Jira Integration

Integrate GovernanceAI with Jira to automatically create and track compliance findings and AI governance issues.

Setup

Step 1: Create API Token

• Jira → Account Settings → Security → API tokens
• Create API token
• Copy token

Step 2: Connect in GovernanceAI

• Integrations → Jira
• Enter Jira URL (e.g., https://company.atlassian.net)
• Enter email and API token
• Click Connect

Step 3: Configure Issue Mapping

Map GovernanceAI findings to Jira:

$
curl -X POST https://api.governanceai.com/v1/integrations/jira/config \
>
  -H "Authorization: Bearer $API_KEY" \
>
  -d '{
>
    "project_key": "SEC",
>
    "issue_type": "Task",
>
    "priority_mapping": {
>
      "critical": "Highest",
>
      "high": "High",
>
      "medium": "Medium",
>
      "low": "Low"
>
    },
>
    "auto_create": true,
>
    "custom_fields": {
>
      "Severity": "finding_severity",
>
      "AI Component": "ai_component"
>
    }
>
  }'

Automatic Issue Creation

When a critical finding is detected:

• ✅ Issue created automatically
• ✅ Assigned to security team
• ✅ Details populated with findings
• ✅ Linked to scan report
• ✅ Status tracked in Jira

Example Issue:

Title: [CRITICAL] Jailbreak vulnerability in GPT-4
Description:
Model bypasses safety guidelines when prompted with role-play
scenario. Red-team reproducibility: 100%
Type: Task
Project: Security
Priority: Highest
Assignee: Security Team
Labels: AI-Governance, Red-Team, Critical
Link to Report:
https://app.governanceai.com/scans/scan_123

Custom Fields

Create custom fields in Jira:

• Severity: Critical, High, Medium, Low
• AI Component: Model name, framework
• Remediation Date: Target fix date
• Red-Team Vector: Type of attack

Automation Rules

Create Jira automation rules:

Trigger: GovernanceAI Issue Created with Severity = Critical
Action: Assign to Security Lead + Notify Slack
Action: Set Sprint to current sprint

Webhook Events

GovernanceAI triggers on:

• Scan completed
• Critical finding detected
• Red-team vulnerability found
• Compliance gap identified

Status Synchronization

Two-way sync between GovernanceAI and Jira:

• When issue closed in Jira → Mark as resolved in GovernanceAI
• When issue reopened → Reopen in GovernanceAI
• Transition tracking

Reporting

Generate reports directly in Jira:

$
curl -H "Authorization: Bearer $API_KEY" \
>
  https://api.governanceai.com/v1/integrations/jira/report \
>
  -d '{"project_key": "SEC", "period": "2024-Q1"}'
$
$
# Returns:
$
{
>
  "total_issues_created": 45,
>
  "resolved": 38,
>
  "overdue": 2,
>
  "average_resolution_time": "4.2 days"
>
}

Troubleshooting

• Cannot create issues - Verify project permissions
• Custom fields not populating - Check field mappings
• Status sync failing - Verify webhook configuration
• Auth errors - Test API token in Jira

Next Steps

• LiteLLM Integration - Use as LLM provider
• Creating Policies - Create governance policies
• Dashboards - View metrics