Governance & Trust
Every agent operates inside explicit guardrails. This page shows the control framework, autonomy rules per scenario, and the current implementation status of each policy.
Needs owner
2
controls
Design
3
controls
Implemented
2
controls
Testing
3
controls
Governance controls
10 controls across consent, brand safety, financial thresholds, and audit
| ID | Control | Policy | Applies To | Level | Risk | Status |
|---|---|---|---|---|---|---|
| GOV-001 | Customer identity verification | Support agent must verify email/order number before disclosing order details | A01 | Mandatory | High | Needs owner |
| GOV-002 | Refund and replacement approval | Agent may draft but not issue refunds above threshold without human approval | A01 | Mandatory | Medium | Design |
| GOV-003 | Consent gate | Marketing agent checks consent before segmentation or send | A03/A08 | Mandatory | Low | Implemented |
| GOV-004 | Wholesale price isolation | B2B account-specific pricing is only visible to authorized users | A04 | Mandatory | Medium | Needs owner |
| GOV-005 | Claims review | Ingredient, safety, sustainability, and performance claims need approved language | A03/A07/A08 | Mandatory | Low | Design |
| GOV-006 | AI answer citations | Customer-facing answers must be grounded in approved knowledge base or live data | All | Mandatory | High | Design |
| GOV-007 | Inventory promo block | Campaign is paused if hero SKU drops below cover threshold | A03/A06 | Recommended | Low | Testing |
| GOV-008 | PII minimization | Logs should redact raw address/payment details | All | Mandatory | Medium | Implemented |
| GOV-009 | Human override | Every autonomous action must include rollback/owner visibility | All | Mandatory | High | Testing |
| GOV-010 | Audit trail | Every action records agent, data source, confidence, and tool call | All | Mandatory | High | Testing |