AI Worker Governance Resource

AI Activity to AI Worker Governance Crosswalk

Not every AI activity needs the same governance. Use this public planning crosswalk to decide when simple AI use needs baseline guidance, when enterprise AI applications need stronger review, and when governed AI workers need Passport, Toll Gate, Runtime Permit, evidence, and lifecycle controls.

Why It Matters

Governance should intensify as AI moves closer to action.

Personal AI assistance, enterprise AI applications, AI development, governed agent development, and enterprise agent platforms create different risk, evidence, ownership, and lifecycle needs. The Scaled Agents view is simple: once an AI capability becomes a durable AI Worker that can operate across tools, systems, data, or workflows, it needs operational governance as an accountable entity.

Baseline AI use

Drafting, summarizing, searching, and brainstorming usually need approved-use guidance, data handling rules, and human validation before outputs are used.

Enterprise AI workflows

AI embedded in business workflows needs owners, data boundaries, output review, logging expectations, and clear escalation when results influence decisions.

Governed AI Workers

AI Workers that can use tools, call APIs, trigger workflows, move data, or act with delegated authority need Passport, Tolls, Runtime Permits, evidence, and lifecycle controls.

Activity Intensity Model

Five levels of governance intensity.

Use this model as a practical review aid. When the activity changes from assistance to delegated work, move from general usage controls toward record-backed AI Worker governance.

Level 1

Personal AI assistance

Individual drafting, summarizing, translation, ideation, research support, or personal productivity.

Default posture: approved tool guidance, data-use rules, sensitive-data restrictions, and human validation.

Level 2

Enterprise AI application

AI-enabled functionality embedded in a business application, service path, analytics workflow, or productivity tool.

Default posture: workflow owner, data owner, approved use boundary, output review, review logs where available, and risk-tier review.

Level 3

AI development

Teams build, configure, evaluate, or deploy models, prompts, RAG, AI-enabled services, or agentic capabilities.

Default posture: source, model/provider, prompt, data, evaluation, security, deployment, rollback, and change-review evidence.

Level 4

Governed agent development

A durable agent or AI Worker is designed to perform delegated work with tools, workflows, memory, data access, or system access.

Default posture: Agent Registry, Passport, owner roles, scope, allowed and prohibited actions, Tool/API/Connector Registry review, Toll Gates, Stamps, and Human Review.

Level 5

Enterprise agent platform

Many AI Workers operate across systems, teams, workflows, connectors, and lifecycle states.

Default posture: portfolio governance, Runtime Permits, Action Broker mediation, evidence reconstruction, lifecycle analytics, incident response, pause/disable/revoke paths, and customer-managed deployment gates.

Control Domains

What changes when AI becomes an AI Worker?

The control focus shifts from general policy and model review toward operational questions: who owns the AI Worker, what scope applies, what can it do now, what evidence exists, and how can authority be paused, disabled, revoked, or retired?

Identity and ownership

Use Passport and Registry records to establish AI Worker identity, accountable owners, purpose, scope, lifecycle state, and review posture.

Scoped authority

Use Tool/API/Connector Registry records, `tool_permissions`, Purpose Binding, Tolls, and Runtime Permits before action-capable work proceeds.

Human review

Route restricted, unclear, high-risk, sensitive, external, irreversible, or consequential activity through accountable Human Review paths.

Evidence and activity trail

Record review decisions, boundary crossings, evidence updates, denials, exceptions, action decisions, and lifecycle events without storing secrets or raw sensitive data.

Runtime governance

Check the current action, tool, data class, destination, policy version, approval state, evidence posture, and rollback path before activity becomes consequence.

Lifecycle controls

Keep proposed, draft, ready for review, active, suspended, expired, blocked, retired, and revoked states distinct; an active Passport does not authorize every action.

Default rule: when classification is uncertain, use the stronger governance path until an authorized human review confirms a lower-control treatment. Missing ownership, scope, evidence, approval, tool authorization, data classification, memory boundary, or rollback path should pause, block, escalate, require evidence, or require human review.

Reviewer Questions

Questions to ask before increasing autonomy.

  • Does the AI only help a human prepare work, or can it call tools, APIs, connectors, workflows, or external systems?
  • Can the activity change state, move data, trigger automation, send externally, or affect an operational outcome?
  • What data classes, systems, destinations, model/provider routes, and memory or retrieval boundaries are involved?
  • Who owns the business purpose, technical operation, risk review, data review, escalation path, pause/disable authority, and retirement decision?
  • Can the decision path be reconstructed through Passport, Runtime Permit, Tool/API/Connector Registry, Toll Gate Decision, Human Review, Evidence, Stamp, Workflow Event, Agent Action Decision, and Audit Export records?