RAG patterns

• Classic retrieve-then-read; multi-hop retrieval; tool-augmented retrieval; policy-first retrieval (filter → retrieve → reason).

Ingestion & chunking

• Normalise formats; detect PII; chunk by semantic sections; store metadata (source, page, version, licence).

Index hygiene

• Deduplicate; expiry and refresh; blue/green corpora for safe rollbacks; unit tests on retrieval quality.

Filters & guardrails

• Block lists and policy prompts before retrieval; deny-by-default for sensitive topics; jailbreak detectors.

Provenance signals

• Signed docs; source reputation; recency; cross-source corroboration; watermark/manifest checks for AI-generated inputs.

Attribution & citations

• Always show source snippets; warn on weak provenance; prevent copying of restricted content to users.

Evaluation of RAG

• Retrieval precision/recall, groundedness, citation correctness, faithfulness; adversarial retrieval tests.

Security & egress control

• Network allow-lists; per-index ACLs; encryption; prompt injection containment; output sanitisation.

UI/UX safety cues

• Highlight uncertainty; “view sources” default open; “report an issue” and “escalate to human” buttons.

PMM & drift watch

• Track retrieval failures, no-context rates, hallucination flags; trigger re-index on corpus change.

Docs & records

• Index manifests; ingestion logs; retrieval metrics; guardrail configs; rollback procedures; incident bundles.

RAG safety checklist

• Clean corpus; measured retriever; enforced guardrails; visible citations; PMM alerts; audit trails.

© Zen AI Governance UK Ltd • Regulatory Knowledge • v1 05 Nov 2025 • This page is general guidance, not legal advice.