The agent governance framework
· Avery NXR
As companies deploy more agents, the question of governance becomes real. Who decides what can be automated? Who reviews agent decisions? Who owns audit responsibility? Who decides when an agent should be retired?
Most companies haven't thought about agent governance explicitly. They deploy agents ad hoc. Then questions arise that nobody owns. Then governance gets built reactively under pressure.
We've watched several companies build governance frameworks for AI agents. Here's a synthesized framework based on what works.
Why governance matters
Compliance. Many industries have explicit or emerging requirements for AI decision-making transparency, fairness, and oversight.
Risk management. Agents make decisions that affect customers, employees, finances. Without governance, mistakes happen without clear remediation.
Decision quality. Decisions about which agents to deploy, expand, retire need someone making them. Without governance, decisions get made by default rather than design.
Resource allocation. Agent ops, engineering, training are real costs. Governance allocates these resources thoughtfully.
Audit readiness. When auditors (internal or external) ask about AI use, having governance answers makes the conversation tractable.
The companies skipping governance get to a point where ad hoc accumulation creates risk. Better to build governance early.
The framework
Four layers, each addressing different questions:
Layer 1: Policy What's permitted, what's prohibited, what's the framework
Layer 2: Approval Who decides what gets deployed
Layer 3: Operations How agents are managed day-to-day
Layer 4: Audit How we know things are working as governed
Each layer has specific components.
Layer 1: Policy
Acceptable use policy.
Defines what agents can do across the company. Examples:
→ Agents may process internal data → Agents may NOT process external customer data without specific approval per workflow → Agents may NOT make personnel decisions → Agents may NOT auto-send customer-facing communications without human review → Agents must run on company-approved platforms (Avery NXR, etc.)
The policy is the universal contract. Lives in policies handbook.
Data classification.
Defines what data can be processed where. Examples:
→ Public data: any agent platform → Internal data: approved platforms only → Confidential data: local-first agents only → Restricted data: no agent processing without specific governance review
Most companies need this even if they didn't have it before. AI deployment forces clarity.
Risk classification by use case.
Defines which agent use cases are higher risk and need more governance:
→ Low risk: automated drafting, summarization, internal analytics → Medium risk: customer communications drafts, classification of inbound → High risk: autonomous customer-facing actions, financial decisions, HR decisions
Risk level determines approval path and oversight intensity.
Layer 2: Approval
For low-risk agents: any team can deploy after self-certification. Standard documentation requirements.
For medium-risk agents: approval from function head + agent ops (or designee). Slightly more documentation.
For high-risk agents: formal review with legal/compliance/security input. Substantial documentation. Often phased deployment.
The approval matrix prevents over-governance of low-risk and under-governance of high-risk.
Approval criteria typically include: → What's the agent doing? → What data does it touch? → What actions can it take autonomously? → What's the trust ladder rung at deployment? → Who's the owner? → What's the rollback plan? → How are we measuring success?
Standard form. Standard process. Standard approval flow.
Layer 3: Operations
Agent ownership.
Every agent has one human owner. (See [post 215] for why this matters.) Ownership documented in agent metadata.
Maintenance schedule.
Each agent has a defined maintenance cadence (see [post 187]). Owner responsible.
Modification controls.
Who can modify what: → Owner: full edit access on their agents → Function head: full access within their function → Agent ops: read access across, edit access on shared/templates → Others: read only
Retirement workflow.
When agent should be retired: → Owner proposes retirement → Function head approves → Agent ops handles deprovisioning → Audit ledger archived per retention policy
Incident workflow.
When something goes wrong: → Notify agent ops → Drop agent down trust ladder (or pause entirely) → Investigate via audit ledger → Fix, return to operation, or retire → Document learnings
These workflows make operational governance happen consistently.
Layer 4: Audit
Audit ledger.
Every agent execution captured. Configurable retention. Audit-ready format. (See [post 164] for detail.)
Periodic agent review.
Quarterly review of each agent: still useful, still operating well, any issues?
Annual portfolio review.
Annual review of agent portfolio: total value, total cost, gaps, retirements, strategic direction.
Audit findings tracking.
When internal or external audits find issues, track resolution. Build institutional memory.
Compliance reporting.
For regulated industries, periodic compliance reports about agent use. Audit ledger feeds these.
What this looks like at different company sizes
Small (10-50 employees):
Light governance. Founder + COO own. Acceptable use policy in handbook. Each agent has owner. Quarterly review. Avery NXR's audit ledger handles audit needs.
Time investment: ~5% of one person.
Medium (50-500 employees):
Moderate governance. Agent ops role part-time (often combined with another ops role). Formal approval process for medium-risk. Quarterly portfolio review. Annual policy update.
Time investment: ~40-70% of one role.
Large (500+ employees):
Substantial governance. Dedicated agent ops team. Formal cross-functional governance council. Detailed risk classification. Regular compliance reporting.
Time investment: 1-3 FTE depending on size.
The investment scales with company size and risk exposure. Right-size to your context.
Common governance mistakes
Mistake 1: No governance at all.
Deploy agents ad hoc. Hope nothing goes wrong. Eventually something does. Build governance reactively under pressure.
Mistake 2: Over-governance that paralyzes.
Every agent requires 6-week approval process. Nobody deploys agents. Hidden cost of not shipping (see [post 191]) accumulates.
Mistake 3: Governance that doesn't fit the risk.
Treating low-risk agents like high-risk. Treating high-risk like low-risk. Right-size the governance to actual risk.
Mistake 4: No clear ownership.
"The team" owns governance. Nobody actually owns it. Decisions get deferred.
Mistake 5: Static governance.
Policy from 2024 still applied in 2026 without updates. AI landscape evolves. Governance should too.
What to do this quarter
If you're a leader thinking about agent governance:
→ Identify current state. What agents are running? Who owns them? What's the risk profile?
→ Draft an acceptable use policy. Even a simple one. Better than no policy.
→ Establish approval flow by risk level. Low/medium/high with clear criteria for each.
→ Assign or hire agent ops. Even part-time. Need someone responsible for cross-cutting concerns.
→ Schedule quarterly review. Get it on calendars. Make it happen consistently.
→ Document everything as you go. Build institutional memory.
This quarter's investment positions you for next year's growth.
What we provide in Avery NXR for governance
Specific features:
→ Per-agent metadata (owner, classification, deployment date) → Role-based access controls → Audit ledger with configurable retention → Connector permission scoping → Trust ladder configuration → Confidence threshold settings → Approval workflows (in development)
These give governance teams the tools they need to implement frameworks like the one above.
Why governance is a competitive advantage
Companies that develop AI governance maturity early have advantages:
→ Trust from regulators. When AI regulations land, you're ready. → Trust from customers. "We have AI governance" becomes a marketing point. → Trust from employees. They understand how AI is used, what the boundaries are. → Faster deployment. Counter-intuitively, good governance enables faster deployment of approved agents because the framework is clear. → Lower risk of incident. Governance catches issues before they become incidents.
Governance is structurally pro-deployment when done right. Anti-deployment when done wrong.
The principle
AI agents are software making decisions in your business. Like any software making decisions, they need governance.
Most companies will end up with some form of the framework above. The question is whether they build it deliberately and proactively, or accumulate it reactively under pressure.
Deliberate and proactive is better.
→ avery.software — Free Desktop tier. Built with governance support that scales from solo to enterprise.