Risk Scoring & Tiers

Every change that enters the Safety Gate receives a risk score. This score determines how prominently the change is displayed in the review queue and whether auto-approve rules can handle it. Understanding risk scoring helps you prioritize review time and configure rules that match your organization's risk tolerance.

The Three Risk Tiers

| Tier | Score Range | Queue Behavior | |---|---|---| | LOW | 0 -- 30 | Displayed normally. Eligible for auto-approve rules. | | MEDIUM | 31 -- 70 | Highlighted with a yellow badge. Eligible for auto-approve only if explicitly configured. | | HIGH | 71 -- 100 | Flagged with a red badge, pinned to the top of the queue. Requires explicit manual approval -- auto-approve rules cannot override this unless specifically allowed. |

How Risk Scores Are Calculated

VersionForge computes risk scores using three weighted factors:

1. Field Sensitivity

Each field in your data model has a sensitivity weight. VersionForge assigns default weights based on field semantics, and you can customize them per connector.

| Field Category | Default Weight | Examples | |---|---|---| | Financial amounts | 40 | compensation, amount, revenue, budget | | Organizational structure | 25 | department, manager, cost_center | | Identity / reference | 15 | employee_id, account_number | | Descriptive / metadata | 5 | job_title, location, description |

When a change modifies a high-sensitivity field, the risk score increases proportionally.

2. Magnitude of Change

For numeric fields, VersionForge calculates the percentage change between the old and new values. Larger changes score higher.

| Change Magnitude | Score Contribution | |---|---| | < 5% | +0 to +5 | | 5% -- 20% | +5 to +15 | | 20% -- 50% | +15 to +30 | | > 50% | +30 to +40 |

For non-numeric fields (e.g., a department name change), any change to a sensitive field contributes its full sensitivity weight.

3. Pattern Deviation

VersionForge builds a statistical baseline from historical syncs. Changes that deviate from established patterns receive a higher score. For example:

• An employee whose salary has never changed suddenly receives a 40% increase
• A GL account that typically posts $10,000/month suddenly shows $500,000
• A department that usually adds 2-3 people per sync suddenly shows 50 new hires

Pattern deviation scoring requires at least 5 historical syncs to establish a baseline. Until then, this factor contributes 0 to the score.

The Scoring Formula

The final risk score is a weighted combination:

risk_score = (field_sensitivity * 0.45) + (magnitude * 0.30) + (pattern_deviation * 0.25)

The result is clamped to the 0 -- 100 range and mapped to the corresponding tier.

Customizing Risk Weights

You can adjust risk scoring per connector in Pipeline Settings > Risk Configuration.

Field Sensitivity Overrides

Override the default sensitivity weight for any field. For example, if your organization considers location a high-sensitivity field (perhaps due to tax implications), increase its weight:

{
  "field_overrides": {
    "location": { "sensitivity": 35 },
    "job_title": { "sensitivity": 10 }
  }
}

Tier Thresholds

Adjust where the tier boundaries fall:

{
  "thresholds": {
    "low_max": 25,
    "medium_max": 60
  }
}

This makes the scoring more aggressive -- changes that would have been MEDIUM under the default thresholds are now classified as HIGH.

How Risk Affects Your Workflow

Risk tiers are designed to help you focus review time where it matters most:

• Approve LOW in bulk -- Use bulk approval to handle routine low-risk changes quickly
• Spot-check MEDIUM -- Review a sample of medium-risk changes, approve the rest if the sample looks good
• Review HIGH individually -- Every high-risk change deserves careful attention, field by field

This pattern lets a single reviewer process thousands of changes efficiently while maintaining rigorous oversight on the changes that matter.