4).
Step 2: Create decision table with exceptions and confidence bands.
Step 3: Flow: apply exceptions, then classify, then branch by table result.
Step 4: Log predicted group/confidence and override events.
Step 5: Run 20 test incidents; tune thresholds and exceptions.
Workflow — do this next
- 01Implement three-band gating in Flow.
- 02Create triage task for low confidence.
- 03Measure override rate and misroutes on test pack.
Ready-to-use artifacts
Complete templates — paste directly into your AI tool or automation workflow.
PDI hybrid routing checklist
What must exist before demoing routing.
- [ ] PI model trained + evaluated - [ ] Decision table exceptions defined - [ ] Confidence bands implemented - [ ] Fallback triage queue exists - [ ] Override logging fields added - [ ] Test pack executed + results recorded
Concept 4
Document Intelligence
Intelligent document processing in the Now Platform — extraction, classification, validation, and record mapping
4.1
What Document Intelligence is
Intelligent document processing within the Now Platform
Key takeaway
Document Intelligence extracts structured fields from unstructured documents (PDFs, scans, forms) and routes them into workflows with confidence thresholds and exception handling.
Why this matters
Attachments are where automation dies. Document Intelligence turns “a PDF in an email” into a runnable workflow.
It’s the bridge from unstructured inputs to structured records: extract invoice fields, classify request types, and trigger downstream approvals and tasks.
Document Intelligence pairs naturally with Flow: extract → validate → map to table → route → human exception queue.
Success depends on template consistency and governance: define what you will auto-process vs route to humans.
Workflow — do this next
- 01Pick one document type with stable layout (invoice).
- 02Define extraction fields and table mapping.
- 03Set confidence threshold and exception queue.
Real example
Invoice intake became straight-through
Invoices used to require manual re-keying. With extraction + validation, most invoices were processed automatically; low-confidence cases went to a review queue.
4.2
Supported document types
Formats, constraints, and accuracy expectations
Key takeaway
Document processing works best on consistent formats. Accuracy varies by scan quality, layout variance, and field complexity — design thresholds and human review for safety.
Why this matters
Overpromising accuracy kills adoption. Real systems are hybrid: straight-through + exceptions.
Common best-fit types: invoices, purchase orders, standardized HR forms, ID documents, and compliance checklists.
Hard cases: handwritten text, highly variable contracts, low-quality scans. Use human-in-the-loop and narrow scope.
Set expectations: measure field-level accuracy and define what counts as “good enough” per field.
Workflow — do this next
- 01Collect 50 sample documents; grade quality variance.
- 02Choose fields that matter and define acceptable error tolerance.
- 03Define which fields require human verification always (amounts).
Real example
Handwriting excluded from v1
HR tried to process handwritten forms and failed. Narrowing v1 to typed forms achieved success and built momentum.
4.3
Extraction model training
Training an extraction model for your document type
Key takeaway
Training is about labeling fields on representative samples and validating performance across variance. Template changes require retraining or model updates.
Why this matters
Extraction models fail when trained on too-narrow samples and deployed on messy reality.
Use representative samples: include different vendors, versions, and scan qualities. Avoid training only on the cleanest samples.
Labeling discipline: define field definitions precisely (net vs gross amount). Ambiguity creates inconsistent extraction.
Evaluate per-field accuracy and confidence calibration. Some fields can be auto; others require review.
Workflow — do this next
- 01Select 50–200 representative docs for training/validation.
- 02Label fields and train model; evaluate per-field accuracy.
- 03Set confidence thresholds by field criticality.
Real example
Amount field required review
Model extracted amounts well most of the time, but finance required 100% correctness. Amount field was always routed to review; other fields were auto-mapped.
4.4
Classification models
Auto-routing documents to the right process based on content
Key takeaway
Classification routes documents into the correct workflow: invoice vs contract vs HR form; or subtypes that determine approvals and queues.
Why this matters
Routing is the hidden ROI: the right process starts automatically, and humans handle only exceptions.
Use classification when you have multiple document types entering the same intake channel (email, portal upload).
Combine with decision tables: ML predicts type; decision table enforces policy and assigns queue.
Measure: routing precision and the cost of misroutes. For high-risk types, require human validation.
Workflow — do this next
- 01Define document classes and routing outcomes.
- 02Train classifier and set confidence gating.
- 03Route low confidence to intake triage queue.
Real example
Contracts separated from invoices
Classifier correctly routed contracts to legal workflow and invoices to AP workflow, reducing manual sorting and avoiding policy violations.
4.5
Validation and exception handling
What happens when extraction confidence is below threshold
Key takeaway
Exception handling is mandatory: low-confidence extractions go to review queues with highlighted fields, evidence, and correction workflows.
Why this matters
Straight-through processing without exception handling is how document automation creates financial errors.
Design review UX: show extracted value, confidence, and the source snippet. Make approval and correction fast.
Set thresholds by risk: low-risk fields auto-fill; high-risk fields require review. This balances speed and safety.
Capture correction data to improve training sets and model versions over time.
Workflow — do this next
- 01Define confidence thresholds per field.
- 02Create review task type and queue.
- 03Log corrections and retrain periodically.
Real example
Review queue prevented wrong payments
Low-confidence amount extractions were reviewed. Errors were caught before payment, keeping finance trust while still automating most work.
4.6
Integration with ServiceNow records
Mapping extracted fields to table columns automatically
Key takeaway
Extracted fields must map cleanly into table schemas with validation rules. Store original doc, extracted values, confidence, and reviewer actions for audit.
Why this matters
Without clean mapping, you get messy data and broken downstream automation.
Map to staging tables first when risk is high. Promote to final tables only after validation and approvals.
Add data validation: date formats, currency, vendor references. Don’t let extraction write invalid values into core tables.
Audit: store extraction outputs and confidence so you can explain automation decisions later.
Workflow — do this next
- 01Define staging table schema for extracted docs.
- 02Add validation rules and reference lookups.
- 03Write to final record on approval only.
Real example
Staging prevented data pollution
Extraction wrote into a staging record. Review validated key fields, then promoted to AP system. Core tables stayed clean and audit-ready.
4.7
Use cases by domain
Contracts, invoices, service requests, HR forms, compliance docs
Key takeaway
Document Intelligence unlocks paper-heavy workflows across domains. Start with one stable document type and expand by ROI and risk tier.
Why this matters
Trying to automate every document type at once leads to failure. Sequence matters.
Finance: invoices and POs. Legal: contract clause extraction (often with strong HITL). HR: onboarding forms and ID docs. IT: service request forms and vendor quotes.
Compliance: evidence documents can be extracted into structured checklists and routed for review.
Pick domain where speed matters and document format is stable. That’s your first win.
Workflow — do this next
- 01Inventory top 5 document types by volume and pain.
- 02Score each by format stability and risk.
- 03Choose one to pilot with thresholds + exception queue.
Real example
AP invoice first, contracts later
Invoices were stable and high-volume, so AP automation succeeded quickly. Contract automation was delayed until legal governance and validation UX were ready.
4.8
Configuration walkthrough
Build a document processing pipeline on PDI
Key takeaway
PDI lab: intake document → classify type → extract fields → validate on confidence → map to staging record → route to approval queue → promote to final record.
Why this matters
This lab demonstrates real document automation: not just extraction, but workflow with thresholds and audit.
Step 1: Choose a document type and create sample docs.
Step 2: Configure classification and extraction fields.
Step 3: Build Flow: ingest → extract → validate thresholds → create review task.
Step 4: Map approved values to staging table and then final record.
Step 5: Measure straight-through rate and exception rate.
Workflow — do this next
- 01Create 20 sample documents with variance.
- 02Run pipeline; measure field-level confidence distribution.
- 03Tune thresholds and review UX.
Ready-to-use artifacts
Complete templates — paste directly into your AI tool or automation workflow.
Document pipeline test pack
Minimum tests before rollout.
| # | Scenario | Expected | |---|----------|----------| | 1 | Clean doc | Straight-through | | 2 | Low-quality scan | Review queue | | 3 | Missing field | Exception | | 4 | Wrong type | Classifier routes to triage | | 5 | High-risk field | Always requires review | Track: straight-through %, exception reasons, review SLA.
Concept 5
AI-augmented Change Management
Risk prediction, impact assessment, CAB prep, conflict detection, post-change correlation, and dashboards
5.1
The change management problem
Why change is the highest-risk process and where AI reduces that risk
Key takeaway
Change failures cause outages. AI reduces risk by improving assessment, prioritizing review effort, detecting conflicts, and correlating incidents back to changes — but it does not replace CAB accountability.
Why this matters
Change is where automation creates huge value but also huge risk. Governance must be strongest here.
The failure pattern: incomplete impact assessment, weak backout plans, and collision with other changes. AI can flag these earlier and more consistently.
AI creates leverage by triaging review: high-risk changes get deeper human scrutiny; low-risk standard changes become faster.
The key principle: AI augments judgment; it does not become the approver of record.
Workflow — do this next
- 01Baseline change failure rate and post-change incident volume.
- 02Identify review bottlenecks (CAB prep time, impact assessment).
- 03Deploy AI for triage and summaries before automating approvals.
Real example
CAB prep became faster and safer
AI summarized change details and flagged missing backout plans, allowing CAB to focus on risk rather than reading long descriptions.
5.2
Change risk prediction
ML scoring for likelihood of causing an incident
Key takeaway
Risk prediction uses historical change outcomes to score risk tiers. It’s most effective when post-change incidents are reliably linked to changes and taxonomy is stable.
Why this matters
Risk scoring is how you prioritize human attention. Without it, CAB time is spent evenly across low- and high-risk changes.
Inputs: change type, CI class, affected services, time window, past success rates, and collision patterns. Output: risk tier and confidence.
Governance: risk score influences review depth, not final approval. High risk triggers more checks; it should not auto-reject by itself.
Feedback loop: if risk score is wrong, link outcomes and retrain. Risk prediction is an MLOps program.
Workflow — do this next
- 01Ensure linkage: post-change incidents mapped to change records.
- 02Train risk model and validate on holdout window.
- 03Deploy: high risk → extra review tasks; low risk → fast track.
Real example
High-risk changes required deeper checks
High risk tier changes required stakeholder approvals and explicit backout review; standard changes stayed fast. Failure rate dropped without slowing all work.
5.3
AI-assisted impact assessment
Using GenAI to identify affected CIs, services, and stakeholders
Key takeaway
GenAI can summarize likely impacted services and stakeholders from change details and CMDB context — but must cite evidence and remain advisory.
Why this matters
Impact assessment is labor-intensive and error-prone. GenAI speeds it up, but hallucination must be controlled with grounding.
Ground impact assessment in CMDB relationships and change templates. GenAI should reference CIs and services by id/name from records, not invent them.
Output should include uncertainty: 'likely impacted based on dependency graph' and recommend who should review.
Human remains responsible for final impact statement — especially for regulated services.
Workflow — do this next
- 01Retrieve CMDB dependency context for affected CIs.
- 02Generate impact draft with citations to CIs/services.
- 03Route draft to change owner for review before CAB.
Real example
Stakeholders notified correctly
AI suggested stakeholder list from service ownership tables. Change owner verified and notified proactively, reducing surprise outages and escalation drama.
5.4
CAB preparation automation
AI prepares change brief, risk summary, and options
Key takeaway
CAB automation generates a structured brief: summary, risk factors, missing info checklist, collision warnings, and recommended decision options — making meetings shorter and decisions better.
Why this matters
CAB bottlenecks are often reading and summarization. AI turns CAB into decision-making instead of document review.
Use Flow + Generate Text: compile change fields, risk score, dependency context, and collision checks; generate a one-page CAB brief.
Add validation: missing backout plan or test evidence triggers pre-CAB tasks rather than surprises in meeting.
Store CAB brief on the change record for audit and traceability.
Workflow — do this next
- 01Build CAB brief template with required sections.
- 02Generate brief in Flow and attach to change record.
- 03Require change owner sign-off before CAB meeting.
Real example
CAB meeting time reduced
CAB members received consistent briefs in advance. Meeting shifted from reading to decisions; throughput increased without raising risk.
5.5
Automated conflict detection
Schedule conflicts, maintenance window violations, CI freezes
Key takeaway
Conflict detection uses rules + similarity + topology: detect overlapping windows on shared CIs/services and enforce maintenance policies automatically.
Why this matters
Collisions cause outages. Detecting conflicts early is one of the highest-impact change automations.
Deterministic rules catch obvious conflicts (same CI, same window). Similarity and topology help catch less obvious conflicts (dependent services).
Design: conflict detection should create actionable tasks: reschedule, coordinate, or request exception approval.
Measure: reduction in post-change incidents attributed to collisions.
Workflow — do this next
- 01Implement rule-based conflict checks first.
- 02Add topology-based collision detection for critical services.
- 03Route conflicts to change manager queue for resolution.
Real example
Freeze policy enforced automatically
A service freeze window blocked changes automatically. Attempted conflicting changes were routed for exception approval rather than silently approved.
5.6
Post-change correlation
Linking post-change incidents back to causal changes
Key takeaway
Correlation links incidents to recent changes using CI/service overlap, timing windows, and similarity signatures — enabling faster rollback decisions and better model training.
Why this matters
Without correlation, teams argue about blame. With correlation, you have evidence for root cause and risk model improvement.
Signals: incident starts within X hours, affects same CIs/services, shares error signatures. Output should include confidence and evidence.
Use correlation to drive action: notify change owner, suggest rollback, open problem record for recurring changes.
Feed correlated outcomes back into risk prediction labels for continuous improvement.
Workflow — do this next
- 01Define correlation window per service tier.
- 02Implement correlation logic and store link records.
- 03Review weekly to validate and refine precision.
Real example
Faster rollback decisions
Correlation flagged a change as likely cause of incident. Teams rolled back quickly, reducing impact time and improving postmortem clarity.
5.7
Change intelligence dashboard
AI-powered view of change risk across the portfolio
Key takeaway
A change intelligence dashboard shows risk distribution, upcoming high-risk windows, collision hotspots, and post-change incident correlations — enabling proactive governance.
Why this matters
Leadership manages change risk at portfolio level. Dashboards create visibility and accountability.
Key tiles: high-risk changes next 7 days, collision conflicts, services with repeated post-change incidents, and change failure trends.
Tie dashboard to action: high-risk changes trigger extra checks and stakeholder reviews.
Use the dashboard to evolve policy: if certain change types repeatedly fail, update templates and approvals.
Workflow — do this next
- 01Define dashboard KPIs and owners.
- 02Build reports by service and change type.
- 03Review weekly with change managers and service owners.
Real example
Hotspot service governance
Dashboard showed one service had repeated post-change incidents. Governance tightened templates and required extra testing; failure rate dropped.
5.8
Configuration walkthrough
Enabling and configuring AI change risk on PDI
Key takeaway
PDI lab: configure change risk scoring (or simulate with PI) → generate CAB brief → run conflict checks → correlate incidents to changes — end-to-end change intelligence.
Why this matters
This is the demo that proves AI reduces risk rather than creating it.
Step 1: Create sample changes and sample incidents.
Step 2: Implement a risk score (PI model or rule proxy) and store on change record.
Step 3: Flow generates CAB brief using risk + context.
Step 4: Conflict checks create tasks for violations.
Step 5: Correlation links incidents within window back to changes.
Workflow — do this next
- 01Create 10 changes across 3 services and overlapping windows.
- 02Trigger conflict detection and CAB brief generation.
- 03Create incidents after changes; test correlation accuracy.
Ready-to-use artifacts
Complete templates — paste directly into your AI tool or automation workflow.
CAB brief template (starter)
Use as the structured output for CAB automation.
## Change summary ## Risk score + rationale ## Impacted services/CIs (evidence) ## Collision/conflict warnings ## Missing info checklist ## Backout plan readiness ## Recommended CAB decision options
Concept 6
End-to-end Workflow Blueprints
Reference architectures you can adapt: incident, requests, vuln mgmt, onboarding, problem mgmt, renewals, exec reporting
6.1
Blueprint 1: AI-driven incident management
Creation → routing → assist → resolution with AI at every step
Key takeaway
Best incident blueprint: VA intake + AI Search deflection → PI routing with confidence gating → Now Assist summaries/drafts → Flow policy enforcement → agentic escalation for coordination (optional).
Why this matters
This blueprint is the backbone of most ServiceNow AI programs. It ties together Chapters 2–6 into one operational system.
Intake: Virtual Agent or portal search; deflect when possible; create incident when not. Routing: PI classification with decision table policy.
Assist: Now Assist summarises threads and drafts comms; AI Search retrieves similar incidents/KB. Execute: Flow updates, notifications, approvals.
Measure: containment (portal) and MTTR (agent) with audit logs and override capture.
Workflow — do this next
- 01Define 5 intents for intake and 3 routing groups.
- 02Implement PI routing + confidence gating.
- 03Add summaries and KB recommendations; track metrics.
Real example
Layered incident system
AI reduced triage and scroll-back time while Flow preserved policy. Over time, retraining and knowledge flywheel increased automation coverage safely.
6.2
Blueprint 2: intelligent service request fulfillment
NLU intake → AI routing → automated fulfillment
Key takeaway
Request fulfillment blueprint: NLU captures intent + entities → decision table chooses catalog item → Flow provisions via IntegrationHub → exceptions route to humans → analytics improve taxonomy.
Why this matters
Requests are high volume and often deterministic, making them ideal for AI-augmented automation.
Use scripted topics for deterministic steps; use GenAI only for explanation and guidance.
Provisioning uses IntegrationHub spokes and approvals. AI selects the right workflow; deterministic steps execute it.
Measure: completion rate, exception rate, and time-to-fulfillment.
Workflow — do this next
- 01Map intents to catalog items using decision tables.
- 02Automate provisioning via spokes with rollback and approvals.
- 03Track exceptions and add KB or entity improvements.
Real example
Access request automation
VA captured app + role entity; decision table launched correct catalog item; Flow provisioned in IAM tool; exceptions routed to IAM queue.
6.3
Blueprint 3: automated vulnerability management
Alert ingestion → risk scoring → ticketing → tracking
Key takeaway
Vuln blueprint: ingest scanner events → normalize → score risk (rules + ML) → create tasks → route to owning teams → dashboards for SLA and exposure.
Why this matters
Vulnerability work is noisy and prioritization-heavy — perfect for automation with measurable outcomes.
Use IntegrationHub to ingest scanner data. Use decision tables for policy thresholds. Use ML to prioritize based on history and asset criticality.
Agentic layer can propose remediation plans and coordinate comms, but approvals remain for production changes.
Measure: time-to-triage, SLA compliance, and reduced false positives.
Workflow — do this next
- 01Normalize vuln events into a standard record.
- 02Score risk and route to owning team with policy gates.
- 03Track remediation progress and exceptions.
Real example
Noise reduced, focus increased
Automation created fewer, higher-quality tasks with clear priority rationale. Teams spent time fixing, not triaging.
6.4
Blueprint 4: AI-powered onboarding workflow
Multi-system provisioning with agent orchestration
Key takeaway
Onboarding blueprint: HR case triggers → document extraction (forms) → decision table selects provisioning package → IntegrationHub provisions accounts → agent drafts comms and status → exceptions route to humans.
Why this matters
Onboarding is cross-system, repetitive, and measurable — a prime candidate for AI-augmented workflow automation.
Document Intelligence extracts form data. Flow orchestrates provisioning across IAM, email, apps. Agents may coordinate reminders and comms with approvals.
Use idempotency and rollback: provisioning steps must be safe to retry and reversible when hires cancel.
Measure: time-to-provision, exception rate, and employee satisfaction.
Workflow — do this next
- 01Define onboarding data schema and extraction fields.
- 02Create provisioning subflows per role package.
- 03Add exception handling and re-run logic.
Real example
Provisioning became predictable
Most onboarding tasks executed automatically; exceptions were clearly queued. HR visibility improved through dashboards and consistent comms drafts.
6.5
Blueprint 5: proactive problem management
AIOps correlation feeding into problem investigation
Key takeaway
Problem blueprint: event correlation clusters recurring issues → similarity links incidents → create problem records → Now Assist drafts RCA hypothesis → humans validate and publish known errors.
Why this matters
Problem management becomes viable when clustering and correlation reduce the manual effort of finding patterns.
AIOps groups alert storms and recurring clusters. Similarity links incidents. Flow opens a problem record when thresholds hit.
Now Assist drafts hypotheses and timelines; humans validate and publish known error records.
Measure: reduction in repeat incidents and faster time-to-root-cause.
Workflow — do this next
- 01Define thresholds for opening problem records (N incidents in window).
- 02Automate linking and evidence gathering.
- 03Publish known errors and monitor reuse.
Real example
Recurring incidents fell
By converting clusters into problem records with draft RCA, teams reduced repeat incidents because fixes became systematic rather than ticket-by-ticket.
6.6
Blueprint 6: contract renewal automation
Document Intelligence reads contracts and triggers renewal workflows
Key takeaway
Renewal blueprint: ingest contract PDFs → extract renewal dates/terms → create renewal tasks → route to owners → GenAI drafts renewal comms → approvals for legal sends.
Why this matters
Renewals are deadline-driven and document-heavy — automation prevents missed renewals and reduces manual tracking.
Document Intelligence extracts renewal fields; Flow creates tasks and reminders; IntegrationHub updates CRM; GenAI drafts internal summaries and emails.
Governance: legal approval is mandatory for external contract comms. Draft-only is safe; send requires review.
Measure: renewals completed on time and reduction in manual tracking effort.
Workflow — do this next
- 01Define contract extraction fields and validation rules.
- 02Create renewal task workflow with SLA reminders.
- 03Add approval gates for external comms.
Real example
Missed renewals eliminated
Automation extracted renewal dates and created tasks well ahead of deadlines. Stakeholders acted earlier, reducing late renewals and penalties.
6.7
Blueprint 7: executive status reporting
Data aggregation → narrative generation → distribution
Key takeaway
Exec reporting blueprint: aggregate KPIs and record summaries → generate narrative with citations → distribute via email/Teams → store report on record for audit.
Why this matters
Executives need narratives, not dashboards. AI can draft narratives quickly if grounded and versioned.
Retrieve KPIs from PA, incidents, changes, and risks. Generate narrative with strict template and citations.
Approval: exec reports should be reviewed by owners before distribution. Draft-only generation is safe; auto-send requires policy.
Measure: time saved and decision quality (stakeholder feedback).
Workflow — do this next
- 01Define report template and data sources.
- 02Generate draft weekly; require owner approval.
- 03Store report for audit and comparison over time.
Real example
Weekly report created in minutes
Instead of manual slide updates, the system generated a grounded narrative and attached it to a record. Leaders got consistent updates with less effort.
6.8
Blueprint anatomy
How to read and adapt each blueprint for your environment
Key takeaway
Every blueprint has the same anatomy: entry point, retrieval, decisioning, execution, human checkpoints, observability, and metrics. Adapt by swapping tools and policy gates, not by rewriting the whole pattern.
Why this matters
Blueprints become reusable when you can adapt them systematically instead of copying blindly.
Anatomy: Trigger → Context assembly → AI step (optional) → Confidence gate → Deterministic execution → Approval → Logging → Metrics.
Adaptation steps: identify your record model, your tools (spokes/flows), and your governance constraints.
Start with one blueprint and one domain. Prove it, then expand horizontally.
Workflow — do this next
- 01For your target blueprint, write its anatomy in 7 bullets.
- 02Map each bullet to ServiceNow components (Flow, PI, VA, spokes).
- 03Define the safety pack: approvals, logs, rollback, and kill switches.
Ready-to-use artifacts
Complete templates — paste directly into your AI tool or automation workflow.
Blueprint anatomy template
Copy/paste into architecture docs.
## Blueprint anatomy 1) Trigger: 2) Context: 3) AI/ML step: 4) Confidence gating: 5) Deterministic actions: 6) Human approvals: 7) Observability + metrics: Notes: - Data boundaries: - Rollback plan: - Degraded mode:
Ready-to-use artifacts
Complete templates — paste directly into your AI tool or automation workflow.
AI step error-handling pattern (copy/paste)
Use for every AI step in Flow.
If AI step fails: - Record reason code (TIMEOUT / RATE_LIMIT / LOW_CONFIDENCE / SCHEMA) - Execute degraded-mode path (rules-based routing or human queue) - Notify owner only if above threshold volume - Never block ticket creation If AI step returns low confidence: - Route to triage queue - Capture override outcome for retraining
Blueprint checklist
Use to adapt any blueprint safely.
- Trigger and record model defined - Data boundaries (ACL + scope) - AI steps chosen + confidence gates - Deterministic policy in decision tables - Exception handling + review queues - IntegrationHub actions versioned - Cost controls in place - Audit logs + dashboards
PDI AI-augmented incident flow test pack
Minimum tests before calling it production-shaped.
| # | Scenario | Expected | |---|----------|----------| | 1 | Clear VPN issue | High confidence route | | 2 | Ambiguous “help” | Triage task | | 3 | Missing description | Fail safe (manual queue) | | 4 | GenAI timeout | Degraded mode routing | | 5 | PI low confidence | Manual triage | Track: override %, AI failures, average runtime.
AI spoke test checklist
Minimum validations before production use.
## Spoke tests - [ ] Auth success + auth failure - [ ] Timeout handling - [ ] Rate limit handling - [ ] Output schema validation - [ ] Redaction of secrets in logs - [ ] Payload size limits - [ ] Retry caps + backoff - [ ] Cost telemetry captured - [ ] Versioned outputs + rollback
PDI hybrid routing checklist
What must exist before demoing routing.
- [ ] PI model trained + evaluated - [ ] Decision table exceptions defined - [ ] Confidence bands implemented - [ ] Fallback triage queue exists - [ ] Override logging fields added - [ ] Test pack executed + results recorded
Document pipeline test pack
Minimum tests before rollout.
| # | Scenario | Expected | |---|----------|----------| | 1 | Clean doc | Straight-through | | 2 | Low-quality scan | Review queue | | 3 | Missing field | Exception | | 4 | Wrong type | Classifier routes to triage | | 5 | High-risk field | Always requires review | Track: straight-through %, exception reasons, review SLA.
CAB brief template (starter)
Use as the structured output for CAB automation.
## Change summary ## Risk score + rationale ## Impacted services/CIs (evidence) ## Collision/conflict warnings ## Missing info checklist ## Backout plan readiness ## Recommended CAB decision options
Blueprint anatomy template
Copy/paste into architecture docs.
## Blueprint anatomy 1) Trigger: 2) Context: 3) AI/ML step: 4) Confidence gating: 5) Deterministic actions: 6) Human approvals: 7) Observability + metrics: Notes: - Data boundaries: - Rollback plan: - Degraded mode:
AI-augmented incident automation (PDI to proposal)
A team had Now Assist enabled, but agent productivity gains were modest and deflection was flat. The missing piece was execution: AI wasn't embedded into Flow outcomes.
Before
GenAI drafts existed, but routing remained manual, error handling was ad hoc, and external integrations were script-based with unmanaged credentials.
After
An AI-augmented incident flow: PI classification routed high-confidence incidents; Generate Text drafted summaries; decision tables enforced policy exceptions; low-confidence routed to triage; IntegrationHub actions standardized external notifications; dashboards tracked overrides and cost.
- Lower triage workload through confidence-gated routing
- Higher agent speed through automatic summaries
- Reduced integration risk via centralized credentials
- A credible proposal with governance and measurable KPIs
What goes wrong
AI steps treated as deterministic
Use confidence gating, degraded mode, and validation — always.
External AI calls with unmanaged credentials
Use IntegrationHub connections and redacted logs; no keys in scripts.
Document extraction without exception queues
Confidence thresholds + human review for high-risk fields are mandatory.
No feedback loop
Log overrides and outcomes; retrain models; A/B test changes.
Vetted by Krishna KumarCurator, FactorBeam
Discussion
Discussion coming soon
Shared comments for this playbook are not live yet. When they are, you'll be able to ask questions, share what worked, and see replies from other readers.