IT Operation and Maintenance Description#
AI Connectors Platform
| Template | Q0848658 v. 2.0 |
| Classification | INTERNAL USE ONLY |
| Version | 1.1 |
1. Purpose#
This document describes the operation and maintenance (O&M) of the AI Connectors platform. The activities outlined in this document will be executed and reported on according to the "Manage IT Infrastructure" SOP [1].
This document is targeted at all employees involved in the operation and maintenance of the AI Connectors platform.
2. Roles and responsibilities#
| Role | Responsibilities | ServiceNow role | ServiceNow accesses required |
|---|---|---|---|
| IT Infrastructure Owner | Accountable for all activities described in the "Manage IT Infrastructure" instruction [1]. Responsibility for performing the activities may be delegated, however, the task for Accepting the Residual Risk related to the IT Risk Assessment cannot be delegated. | IT Solution Owner | None |
| IT Infrastructure Manager | Responsibilities as delegated from Owner (incl. approve releases to production environments) and specific responsibilities in ServiceNow: Manage Business Application record, Manage IT Risk Assessment, and Manage Changes. | IT Solution Manager | ITOM Editor, IT Risk Responsible, and ITSM Supporter (or ITSM Change Manager) |
| Product Owner | Team leadership. Responsible for line of business engagement. Prioritization of service delivery and resources. Responsible for product quality and delivery. | Product Owner | None |
| Technical SME | Responsible for developing, maintaining, and operating the AI Connectors platform. | Technical Expert | None |
| Central Risk Manager | Facilitating the work on the IT Risk Assessment. Responsible for reviewing risk controls and moving entities to monitor in ServiceNow. Responsible for applying for policy exceptions via GIS if needed. | Other Editor | ITOM Editor, IT Risk Responsible |
For an updated list of who has been granted the roles for AI Connectors, please refer to ServiceNow under the "Roles" tab of the Business Application record.
The following references have been used when defining the Roles & Responsibilities:
- IT&Q Portal's Roles & Responsibilities
- [Manage IT Infrastructure (Q216301)][1]
- [Manage IT Solutions in ServiceNow (Q219354)][4]
- [Ownership of IT systems and IT infrastructure (Q187218)][3]
Delegations#
| Date | What | Role | Expiration | File |
|---|---|---|---|---|
| 2026-04-29 | - | - | - |
3. Solution information and documentation#
The AI Connectors platform is a collection of stateless MCP (Model Context Protocol) servers deployed on AWS ECS Fargate that provide secure, authenticated access to Microsoft 365 services (SharePoint, Outlook, Teams) and other data sources for AI assistants. Each MCP server acts as a proxy layer, calling downstream APIs on behalf of the authenticated user via the Azure AD On-Behalf-Of (OBO) flow. This means users can only access data they are themselves authorised to see in the underlying systems — the platform does not grant any additional permissions.
The platform is a GxP-qualified infrastructure. It may be used to support workflows involving GxP data where a human reviews and verifies AI-generated output before any regulated decision is made.
System information, including architectural overview, is available in ServiceNow ITOM. Documentation is stored in the
GitHub repository (bidma-nn/ai-connectors) under docs/compliance/.
4. IT process activities#
4.1. IT supplier management#
External cloud services are managed centrally by Novo Nordisk. The AI Connectors team escalates supplier issues through standard Novo Nordisk channels. For a full list of third-party suppliers and assessments, see supplier-vendor-assessment.md.
The following internal service providers support the platform:
| IT service provider | Responsibilities | Contact |
|---|---|---|
| AI Connectors Team (AI Foundations) | Development, operations, infrastructure, CI/CD, security patching, incident response. | GitHub: bidma-nn/ai-connectors; RUEK, VZA |
| Global IT Operations (GITO) | Azure AD app registration creation (via ServiceNow RITM); DNS delegation; AWS account management. | ServiceNow ITSM |
| NN IT Security | Azure AD sign-in log monitoring; enterprise-wide threat detection; security advisory distribution. | globalsecops@novonordisk.com |
4.2. IT risk management#
The IT risk assessment is stored in ServiceNow IRM and reviewed every 3 years or upon significant architectural changes.
4.3. Development and release#
Development follows a trunk-based workflow on the main branch. Pull requests trigger automated linting, security
scans (Snyk), and Terraform plans. Production releases are triggered manually and require approval gates. An IT change
record is created automatically for each production release.
The following environments exist:
| Environment | URL pattern | AWS Account |
|---|---|---|
| Production | https://<mcp-name>.connectors.novo-genai.com |
673034950531 (AWS-NN-AIconnectors-PRD) |
| Development | https://<mcp-name>.dev.connectors.novo-genai.com |
094069622854 (AWS-NN-AIconnectors-DEV) |
4.4. User access management#
Access to MCP servers is controlled via Azure AD enterprise application assignment. All MCPs are currently assigned to all Novo Nordisk employees (excluding sanctioned countries). Platform operator access (AWS, GitHub Actions, Terraform) is managed via OIDC-based roles with no long-lived credentials. A user review of platform operator access is performed on a yearly basis.
See access-management.md for full details.
4.5. Information security management#
The required security controls are implemented as defined in the IT risk assessment.
4.6. IT change management#
Changes are managed via GitHub Issues and GitHub Actions according to [1]. The IT changes are classified as normal, standard, or emergency changes.
4.7. IT incident management#
Incidents are managed via ServiceNow ITSM and GitHub Issues. See incident-response.md for incident classification, escalation, and post-incident review procedures.
4.8. Backup and recovery#
The platform is a stateless proxy layer and does not store business data. Persistent state is limited to the OAuth token cache (DynamoDB) and audit logs (S3). See backup-disaster-recovery.md for backup setup, recovery procedures, and testing schedule.
5. References#
| Ref | Document |
|---|---|
| [1] | Q216301 Manage IT Infrastructure |
| [2] | Q187218 Ownership of IT systems and IT infrastructure |
| [3] | Q219354 Manage IT Solutions in ServiceNow |
| [4] | Q212684 Security Patch Management |
6. Change log#
| Version no | Date | Change description |
|---|---|---|
| 1.0 | 2026-05-01 | Initial Document created |