Issue № 06Enterprise ITSM

Change-Request Compliance Agent

An agent that sanitizes enterprise change requests, scores compliance, and plugs straight into the ITSM workflow — with a full audit trail and zero PII leakage.

At a glance: Ethereal built an assistant for a company's IT team that reviews requested system changes, scores how well each one follows policy, and files its verdict directly in the team's existing tracking system with a full record of every decision. It strips out sensitive internal details first, so private information never leaks.

06
Client
Confidential enterprise IT organization
Industry
Enterprise ITSMCompliance · Change management
Year
2025
Services
Agentic AIData SanitizationCompliance ScoringITSM Integration
0PII leaks by design
100%decisions with audit trails
In-flownative ITSM integration
01

The Problem

Change requests must be sanitized and compliance-scored before approval. Manual review is slow and inconsistent — and every review is a PII-leak risk.

Volume

Hundreds of change requests weekly outpace human review, so weak plans get rubber-stamped.

Outage Risk

Most failed changes trace back to vague, incomplete backout plans that reviewers never catch.

PII Leak

Requests carry internal IPs and hostnames that cannot be sent to an external model without a compliance breach.

02

The Solution

We built an agent that sanitizes change-request data automatically, scores compliance against policy, and plugs into the enterprise ITSM workflow, writing a complete audit trail for every decision.

How it works
01Layer

Sanitization Middleware

A Python layer sits between ITSM and the model, stripping identifiers before inference.

02Layer

Grounded Prompting

Few-shot gold-standard plans anchor the model to the organization's real IT policies.

03Layer

Writeback

Re-identified feedback returns to the ticket as a private, human-verifiable comment.

04Core

Reasoning Engine

One LLM scores compliance and coaches the plan, never touching raw PII.

Validation pipeline
SanitizeRegex tokenizes IPs & hosts
ScoreLLM rates 0–100 with rationale
Re-identifyTokens map back to real values
WritebackServiceNow / ITSM comment
Coach, not gate

The agent advises rather than auto-rejects, so engineers self-correct before the review board.

Governance controls
PII Tokenization

Internal IPs and hostnames are replaced with tokens before any data reaches the model.

Zero Egress

Only anonymized logic leaves the perimeter; network topology never does.

Policy Grounding

Scoring is anchored to approved reference plans, not generic internet advice.

Explainable Scores

Every low score ships with specific, policy-based reasons for the deduction.

Human Verification

Output is framed as advisory and requires a reviewer's sign-off before action.

Audit Trail

Scores and feedback post as durable ticket comments for a full compliance record.

03

The Outcome

Automated, auditable change validation — consistent scoring, faster approvals, and no PII leakage.

Built with

05 technologies
01PythonSanitization middleware
02LLMCompliance scoring and coaching
03Regex TokenizerPII redaction and re-identification
04Few-Shot PromptingPolicy grounding
05ServiceNow / ITSMWorkflow integration and writeback
Next issue — yours?

Have an enterprise itsm problem like this?

Tell us what you're building — we'll tell you exactly how we'd ship it.

Keep reading

From the archive

All 15 case studies →