Bernard Aceituno is Cofounder of StackAI and holds a Ph.D. and SM in Computer Science.
The world has radically changed since the release of ChatGPT a few years ago.
While chatbots seemed revolutionary then, enterprises are now shifting to agentic AI: systems that can execute processes from beginning to end, taking action across all the tools they already use.
Ninety percent of enterprises are actively adopting AI agents, according to a survey by Kong, and 79% of enterprises expect full-scale adoption of agentic AI in the next three years.
As enterprise teams scale automation of tedious, manual workflows with this technology, they could see millions in operational savings, according to a McKinsey analysis.
However, there’s still a bottleneck: keeping agents governed and secure. When IT leaders discuss “AI governance,” they usually mean data privacy or model bias. Those matters, but they’re missing the bigger picture. Real AI governance is about control: who can build agents, what data they can access, what gets released to production and how you track everything once it’s running.
Without this layer, AI deployments become chaos, and chaos isn’t scalable.
What Happens When Enterprise AI Is Ungoverned
Four things often occur when companies deploy AI agents without governance:
1. “Shadow AI” spreads, meaning teams build their own tools using company data without approval.
2. When something breaks, there’s no audit trail: Nobody can answer “who changed what, and when?”
3. Internal prototypes accidentally go live because there’s no review process, leading to customer confusion or poor AI experiences.
4. If access controls are weak or nonexistent, certain teams often see sensitive information that they shouldn’t have visibility into.
Potentially worse than those risks, agentic AI also introduces new attack surfaces that traditional security wasn’t designed for:
• Prompt manipulation where users jailbreak instructions or inject malicious content to make agents leak information.
• Retrieval vulnerabilities when agents pull from knowledge bases and connectors, potentially exposing unauthorized data or injecting poisoned content that manipulates responses.
• Action-based risks where agents make changes in the real system. This is the governance gap: the space between what AI can do and what organizations can safely deploy at scale.
The Governance Checklist Enterprises Actually Need
Governance isn’t compliance paperwork or a single security feature.
After working with hundreds of organizations to deploy production AI systems, I’ve developed a practical eight-layer framework of must-haves for any CIO looking to govern and scale AI:
• Role-based access control determines who can build, edit and deploy agents. This prevents unauthorized changes and makes ownership explicit when something goes wrong. Organizations that implement RBAC experience up to a 50% reduction in security incidents, according to Ponemon Institute research cited by Deskera.
• Version control and change locking track every modification with full history. Production agents get locked, so only authorized users can edit them. When an agent’s behavior changes unexpectedly, you can see exactly what was modified and roll it back.
• Workspace and environment isolation creates hard boundaries between teams, departments and risk levels. IBM found that 40% of breaches involved data stored across multiple environments. As such, finance agents shouldn’t touch HR data. Internal tools shouldn’t connect to customer-facing systems. Workspaces and environments enforce these separations.
• Approval workflows mean nobody pushes directly to production. Changes go through staging environments and require explicit review and testing. “Pull request”-style approval separates experimentation (move fast) from production release (be careful).
• Interface-level security ensures only authorized users can interact with agents. According to Microsoft, MFA can block more than 99.2% of account compromise attacks. Password protection, single sign-on integration and other similar strategies prevent unauthorized access—not just to building agents, but to using them.
• Controlled data and tool access limits agents to only the data and systems they need. Agents use scoped credentials, not admin accounts. User-level permissions ensure agents only retrieve information the current user is authorized to see.
• Identity check ties AI systems into corporate identity management. Verizon estimates that 22% of data breaches have a connection to compromised privileged credentials, which is still the leading cause of breaches. That’s why it’s important that if someone leaves or changes roles, their agent access is revoked automatically.
• Observability and audit logs provide complete visibility into what agents do. Who ran it, what actions it took, which data it accessed and how long it took. When auditors ask questions or incidents happen, you have answers.
You’ll likely find that these strategies are not revolutionary. They mirror how mature organizations already manage software and data. The challenge is that most companies haven’t applied these patterns to AI yet.
How The Governance Framework Works In Practice
Let’s use the example of a construction firm to illustrate the governance layer in action.
Safety managers need to find OSHA standards and internal safety documentation scattered across SharePoint, OneDrive and Google Drive. Without AI, this takes hours of searching.
AI agents can query these sources instantly. But here’s where governance matters: The agent should only be able to retrieve documents the signed-in user is authorized to see. Identity integration enforces this at the user level. Workspace isolation ensures the agent can’t access other departments’ data. Version control tracks changes to the agent’s behavior. Lastly, audit logs show every query.
I’ve worked with organizations that have processed thousands of queries in a year this way, saving upwards of 1,000 staff hours. But I’ve also seen that having a governance framework is a necessary first step so that security and compliance teams are comfortable signing off on companywide access.
How Enterprises Can Safely Scale AI
Enterprise AI is no longer limited by technology, but by trust. Tech leaders must know who controls the system, how decisions are made or what happens when something breaks to successfully scale AI and resulting efficiency gains across entire organizations.
All of this is possible with a comprehensive governance framework. When access, change control and visibility are built in, trust stops being abstract and becomes concrete.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
