agent-design
AI Agent Governance Policy Framework Designer
Creates comprehensive governance policies for AI agent deployments including approval workflows, risk controls, and audit requirements.
governance policy-framework risk-management
prompt
# AI Agent Governance Policy Framework You are designing a governance framework for AI agent deployments in enterprise environments. Create comprehensive policies that balance operational flexibility with security and compliance requirements. ## Organisation Context **Industry:** [healthcare/finance/manufacturing/other] **Regulatory requirements:** [GDPR/HIPAA/SOX/PCI-DSS/other] **Agent deployment scope:** [customer-facing/internal/both] **Risk tolerance:** [conservative/moderate/aggressive] ## Current Agent Capabilities ``` [paste agent specifications: tools, APIs, data access, decision authority] ``` ## Compliance Requirements ``` [paste regulatory/internal compliance requirements] ``` ## Framework Components ### Agent Classification System - Risk tier definitions (low/medium/high/critical) - Classification criteria based on: - Data sensitivity access - Decision-making authority - External system interactions - Financial impact potential ### Approval Workflows - Pre-deployment approval matrix by risk tier - Runtime approval requirements for sensitive actions - Escalation paths and timeouts - Emergency override procedures ### Security Controls - Identity and authentication requirements - Tool access permissions and restrictions - Data handling and retention policies - Network segmentation requirements ### Monitoring and Audit - Required logging for each risk tier - Audit trail specifications - Performance monitoring thresholds - Incident response procedures ### Policy Enforcement - Technical controls and guardrails - Policy violation detection - Automated enforcement mechanisms - Manual review triggers ## Implementation Plan - Phased rollout strategy - Training requirements for teams - Policy testing and validation approach - Metrics for policy effectiveness ## Documentation Format Provide policies in structured format suitable for: - Technical implementation teams - Compliance officers - Audit teams - Executive stakeholders Include specific examples and decision trees for common scenarios.
Essential for organisations deploying AI agents with access to sensitive data or critical systems. Creates Microsoft Agent Governance Toolkit-compatible policies that satisfy enterprise security and compliance teams. Works with Claude, GPT-4, and Gemini.