AI governance needs identity controls as agents expand access

At a glance

What this is: This is Kong’s framework guide on AI governance, and its key finding is that governance must move from principles to controls, lifecycle discipline, and auditability.

Why it matters: It matters because IAM, IGA, PAM, and NHI programmes now need to govern AI access, decision-making, and lifecycle processes with the same rigour they apply to human and machine identities.

By the numbers:

• Only 37% have policies to manage AI or detect shadow AI.

👉 Read Kong's framework guide on AI governance and lifecycle controls

Context

AI governance is the set of principles, roles, and controls that make AI use secure, auditable, and compliant across the organisation. In identity terms, the hard problem is not policy language, but how AI access is approved, monitored, and retired across the systems it can touch.

Kong’s framework guide frames AI governance as a management discipline that spans ethics, compliance, risk management, and technical oversight. For IAM and security teams, the implication is simple: if AI can make decisions, access data, or interact with APIs, it needs governance that looks much more like identity control than abstract policy.

The article is broadly aligned with a typical enterprise view of AI governance maturity, but it also exposes a familiar gap. Organisations often define AI principles before they define the identity and access controls that make those principles enforceable.

Key questions

Q: How should organisations govern AI systems that can access business data and APIs?

A: Organisations should govern AI systems as identities with defined owners, scoped permissions, review points, and retirement paths. If an AI system can reach business data or APIs, the control model should include access approval, monitoring, audit evidence, and lifecycle offboarding. Without those controls, governance remains declarative rather than enforceable.

Q: Why do shadow AI deployments create so much governance risk?

A: Shadow AI creates governance risk because systems that are not discovered cannot be approved, monitored, or retired. That leaves teams without visibility into data access, policy violations, or accountability when something goes wrong. The result is a control gap that often appears only after a breach, audit, or regulatory inquiry.

Q: What do security teams get wrong about AI governance programmes?

A: Security teams often treat AI governance as a policy or ethics exercise rather than an operational control problem. The common mistake is to define principles without mapping them to identity ownership, lifecycle management, evidence collection, and access constraints. That leaves the programme unable to prove what it actually controlled.

Q: Which frameworks should guide enterprise AI governance decisions?

A: NIST AI RMF, ISO/IEC 42001, and the EU AI Act are the most relevant starting points because they connect risk management, management systems, and regulatory obligations. Practitioners should use them to shape internal control objectives, evidence requirements, and review processes rather than as abstract policy references.

Technical breakdown

AI governance frameworks and control layers

AI governance is not a single policy. It is a stack of controls covering risk identification, accountability, transparency, privacy, testing, and lifecycle management. Kong’s guide points to NIST AI RMF, ISO/IEC 42001, and the EU AI Act as the external structure enterprises use to turn intent into measurable obligations. The important detail for practitioners is that governance becomes operational only when these layers are mapped to owners, evidence, and review points across the AI lifecycle.

Practical implication: map AI governance requirements to named control owners, evidence sources, and review cadences before deployment scales.

AI lifecycle management and auditability

The guide treats lifecycle management as a core governance requirement, not an afterthought. That means policies for data collection, model validation, deployment monitoring, archival, and retirement, with records that prove the controls existed when decisions were made. In regulated environments, this is the difference between saying an AI system was governed and being able to demonstrate it under audit or incident review.

Practical implication: define lifecycle checkpoints for AI systems the same way IAM teams define joiner, mover, leaver, and recertification checkpoints.

Shadow AI and governance blind spots

Shadow AI is unmanaged AI use outside approved oversight, and it is where governance collapses first. If teams cannot discover AI systems, they cannot assign accountability, constrain access, or validate what data is being exposed. Kong’s guide ties this to real breach cost and policy gaps, which is why discovery, classification, and audit trails matter more than generic AI enthusiasm.

Practical implication: inventory AI systems and their identities before expanding usage, then tie each one to a governance owner and evidence trail.

NHI Mgmt Group analysis

AI governance fails when it stops at principles and never reaches identity control. Kong’s guide is strongest where it shows that ethical language alone does not govern access, data handling, or decision paths. AI becomes a security problem when it can act inside business systems without clear ownership, scoped permissions, or lifecycle exit criteria. The practitioner conclusion is that AI governance and identity governance must be treated as one operating model.

Shadow AI is the governance blind spot that turns policy into theatre. If organisations cannot see which AI systems are active, they cannot monitor behaviour, enforce approvals, or prove compliance after an incident. That makes discovery and inventory a prerequisite for any meaningful control framework. The practitioner conclusion is that unmanaged AI use should be treated as an identity exposure, not just an innovation issue.

Lifecycle management is the control plane AI governance most often lacks. The article correctly emphasises validation, monitoring, and retirement, but those controls only work when there is a formal path for provisioning, review, and decommissioning. That is the same failure mode security teams already know from service accounts and other NHIs. The practitioner conclusion is to govern AI identities with the same lifecycle discipline already expected for non-human access.

AI governance is converging with IAM, PAM, and NHI governance rather than replacing them. Kong’s framing mirrors a broader market shift: AI systems are increasingly evaluated by whether they can be discovered, authorised, constrained, and audited like any other privileged identity. That convergence is why NIST AI RMF, NIST CSF, and ISO/IEC 42001 matter together. The practitioner conclusion is to stop separating AI oversight from identity programme design.

One useful concept here is governance evidence debt: the gap between claiming AI controls exist and being able to prove they operated at the right time. Kong’s article repeatedly returns to auditability, monitoring, and compliance proofs, which are only useful if the organisation can produce them under pressure. That is where many governance efforts fail, because policy artefacts do not equal operational evidence. The practitioner conclusion is to build evidence collection into AI controls from day one.

From our research:

• 80% of organisations report their AI agents have already performed actions beyond their intended scope, according to AI Agents: The New Attack Surface report.
• 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
• For the next governance step, see OWASP Agentic AI Top 10 for the control patterns that turn AI risk into enforceable identity policy.

What this signals

AI governance is rapidly becoming an identity governance problem. As organisations move from isolated pilots to embedded AI workflows, the relevant question is no longer whether the model is accurate, but whether the identity behind it is discoverable, accountable, and offboardable. That shift matters because governance programmes built only for human users will not see the operational failures created by machine-speed decision making.

With 80% of organisations already reporting AI agents acting beyond intended scope, according to our research, the governance gap is now measurable. Teams should expect pressure to demonstrate evidence, not intent, and should align AI oversight with established control frameworks such as the NIST AI Risk Management Framework. The practical signal is that AI governance will be judged by auditability and access control, not by policy statements alone.

Governance evidence debt: this is the point at which organisations can describe their AI controls but cannot prove they operated when needed. That condition will increasingly drive board, audit, and regulatory scrutiny, especially where AI systems touch customer data, regulated decisioning, or API-based operational workflows. IAM leaders should prepare to treat AI inventory, ownership, and offboarding as standard control evidence.

For practitioners

• Define AI identity ownership Assign a named business and security owner to every deployed AI system, with responsibility for access scope, monitoring, and retirement. Make ownership part of the approval workflow, not a post-deployment cleanup task.
• Build lifecycle checkpoints into AI approvals Require entry, review, validation, and retirement checkpoints for AI systems, and tie them to evidence that can survive audit and incident review. Treat this as lifecycle management, not a one-time policy sign-off.
• Inventory shadow AI before scaling usage Discover every AI system connected to business data or APIs, then classify it by owner, data access, and operational purpose. Unseen AI should be treated as an unmanaged identity until proven otherwise.
• Map governance controls to framework obligations Translate the article’s NIST AI RMF, ISO/IEC 42001, and EU AI Act references into internal control objectives, evidence requirements, and review cycles. This avoids broad principles that cannot be tested in practice.

Key takeaways

• AI governance becomes meaningful only when it reaches identity, access, and lifecycle control.
• Shadow AI and unmanaged agent behaviour create measurable risk, not theoretical concern.
• Enterprises should align AI governance with IAM, IGA, PAM, and framework-based evidence requirements now.

Key terms

• AI Governance: The policies, roles, and controls that make AI use accountable, auditable, and compliant. In practice, it connects ethical intent to operational enforcement, including access approval, monitoring, validation, and retirement across the AI lifecycle.
• Shadow AI: AI systems used without approved oversight or visibility from security and governance teams. These deployments are risky because they cannot be reliably approved, monitored, or offboarded, which leaves data exposure and accountability gaps hidden until an incident occurs.
• Governance Evidence: The records that prove a control existed and operated when needed. For AI programmes, that usually means logs, approvals, review outcomes, and lifecycle artefacts that show who owned the system, what it accessed, and how it was retired.
• Lifecycle Management: The discipline of governing a system from creation through operation to retirement. For AI, it includes provisioning, validation, monitoring, and decommissioning, and it must be tracked with the same rigor used for other privileged identities.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or governance in your organisation, it is worth exploring.

This post draws on content published by Kong: What is AI Governance? 2026 Framework Guide. Read the original.