Agentic AI
Operational controls for agentic ai — with maturity levels, evidence requirements, and implementation guidance.
8 controls
Agent Permission Boundaries
Apply least-privilege principles to AI agents by explicitly defining and enforcing the tools, APIs, data sources, and actions each agent is authorized to access.
Agent Prompt Injection Defense
Protect AI agents from prompt injection attacks — adversarial instructions embedded in external content that hijack agent behavior.
Agent Memory and Context Governance
Define policies governing what AI agents store in memory or persistent context, how long it is retained, who can access it, and under what conditions it is deleted.
Multi-Agent Trust Hierarchy
Define explicit rules for which agents can instruct, invoke, or delegate authority to other agents in multi-agent systems.
Human Approval Gate for Irreversible Agent Actions
Require explicit human approval before an AI agent takes actions that are difficult or impossible to reverse, such as sending communications, modifying records, executing transactions, or deleting data.
Agent Action Audit Trail
Log every tool call, decision step, memory read/write, and external interaction made by an AI agent so that the full action sequence can be reconstructed after the fact.
Agent Scope and Task Boundaries
Define and enforce the boundaries of what an AI agent is permitted to do, preventing it from expanding its activity beyond its intended purpose.
Agent Environment Isolation
Run AI agents in isolated execution environments that limit their ability to access host systems, network resources, or data beyond what their task requires.