{ "id": "kIfVRi_cTubmvXBwUyGOI", "name": "Intelligent Policy Validation and Compliance Orchestration with Oversight", "tags": [], "nodes": [ { "id": "0ed591a0-35a1-4ea8-ac57-f046aa63d10e", "name": "Schedule Trigger", "type": "n8n-nodes-base.scheduleTrigger", "position": [ 0, 192 ], "parameters": { "rule": { "interval": [ { "triggerAtHour": 9 } ] } }, "typeVersion": 1.3 }, { "id": "de918e2e-cd99-4f33-aa8c-93824e9e3376", "name": "Workflow Configuration", "type": "n8n-nodes-base.set", "position": [ 224, 192 ], "parameters": { "options": {}, "assignments": { "assignments": [ { "id": "id-1", "name": "policyDataApiUrl", "type": "string", "value": "<__PLACEHOLDER_VALUE__Policy Data API Endpoint URL__>" }, { "id": "id-2", "name": "performanceDataApiUrl", "type": "string", "value": "<__PLACEHOLDER_VALUE__Program Performance Data API Endpoint URL__>" }, { "id": "id-3", "name": "complianceReportEmail", "type": "string", "value": "<__PLACEHOLDER_VALUE__Compliance Report Recipient Email__>" }, { "id": "id-4", "name": "stakeholderSlackChannel", "type": "string", "value": "<__PLACEHOLDER_VALUE__Stakeholder Slack Channel ID__>" }, { "id": "id-5", "name": "criticalIssuesEmail", "type": "string", "value": "<__PLACEHOLDER_VALUE__Critical Issues Escalation Email__>" }, { "id": "id-6", "name": "auditTableName", "type": "string", "value": "policy_audit_trail" }, { "id": "id-7", "name": "decisionTableName", "type": "string", "value": "decision_traceability" } ] }, "includeOtherFields": true }, "typeVersion": 3.4 }, { "id": "c6b5dc73-f1c2-4395-adaf-e19920350a13", "name": "Fetch Policy Data", "type": "n8n-nodes-base.httpRequest", "position": [ 448, 96 ], "parameters": { "url": "={{ $('Workflow Configuration').first().json.policyDataApiUrl }}", "options": {}, "sendHeaders": true, "headerParameters": { "parameters": [ { "name": "Content-Type", "value": "application/json" } ] } }, "typeVersion": 4.3 }, { "id": "a27456be-810b-49b5-af2c-388a4e422855", "name": "Fetch Program Performance Data", "type": "n8n-nodes-base.httpRequest", "position": [ 448, 288 ], "parameters": { "url": "={{ $('Workflow Configuration').first().json.performanceDataApiUrl }}", "options": {}, "sendHeaders": true, "headerParameters": { "parameters": [ { "name": "Content-Type", "value": "application/json" } ] } }, "typeVersion": 4.3 }, { "id": "a24fc8f7-0d7e-4fa5-b651-b17f1a206470", "name": "Merge Data Sources", "type": "n8n-nodes-base.merge", "position": [ 672, 192 ], "parameters": { "mode": "combine", "options": {}, "combineBy": "combineByPosition" }, "typeVersion": 3.2 }, { "id": "bc532a4c-f04f-40e2-bf47-31ef40f6822b", "name": "OpenAI Model - Policy Validation", "type": "@n8n/n8n-nodes-langchain.lmChatOpenAi", "position": [ 904, 416 ], "parameters": { "model": { "__rl": true, "mode": "id", "value": "gpt-4o" }, "options": { "temperature": 0.2 }, "builtInTools": {} }, "credentials": { "openAiApi": { "name": "" } }, "typeVersion": 1.3 }, { "id": "3602fe37-6b12-4819-a8c6-0ba6c3c49d80", "name": "Structured Output - Policy Validation", "type": "@n8n/n8n-nodes-langchain.outputParserStructured", "position": [ 1088, 416 ], "parameters": { "schemaType": "manual", "inputSchema": "{\n \"type\": \"object\",\n \"properties\": {\n \"complianceStatus\": {\n \"type\": \"string\",\n \"description\": \"Overall compliance status: Compliant, Non-Compliant, or Critical\"\n },\n \"policyViolations\": {\n \"type\": \"array\",\n \"description\": \"List of identified policy violations\",\n \"items\": {\n \"type\": \"object\",\n \"properties\": {\n \"policyId\": {\"type\": \"string\"},\n \"violationType\": {\"type\": \"string\"},\n \"severity\": {\"type\": \"string\"},\n \"description\": {\"type\": \"string\"}\n }\n }\n },\n \"performanceMetrics\": {\n \"type\": \"object\",\n \"description\": \"Key performance indicators\",\n \"properties\": {\n \"adherenceScore\": {\"type\": \"number\"},\n \"riskLevel\": {\"type\": \"string\"},\n \"programEffectiveness\": {\"type\": \"number\"}\n }\n },\n \"recommendations\": {\n \"type\": \"array\",\n \"description\": \"Recommended corrective actions\",\n \"items\": {\"type\": \"string\"}\n },\n \"reasoning\": {\n \"type\": \"string\",\n \"description\": \"Detailed reasoning for the compliance assessment\"\n }\n },\n \"required\": [\"complianceStatus\", \"policyViolations\", \"performanceMetrics\", \"recommendations\", \"reasoning\"]\n}" }, "typeVersion": 1.3 }, { "id": "c2f838e7-234c-4825-ae4d-137438e285f3", "name": "Policy Validation Agent", "type": "@n8n/n8n-nodes-langchain.agent", "position": [ 896, 192 ], "parameters": { "text": "=Policy Data: {{ JSON.stringify($json.policyData) }}\n\nProgram Performance Data: {{ JSON.stringify($json.performanceData) }}", "options": { "systemMessage": "You are a Policy Validation Agent specialized in public administration compliance, program performance analysis, and policy adherence assessment.\n\nYour task is to:\n1. Analyze structured policy data and program performance signals\n2. Identify policy violations, non-compliance issues, and adherence gaps\n3. Assess risk levels based on severity, impact, and regulatory requirements\n4. Calculate performance metrics including adherence scores and program effectiveness\n5. Classify compliance status as: Compliant, Non-Compliant, or Critical\n6. Provide detailed reasoning for all assessments\n7. Recommend specific corrective actions prioritized by urgency and impact\n\nCritical Classification Criteria:\n- Critical: Severe violations with legal/regulatory consequences, high public risk, or systemic failures\n- Non-Compliant: Policy violations requiring corrective action but not immediately critical\n- Compliant: All policies met, performance within acceptable thresholds\n\nEnsure all assessments are evidence-based, traceable, and aligned with public accountability standards." }, "promptType": "define", "hasOutputParser": true }, "typeVersion": 3.1 }, { "id": "defc9f6a-67e1-480e-b319-2182d2785019", "name": "Route by Compliance Status", "type": "n8n-nodes-base.switch", "position": [ 1248, 176 ], "parameters": { "rules": { "values": [ { "outputKey": "Compliant", "conditions": { "options": { "leftValue": "", "caseSensitive": false, "typeValidation": "loose" }, "combinator": "and", "conditions": [ { "operator": { "type": "string", "operation": "equals" }, "leftValue": "={{ $json.complianceStatus }}", "rightValue": "Compliant" } ] }, "renameOutput": true }, { "outputKey": "Critical", "conditions": { "options": { "leftValue": "", "caseSensitive": false, "typeValidation": "loose" }, "combinator": "and", "conditions": [ { "operator": { "type": "string", "operation": "equals" }, "leftValue": "={{ $json.complianceStatus }}", "rightValue": "Critical" } ] }, "renameOutput": true } ] }, "options": { "fallbackOutput": "extra", "renameFallbackOutput": "Non-Compliant" } }, "typeVersion": 3.4 }, { "id": "523343db-1365-4287-a7ac-fed012a13dd0", "name": "OpenAI Model - Orchestration", "type": "@n8n/n8n-nodes-langchain.lmChatOpenAi", "position": [ 1480, 540 ], "parameters": { "model": { "__rl": true, "mode": "id", "value": "gpt-4o" }, "options": { "temperature": 0.2 }, "builtInTools": {} }, "credentials": { "openAiApi": { "name": "" } }, "typeVersion": 1.3 }, { "id": "49dc34cb-e583-45bc-8b02-635345bbd184", "name": "Structured Output - Orchestration", "type": "@n8n/n8n-nodes-langchain.outputParserStructured", "position": [ 1696, 544 ], "parameters": { "schemaType": "manual", "inputSchema": "{\n \"type\": \"object\",\n \"properties\": {\n \"reportSummary\": {\n \"type\": \"string\",\n \"description\": \"Executive summary of compliance findings\"\n },\n \"stakeholderNotification\": {\n \"type\": \"string\",\n \"description\": \"Message for stakeholder notification\"\n },\n \"escalationRequired\": {\n \"type\": \"boolean\",\n \"description\": \"Whether escalation to senior leadership is required\"\n },\n \"actionPlan\": {\n \"type\": \"array\",\n \"description\": \"Prioritized action items\",\n \"items\": {\n \"type\": \"object\",\n \"properties\": {\n \"action\": {\"type\": \"string\"},\n \"priority\": {\"type\": \"string\"},\n \"owner\": {\"type\": \"string\"},\n \"deadline\": {\"type\": \"string\"}\n }\n }\n },\n \"auditNotes\": {\n \"type\": \"string\",\n \"description\": \"Detailed notes for audit trail\"\n },\n \"publicAccountabilityStatement\": {\n \"type\": \"string\",\n \"description\": \"Statement for public accountability and transparency\"\n }\n },\n \"required\": [\"reportSummary\", \"stakeholderNotification\", \"escalationRequired\", \"actionPlan\", \"auditNotes\", \"publicAccountabilityStatement\"]\n}" }, "typeVersion": 1.3 }, { "id": "4dcf5309-cbc7-4b51-9364-9dbbfeb1d942", "name": "Execution Orchestration Agent", "type": "@n8n/n8n-nodes-langchain.agent", "position": [ 1472, 316 ], "parameters": { "text": "=Compliance Assessment: {{ JSON.stringify($json) }}", "options": { "systemMessage": "You are an Execution Orchestration Agent responsible for coordinating compliance reporting, stakeholder notifications, escalation procedures, and decision traceability in public administration.\n\nYour task is to:\n1. Generate comprehensive compliance reports with executive summaries\n2. Prepare stakeholder notifications tailored to different audiences (leadership, program managers, public)\n3. Determine escalation requirements based on severity and impact\n4. Create prioritized action plans with clear ownership and deadlines\n5. Document detailed audit notes for full traceability\n6. Draft public accountability statements ensuring transparency\n7. Coordinate multi-channel notifications (email, Slack, escalation)\n\nPrinciples:\n- Maintain strict governance and auditability in all communications\n- Ensure public accountability and transparency\n- Prioritize actions by urgency, impact, and regulatory requirements\n- Provide clear ownership and deadlines for all action items\n- Document all decisions with full reasoning for audit purposes\n\nYour outputs will be used for reporting, notifications, and permanent audit records." }, "promptType": "define", "hasOutputParser": true }, "typeVersion": 3.1 }, { "id": "fb565c24-474a-4546-a633-856a1c8c1d73", "name": "Wait for Human Approval", "type": "n8n-nodes-base.wait", "position": [ 1824, 316 ], "parameters": { "resume": "webhook", "options": {}, "resumeAmount": 24, "limitWaitTime": true }, "typeVersion": 1.1 }, { "id": "1ddeec9b-4193-45da-8b36-9bb0e90bc569", "name": "Store Audit Trail", "type": "n8n-nodes-base.dataTable", "position": [ 2048, 316 ], "parameters": { "columns": { "value": null, "mappingMode": "autoMapInputData" }, "options": {}, "dataTableId": { "__rl": true, "mode": "name", "value": "={{ $('Workflow Configuration').first().json.auditTableName }}" } }, "typeVersion": 1.1 }, { "id": "838d2e52-5b90-4bba-9c8b-9c18106d2f61", "name": "Send Compliance Report", "type": "n8n-nodes-base.emailSend", "position": [ 2272, 220 ], "parameters": { "html": "=\n\n

Policy Compliance Report

\n

Date: {{ $now.toFormat('yyyy-MM-dd HH:mm') }}

\n

Compliance Status: {{ $json.complianceStatus }}

\n\n

Executive Summary

\n

{{ $json.reportSummary }}

\n\n

Action Plan

\n\n\n

Public Accountability Statement

\n

{{ $json.publicAccountabilityStatement }}

\n\n

This report has been logged for audit purposes and stakeholders have been notified.

\n\n", "options": {}, "subject": "=Policy Compliance Report - {{ $now.toFormat('yyyy-MM-dd') }}", "toEmail": "={{ $('Workflow Configuration').first().json.complianceReportEmail }}", "fromEmail": "<__PLACEHOLDER_VALUE__Sender Email Address__>" }, "typeVersion": 2.1 }, { "id": "b23e0d72-0916-4381-abd7-6b105f19fa38", "name": "Notify Stakeholders - Slack", "type": "n8n-nodes-base.slack", "position": [ 2272, 412 ], "parameters": { "text": "=\ud83d\udcca *Policy Compliance Update*\n\n*Status:* {{ $json.complianceStatus }}\n*Date:* {{ $now.toFormat('yyyy-MM-dd HH:mm') }}\n\n*Stakeholder Notification:*\n{{ $json.stakeholderNotification }}\n\n*Action Items:*\n{{ $json.actionPlan.map(item => `\u2022 [${item.priority}] ${item.action} - ${item.owner} (Due: ${item.deadline})`).join('\\n') }}\n\nFull compliance report has been sent via email.", "select": "channel", "channelId": { "__rl": true, "mode": "id", "value": "={{ $('Workflow Configuration').first().json.stakeholderSlackChannel }}" }, "otherOptions": {}, "authentication": "oAuth2" }, "credentials": { "slackOAuth2Api": { "name": "" } }, "typeVersion": 2.4 }, { "id": "0ca4ac76-7792-4c4d-b857-b1b9f35beee3", "name": "Escalate Critical Issues", "type": "n8n-nodes-base.emailSend", "position": [ 2272, 64 ], "parameters": { "html": "=\n\n
\n

\ud83d\udea8 CRITICAL COMPLIANCE ISSUE

\n
\n\n
\n

Date: {{ $now.toFormat('yyyy-MM-dd HH:mm') }}

\n

Status: {{ $json.complianceStatus }}

\n\n

Policy Violations

\n
    \n{{ $json.policyViolations.map(v => `
  • ${v.severity}: ${v.violationType} - ${v.description} (Policy ID: ${v.policyId})
    • `).join('') }}\n
\n\n

Risk Assessment

\n

Risk Level: {{ $json.performanceMetrics.riskLevel }}

\n

Adherence Score: {{ $json.performanceMetrics.adherenceScore }}

\n\n

Immediate Actions Required

\n
    \n{{ $json.recommendations.map(r => `
  • ${r}
    • `).join('') }}\n
\n\n

Reasoning

\n

{{ $json.reasoning }}

\n\n

\n\u26a0\ufe0f This issue requires immediate senior leadership attention and corrective action.\n

\n
\n\n", "options": {}, "subject": "=\ud83d\udea8 CRITICAL COMPLIANCE ISSUE - Immediate Action Required", "toEmail": "={{ $('Workflow Configuration').first().json.criticalIssuesEmail }}", "fromEmail": "<__PLACEHOLDER_VALUE__Sender Email Address__>" }, "typeVersion": 2.1 }, { "id": "500b0d27-305f-43ec-ad1e-6b5c84151be3", "name": "Log Decision Traceability", "type": "n8n-nodes-base.dataTable", "position": [ 2720, 220 ], "parameters": { "columns": { "value": null, "mappingMode": "autoMapInputData" }, "options": {}, "dataTableId": { "__rl": true, "mode": "name", "value": "={{ $('Workflow Configuration').first().json.decisionTableName }}" } }, "typeVersion": 1.1 }, { "id": "2bcdc993-686e-443d-b3ae-d0249a0cf0f2", "name": "Merge Notification Paths", "type": "n8n-nodes-base.merge", "position": [ 2496, 204 ], "parameters": { "mode": "combine", "options": {}, "combineBy": "combineByPosition", "numberInputs": 3 }, "typeVersion": 3.2 }, { "id": "b7eff7b4-a672-4553-b3e8-a451d729b581", "name": "Sticky Note", "type": "n8n-nodes-base.stickyNote", "position": [ 1424, -432 ], "parameters": { "color": 6, "width": 528, "height": 336, "content": "## Prerequisites\nOpenAI/Claude API credentials for AI validation agents, policy management system API access\n## Use Cases\nFinancial institutions validating AML policy compliance, healthcare organizations ensuring HIPAA adherence\n## Customization\nAdjust validation criteria for industry-specific regulations\n## Benefits\nReduces compliance review cycles by 70%, eliminates manual policy monitoring" }, "typeVersion": 1 }, { "id": "bdd8cd22-5e50-462c-87ac-5f1e2bdf0cbb", "name": "Sticky Note1", "type": "n8n-nodes-base.stickyNote", "position": [ 816, -384 ], "parameters": { "width": 544, "height": 272, "content": "\n## Setup Steps\n1. Configure Schedule Trigger with policy review frequency\n2. Connect Workflow Configuration node with compliance parameters\n3. Set up Fetch Policy Data and Fetch Audit Program Performance Data nodes\n4. Configure Merge Data Sources node for consolidation logic\n5. Connect Policy Validation Agent with OpenAI/Claude API credentials\n6. Set up validation processing\n7. Configure Route by Compliance Status node with severity classification\n8. Connect Execution Orchestration Agent with AI API credentials\n9. Set up orchestration processing " }, "typeVersion": 1 }, { "id": "2a06a961-a217-4295-93f0-c0dc49e04fc6", "name": "Sticky Note2", "type": "n8n-nodes-base.stickyNote", "position": [ -32, -368 ], "parameters": { "width": 800, "height": 272, "content": "## How It Works\nThis workflow automates policy compliance validation and approval orchestration through intelligent AI-driven assessment. Designed for compliance departments, legal teams, and governance officers, it solves the critical challenge of ensuring policy adherence while managing approval workflows that require human oversight for critical decisions.The system operates on scheduled intervals, fetching data from policy databases and audit program performance metrics, then merging these sources for comprehensive compliance analysis. It employs a dual-agent AI framework for policy validation and execution orchestration, detecting violations, assessing severity, and determining required approval actions. The workflow intelligently routes findings based on compliance status, escalating violations through human approval checkpoints while maintaining detailed audit trails. By coordinating multi-channel notifications through email and Slack alongside synchronized logging, it ensures stakeholders receive timely alerts while creating complete traceability for regulatory examinations and internal audits." }, "typeVersion": 1 }, { "id": "dd96ab5b-a873-42bf-ac23-f1a62914f453", "name": "Sticky Note3", "type": "n8n-nodes-base.stickyNote", "position": [ 1440, -64 ], "parameters": { "color": 7, "width": 1456, "height": 816, "content": "## Human-Gated Approval Routing\n**What:** Routes compliance findings through status-based workflows requiring human approval for critical violations with multi-channel stakeholder notifications\n**Why:** Balances automation efficiency with governance requirements ensuring high-risk decisions receive appropriate oversight while routine compliance logs automatically" }, "typeVersion": 1 }, { "id": "2606bbcf-c32f-417e-a7e4-fb2255af89a4", "name": "Sticky Note4", "type": "n8n-nodes-base.stickyNote", "position": [ 848, -48 ], "parameters": { "color": 7, "width": 576, "height": 704, "content": "## Dual-Agent Compliance Framework\n**What:** Processes merged data through AI agents for policy validation and execution orchestration with specialized output parsing\n**Why:** Separates violation detection from remediation planning to ensure objective assessment followed by appropriate action strategies" }, "typeVersion": 1 }, { "id": "22067192-3873-4c09-a964-2bebadde4977", "name": "Sticky Note5", "type": "n8n-nodes-base.stickyNote", "position": [ -48, -48 ], "parameters": { "color": 7, "width": 880, "height": 688, "content": "\n## Multi-Source Policy Analysis\n**What:** Fetches and merges policy data with audit performance metrics on scheduled intervals for unified compliance monitoring\n**Why:** Ensures comprehensive oversight by correlating policy definitions with actual performance data revealing implementation gaps" }, "typeVersion": 1 } ], "active": false, "settings": { "availableInMCP": false, "executionOrder": "v1" }, "versionId": "302fe80a-389f-456d-8352-b17aab6e2a5a", "connections": { "Schedule Trigger": { "main": [ [ { "node": "Workflow Configuration", "type": "main", "index": 0 } ] ] }, "Fetch Policy Data": { "main": [ [ { "node": "Merge Data Sources", "type": "main", "index": 0 } ] ] }, "Store Audit Trail": { "main": [ [ { "node": "Send Compliance Report", "type": "main", "index": 0 }, { "node": "Notify Stakeholders - Slack", "type": "main", "index": 0 } ] ] }, "Merge Data Sources": { "main": [ [ { "node": "Policy Validation Agent", "type": "main", "index": 0 } ] ] }, "Send Compliance Report": { "main": [ [ { "node": "Merge Notification Paths", "type": "main", "index": 0 } ] ] }, "Workflow Configuration": { "main": [ [ { "node": "Fetch Policy Data", "type": "main", "index": 0 }, { "node": "Fetch Program Performance Data", "type": "main", "index": 0 } ] ] }, "Policy Validation Agent": { "main": [ [ { "node": "Route by Compliance Status", "type": "main", "index": 0 } ] ] }, "Wait for Human Approval": { "main": [ [ { "node": "Store Audit Trail", "type": "main", "index": 0 } ] ] }, "Escalate Critical Issues": { "main": [ [ { "node": "Merge Notification Paths", "type": "main", "index": 2 } ] ] }, "Merge Notification Paths": { "main": [ [ { "node": "Log Decision Traceability", "type": "main", "index": 0 } ] ] }, "Route by Compliance Status": { "main": [ [ { "node": "Execution Orchestration Agent", "type": "main", "index": 0 } ], [ { "node": "Escalate Critical Issues", "type": "main", "index": 0 } ] ] }, "Notify Stakeholders - Slack": { "main": [ [ { "node": "Merge Notification Paths", "type": "main", "index": 1 } ] ] }, "OpenAI Model - Orchestration": { "ai_languageModel": [ [ { "node": "Execution Orchestration Agent", "type": "ai_languageModel", "index": 0 } ] ] }, "Execution Orchestration Agent": { "main": [ [ { "node": "Wait for Human Approval", "type": "main", "index": 0 } ] ] }, "Fetch Program Performance Data": { "main": [ [ { "node": "Merge Data Sources", "type": "main", "index": 1 } ] ] }, "OpenAI Model - Policy Validation": { "ai_languageModel": [ [ { "node": "Policy Validation Agent", "type": "ai_languageModel", "index": 0 } ] ] }, "Structured Output - Orchestration": { "ai_outputParser": [ [ { "node": "Execution Orchestration Agent", "type": "ai_outputParser", "index": 0 } ] ] }, "Structured Output - Policy Validation": { "ai_outputParser": [ [ { "node": "Policy Validation Agent", "type": "ai_outputParser", "index": 0 } ] ] } } }