Northwood BankHome
Good morning. 9 items need your attention.
Pending sign-offs, expiring grants, keys due for rotation, agents to classify. Workspace northwood · eu-west-1 · production.
Layout
Approvals· 3
Sign redaction-policy v9 drafttoday
● Anders Møller (DPO)drafted 2h agoAdds device_geohash class; adjusts SSN retention from 7y→5y. Needs DPO + CCO sign-off before publish.
Approve Anders Møller — Compliance Officer (GDPR scope)today
● Added by you · yesterdaypending 18hScoped role grant. Separation of duties for GDPR matters. Marta's endorsement attached.
Approve Splunk SIEM connector
● SecOps · A. Linrequested 1d agoForward audit-of-audit log entries (server-side, no payloads).
Expiring· 2
Yelena Kim — External Auditor (PwC)this week
● PwC · y.kim@pwc.comexpires in 14d · 06 JunQ1 audit engagement closes the same day. Renew if continuing into Q2 fieldwork.
2 production keys due for rotation
● credit-review · loan-document-extract>90d since last rotationQuarterly rotation policy. 7-day grace period if rotated now.
Operational· 3
Classify fraud-assistant for production handoffthis week
● Currently staging · J. Lin (owner)staged 34d agoEU AI Act risk classification required before production. Draft classification: high-risk. Needs your sign-off.
SCIM drift · 1 user in Okta not in Runfile
● N. Henderson · provisioned in Okta 1d agoauto-sync pausedMapped to Engineer role by group AI-PLATFORM. Auto-provisioning was paused after last week's SCIM update.
Anomaly an_41a — observation needs sign-off
● M. Schreiber (CCO)remediation verified yesterdayHITL bypass on 23 May. Threshold lowered $25k→$10k. PwC needs CCO sign-off to close observation.
Open findings· 1
Model card not updated for credit-review v3.2.1this weekPwC observation
● Yelena Kim (PwC) · find_q1_035due 06 JunCard last touched at v3.0. v3.2.1 changes — adversarial-robustness tests + threshold rule — need to be reflected.