Public Policy

AI Ethics & Governance

Our commitment to the responsible, transparent, and ethical use of artificial intelligence in everything we deliver.

Effective: 1 April 2026 · Version 1.0 · Next Review: April 2027

01Purpose & Scope

Pulsar Next Gen Consulting (Pty) Ltd ("Pulsar," "we," "our") is a ServiceNow Premier Partner delivering digital transformation services across the United Kingdom and South Africa. As artificial intelligence becomes increasingly embedded in the platforms we implement, the tools we build, and the advice we give, we recognise our obligation to use these technologies responsibly.

This policy sets out the ethical principles, governance structures, and operational standards that guide every Pulsar employee, contractor, and partner when designing, deploying, or recommending AI-enabled solutions. It applies to all AI and machine learning capabilities, including generative AI, predictive intelligence, virtual agents, natural language processing, and automated decision-making, whether provided natively by a platform vendor, developed by Pulsar, or sourced from a third party.

Our goal is simple: to earn and maintain the trust of our clients, their customers, and the communities we serve by ensuring that AI is always used as a force for good.

02Core Principles

Six principles form the foundation of every AI-related decision at Pulsar.

Transparency

We clearly disclose when AI is being used and explain, in plain language, how it influences outcomes.

Fairness & Non-Discrimination

We actively identify and mitigate bias in training data, model outputs, and downstream processes to prevent discriminatory outcomes.

Privacy & Data Protection

Personal and sensitive data is handled with the highest care, in full compliance with POPIA, UK GDPR, and any applicable data protection regulation.

Security & Resilience

AI systems are secured against adversarial manipulation, data leakage, and misuse, and are designed to fail safely.

Accountability

A named human is always responsible for any AI-assisted decision. Accountability cannot be delegated to an algorithm.

Sustainability

We consider the environmental impact of AI workloads and favour efficient architectures that minimise unnecessary compute.

03AI in Service Delivery

Platform-Native AI

Many of the platforms we implement, most notably ServiceNow, include built-in AI features such as Predictive Intelligence, Virtual Agent, Generative AI (Now Assist), and Performance Analytics. When configuring or extending these capabilities on behalf of clients, Pulsar will:

  • Follow the platform vendor's responsible AI guidelines and recommended configurations.
  • Clearly document which AI features have been enabled and how they affect end-user workflows.
  • Ensure that AI features are activated with the informed consent of the client and their data governance stakeholders.
  • Provide training and knowledge-transfer materials that explain AI behaviour in non-technical language.

Generative AI in Delivery

Pulsar permits the use of generative AI tools, such as large language models, to accelerate consulting and development work, for example drafting documentation, generating code scaffolds, or researching technical solutions. All such use is governed by these rules:

  • Client data, personally identifiable information (PII), and proprietary configurations must never be submitted to public AI services.
  • All AI-generated outputs must be reviewed, validated, and approved by a qualified Pulsar team member before delivery to a client.
  • Where a deliverable has been materially assisted by generative AI, this will be disclosed to the client on request.

Custom AI Solutions

If Pulsar develops bespoke AI models, integrations, or automations for a client, we apply the full weight of this policy. An AI Impact Assessment must be completed before any custom AI solution enters production.

04Data Governance & Privacy

Data is the fuel of every AI system. We hold ourselves to the highest standards of data governance to ensure that AI outcomes are reliable, lawful, and respectful of individual rights.

  • Lawful basis. We process personal data for AI purposes only where a lawful basis exists under the Protection of Personal Information Act (POPIA), UK GDPR, or the applicable regulation of the relevant jurisdiction.
  • Data minimisation. We use only the minimum data necessary to achieve the defined objective. Training datasets are reviewed for excessive or irrelevant personal data before use.
  • Consent and notice. Where AI processing relies on consent, that consent must be specific, informed, freely given, and easy to withdraw.
  • Data quality. We validate input data for accuracy, completeness, and timeliness. Poor-quality data produces poor-quality decisions, and we will not deploy an AI system on data that does not meet quality thresholds.
  • Cross-border transfers. Where AI workloads involve the transfer of data between South Africa, the UK, and other jurisdictions, we apply appropriate transfer mechanisms in accordance with applicable law.
  • Retention. Data used for AI training or inference is retained only for as long as it is needed and is securely disposed of in line with our data retention schedules.

05Risk Management

We take a risk-based approach to AI governance, proportionate to the potential impact of each use case.

AI Impact Assessments

Before deploying an AI capability, whether for internal use or client delivery, the responsible project lead must complete an AI Impact Assessment. This assessment evaluates:

  • The nature and sensitivity of the data involved.
  • The degree of autonomy the AI system has in decision-making.
  • Potential for harm if the system produces incorrect, biased, or unexpected outputs.
  • The availability and adequacy of human override mechanisms.
  • Regulatory requirements specific to the client's industry, such as financial services, healthcare, or public sector.

Risk Classification

Each AI use case is classified as low, moderate, or high risk. High-risk use cases, those involving automated decisions that materially affect individuals' rights, financial standing, or access to services, require senior management sign-off and ongoing monitoring.

Incident Response

If an AI system produces an outcome that causes or risks causing harm, it must be reported immediately through Pulsar's incident management process. The AI system in question will be suspended pending investigation, and the affected client will be notified without undue delay.

06Human Oversight & Accountability

Every AI-assisted outcome must have a named human accountable for it. Algorithms advise; people decide.

Pulsar operates on a human-in-the-loop principle. AI systems are designed and deployed as decision-support tools. They inform, recommend, and accelerate, but they do not make consequential decisions autonomously.

  • Named accountability. Every AI deployment has an identified owner within Pulsar who is responsible for its ethical performance.
  • Override capability. End users and administrators must always have a clear mechanism to override, correct, or disable AI-generated outputs.
  • Escalation paths. Where an AI system's recommendation is disputed, a defined escalation path ensures the matter is reviewed by a qualified human.
  • Auditability. AI decision logs are maintained to support retrospective review and regulatory audit where applicable.

07Employee Responsibilities

Every member of the Pulsar team has a role to play in the responsible use of AI.

  • Awareness. All employees must understand this policy and complete any mandatory AI ethics training provided by Pulsar.
  • Responsible use. Employees must not use AI tools in ways that violate this policy, client agreements, or applicable law, including submitting confidential data to unapproved AI services.
  • Quality assurance. AI-generated work must be critically reviewed. Employees are professionally responsible for the accuracy and appropriateness of any output they deliver, regardless of how it was produced.
  • Speak up. Employees who become aware of an AI-related ethical concern, near-miss, or policy violation are encouraged to raise it through their line manager or Pulsar's confidential reporting channels without fear of retaliation.

08Client Commitments

When we work with clients to implement or advise on AI capabilities, we make the following commitments:

  • Transparency. We will clearly explain how AI features work, what data they consume, and what risks they carry in language the client's stakeholders can understand.
  • Informed enablement. We will not enable AI features by default without the client's informed approval.
  • Knowledge transfer. We will equip the client's teams with the understanding they need to manage and govern AI capabilities after handover.
  • Ongoing support. Where engaged to provide managed services, we will continuously monitor AI system performance and flag emerging risks proactively.
  • Honest counsel. As your Critical Friend in Digital Transformation, we will advise against an AI approach when we believe it introduces unacceptable risk or when a simpler, non-AI solution would better serve your needs.

09Regulatory Alignment

Pulsar monitors evolving AI regulation across the jurisdictions in which we operate. While this policy is designed to meet or exceed current legal requirements, we actively track the following frameworks and will update our practices as legislation matures:

  • South Africa: Protection of Personal Information Act (POPIA); the National AI Policy Framework.
  • United Kingdom: UK GDPR; the Data Protection Act 2018; the government's pro-innovation approach to AI regulation and sector-specific guidance.
  • European Union: The EU AI Act, which applies when our work affects EU data subjects or markets, including its tiered risk classification requirements.
  • Industry standards: ISO/IEC 42001 (AI Management Systems); the NIST AI Risk Management Framework; and ServiceNow's own Responsible AI Principles.

Where a client operates in a regulated industry, Pulsar will apply any additional sector-specific AI governance requirements as part of the engagement scope.

10Review & Amendments

This policy is a living document. It will be formally reviewed at least once per year or sooner in response to significant changes in AI technology, regulation, or our business operations. Material amendments will be communicated to all employees and published on this page.

The Managing Director of Pulsar Next Gen Consulting is the policy owner and has overall accountability for its implementation and enforcement.

Questions?

Contact us at hello@pulsar-ngc.com for any questions about this policy or to raise an AI ethics concern.

Cosmo
Cosmo
Pulsar Virtual Assistant
Hello! I'm Cosmo, Pulsar's virtual assistant. I can help you explore our ServiceNow services, learn about our practices, or connect you with the team. What can I help you with?
Powered by Cosmo AI