DoD FM

Privileged Access Anomaly Review Policy-Aware Copilot

High priorityMedium riskDerived/normalized from public DoD FM source and established financial-sector AI patternTier 0 — Audit data foundationLow-Medium complexity

Description

Answer policy, FMR, FIAR, and local SOP questions for privileged access anomaly review using approved sources; provide citations and draft compliant next steps. The MVP would connect ICAM, SailPoint, MyAuth, ERP roles, audit logs, control catalogs, system access reviews and produce read-only recommendations for DoD CIO, Component CIO/FM, System owners, OUSD(C).

AI / analytics pattern

LLM + retrieval-augmented generation

Automation level / stage

human-facing assistant

Expected benefit

Improved policy consistency, shorter research time, better training and compliance support.

Audit / financial statement impact

Control environment; reliability of financial systems and reports

Controls / human review

Human review for unusual/high-dollar items; policy citations; audit logs; role-based access; periodic accuracy testing. RAG answers must cite approved sources; no free-form legal/financial determinations without policy owner review.

Data needed

ICAM, SailPoint, MyAuth, ERP roles, audit logs, control catalogs, system access reviews; master/reference data; audit logs; policy/control requirements; prior exceptions; relevant document evidence.

Possible metrics

citation accuracy; first-contact resolution; user satisfaction; policy answer QA pass rate

MVP scope

Start with one Component/reporting entity and one subprocess (privileged access anomaly review) for two close/audit cycles; read-only outputs first.

Related material weakness / control objective

Systems control environment and IT access controls