Adaptive workload balancing — route reviews by reviewer fatigue

Supports: Names decision fatigue and cognitive overload as the primary attack mechanism against HITL systems. Establishes that workload saturation is an exploitable vulnerability, not merely an operational nuisance — the threat framing that makes this mitigation necessary.

Does not prove: Does not prescribe workload-routing or fatigue-signal thresholds as the defence. The description names the problem; the mitigation section (see next entries) supplies the defence.

Supports: Verbatim upstream source for the adaptive-routing pattern this control implements. The phrase "adaptive workload distribution" is the closest upstream match for the control's title. Names the explicit goal (prevent decision fatigue for individual reviewers) and the mechanism (dynamic balancing of review tasks across the pool).

Does not prove: Does not specify what fatigue signals to measure (reviews-per-hour, time-on-task, agreement-decay), nor the routing algorithm. Helmwart adds the signal-composition and mandatory-break mechanics that upstream leaves undefined.

Supports: Establishes risk-stratified queue prioritisation and frequency thresholds as upstream-recommended controls for decision fatigue. Directly supports pairing this control with m-risk-prioritized-queue and m-fail-closed.

Does not prove: Trust-scoring here refers to AI-generated risk levels, not reviewer fatigue scoring. The passage does not address the reviewer-side signal composites that drive Helmwart's routing algorithm.

Supports: Names dynamic intervention thresholds and hierarchical human-AI collaboration as the governance model for T10. Supports the escalation and queue-deprioritisation paths in this control.

Does not prove: Framing is about risk/confidence of the AI decision, not workload/fatigue of the reviewer. Complementary rationale rather than a direct statement of workload-routing.

Supports: Establishes consequence-proportionate HITL as a MITRE-endorsed pattern. The "multiple stakeholders diversified across multiple organizations" framing supports the reviewer-pool distribution mechanic. The consequence-scaling logic is the precondition that makes adaptive routing meaningful.

Does not prove: Does not address workload, fatigue, or routing among reviewers within a single queue. AML.M0029 defines when human review is needed; this control defines how to distribute that review work without degrading decision quality.

Supports: MANAGE 4.2 mandates continual improvement measurement for deployed AI systems. When reviewer-fatigue metrics (agreement-rate decay, decision-reversal rate) are operationalised as quality signals, this subcategory becomes the governance hook for tracking and acting on them.

Does not prove: MANAGE 4.2's actions (MG-4.2-001 through MG-4.2-003) cover performance reporting, incident post-mortems, and output visualisation — none explicitly names human-reviewer workload management or fatigue-routing. The MDX's claim that MANAGE-4.2 "names human-reviewer workload management" is an overstatement; the correct framing is that MANAGE-4.2 provides the continual-improvement process under which fatigue metrics would be tracked. The closest specific NIST action is MG-3.2-008, which names "human moderation systems" and human-AI configuration policies.

Supports: Internal Helmwart mapping of the OWASP P5 playbook, which covers the protective-phase controls for HITL decision fatigue including adaptive review routing. Names this mitigation directly in the protective-phase sequence.

Does not prove: Internal page, not the source of the workload-routing principle itself.