FAQ

Questions teams ask when approval queues start to hurt.

Is PED just policy as code?

No. Policy as code is one implementation technique. PED is the governance model that decides what should be encoded, what evidence is required, and when review is still necessary.

Is PED trying to remove humans from approval?

No. It is trying to stop using humans for deterministic questions that evidence can answer.

Can an LLM be a cognitive reviewer?

Yes, if an organization chooses that pattern. PED cares that the decision is observable and reconstructable.

What happens when evidence is missing?

The control should emit needs_review or fail, depending on policy. Missing evidence should be visible.

Is needs_cognitive_review a failure?

No. It means deterministic controls cannot produce a defensible decision yet.

Can PED start without a platform team?

Yes. Start with decision records and one high-value control.