tl;dr:The standard way to do code review is with back-and-forth, asynchronous GitHub comments. But is that always the best fit? Like with any complex discussion, there are times when it's simply better to talk face-to-face. Pair reviews can be a nice balance for orgs that don't fully embrace pair programming otherwise.
tl;dr:In "break glass" scenarios, code review often gets skipped. But many compliance frameworks like SOC2 require that all changes get reviewed. PullApprove tracks these unreviewed pull requests as "bypassed" and facilitates a post-merge review process.