TL;DR: Autonomous agents are multiplying fast, but weak workforce identity controls are still the foundation problem: roughly half of employees hold excessive or privileged access, and overloaded certification workflows push people toward rubber-stamp approvals, according to Clear Skye. AI governance will fail if the humans provisioning it remain under-governed.
At a glance
What this is: This is an analysis of why workforce identity weaknesses are now the hidden constraint on AI agent governance.
Why it matters: It matters because IAM, IGA, PAM, NHI, and agentic AI programmes all inherit risk when the humans provisioning access are already over-privileged and poorly governed.
By the numbers:
- A recent 2025 survey found that roughly half of employees carry excessive or privileged access.
- Only 5.7% of organisations have full visibility into their service accounts.
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures.
👉 Read Clear Skye's analysis of the hidden identity problem behind AI hype
Context
The identity problem behind AI agent governance starts with human workforce access, not with the agent itself. If the people provisioning, approving, and monitoring access already carry excessive privilege, then the agent inherits an unstable control environment before it ever takes an action.
That is why access requests, certifications, and approval workflows are not administrative overhead. They are the operating controls that determine whether AI governance sits on a defensible identity foundation or on a pile of rubber-stamped exceptions.
Familiar workflows matter because identity control only exists when people actually use it. A programme that is technically sophisticated but routinely bypassed does not reduce risk, especially when the same users are now authorising autonomous systems.
Key questions
Q: What breaks when workforce identity is not under control before AI agent rollout?
A: The agent layer inherits the same excess privilege, unclear approvals, and weak accountability already present in the human identity layer. That means the organisation scales bad access decisions faster, not safer. If the people provisioning access are over-entitled, the AI programme starts from a permissive baseline that governance cannot easily unwind.
Q: Why do AI agent programmes depend on human IAM maturity?
A: Because humans still define who can create, approve, and supervise the agent's access. When IAM is messy, every downstream agent inherits weak entitlement discipline. Mature human IAM does not solve agent risk by itself, but without it, agent governance becomes an overlay on top of uncontrolled access.
Q: How do you know if access certification is working in practice?
A: Look for low exception rates, clear entitlement understanding, and few help desk escalations caused by review friction. If reviewers routinely approve everything to clear queues, the control is not producing meaningful governance. Accurate certification should reduce excess access, not merely create audit evidence.
Q: Who is accountable when an AI agent acts on excessive access granted by a human?
A: Accountability sits with the identity governance process that allowed the excessive entitlement in the first place, not only with the runtime behaviour of the agent. If the human approver, reviewer, or provisioning path is weak, the breach begins in governance. That is why workforce identity and agent oversight must be managed as linked controls.
Technical breakdown
Why excessive workforce access becomes an agent governance problem
When human users hold more access than they need, every downstream identity they provision inherits that risk profile. AI agents do not create privilege from nothing. They are configured, approved, and supervised by humans, so the quality of the initial entitlement decision sets the boundary for what the agent can later do. If the human operator has broad standing access, the agent often begins life with the same design flaw: privilege is already too wide before runtime behaviour even starts. This is an identity governance failure, not an AI-specific anomaly.
Practical implication: treat human access remediation as a prerequisite for any agent governance rollout.
Why certification fatigue turns governance into theatre
Access certification only works when reviewers understand the entitlement they are approving and have enough time to make a real decision. When the process is too complex, people optimise for speed, not accuracy. They approve requests to clear queues, accept vague explanations, and move on. That creates a control that exists on paper but not in practice. In identity programmes, that gap is especially dangerous because it normalises excessive access and makes AI-era governance look mature even when the underlying decisions are weak.
Practical implication: simplify review paths and remove ambiguity before expanding access certification scope.
Why workforce identity remains the control plane for AI adoption
AI agent governance depends on the quality of the workforce identity plane that surrounds it. The human identity layer determines who can provision, delegate, and approve access, while the agent layer simply executes within those boundaries. If the identity model is overloaded, the AI layer amplifies the same organisational weaknesses at machine speed. Clear Skye’s core argument is that adoption and usability are security controls because they determine whether governance is followed or avoided. That logic applies directly to workforce identity, NHI administration, and emerging agent oversight.
Practical implication: design access workflows that people can complete correctly without bypassing the control.
NHI Mgmt Group analysis
Human workforce identity is the hidden dependency behind AI governance. AI agents are configured and approved by people, so the quality of workforce identity controls determines the quality of agent governance before any runtime behaviour appears. If excessive access already exists in the human layer, the agent inherits a permissive operating model rather than a constrained one. The implication is that agent governance cannot be evaluated in isolation from workforce IAM.
Access certification fatigue is a control failure, not a usability footnote. When reviewers do not understand what they are approving, they default to rubber-stamping or deferring to the help desk. That weakens recertification as a governance signal and keeps excess privilege alive across both human and non-human identities. The practitioner conclusion is simple: a control that users routinely bypass is not a control.
Identity adoption is a security control because governance only exists when it is used. The article's central point aligns with NIST Cybersecurity Framework 2.0 thinking: protection depends on controls that function in real operating conditions, not just on policy design. A familiar, low-friction workflow increases the chance that approvals are deliberate and auditable. Practitioners should measure whether identity processes are being completed accurately, not merely whether they are technically available.
Workforce identity remediation should come before autonomous scale-out. The market is racing toward AI governance overlays, but those overlays do not fix pre-existing privilege sprawl in the human layer. That is especially true where NHI and agentic systems are provisioned by the same teams that already struggle with entitlement hygiene. The field should treat human access cleanup as the first-order dependency for any broader identity security programme.
From our research:
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to Ultimate Guide to NHIs.
- Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them.
- That is why the Top 10 NHI Issues matters for programme design: access sprawl and lifecycle gaps are usually linked, not separate.
What this signals
Human identity hygiene now determines whether AI governance has any operating leverage. The next wave of agent oversight will not be won by adding more policy layers. It will be won by reducing entitlement noise in the human control plane so approvals, reviews, and delegations actually reflect reality.
Access friction has become a measurable governance risk. If review workflows push people toward shortcuts, the control is generating non-compliance by design. Identity teams should watch for evidence of approval fatigue, help desk deflection, and entitlement ambiguity as leading indicators that governance is being bypassed in practice.
Workforce entitlement cleanup, not just agent policy, is the first maturity step. The immediate programme signal is whether human IAM, NHI governance, and future agent controls are being designed as one identity system or as disconnected projects. The organisations that unify those layers will have a far better chance of keeping access defensible as autonomy expands.
For practitioners
- Right-size workforce entitlements before agent rollout Review the access held by the people who will provision, approve, and monitor AI agents. Remove standing privilege that is not required for their job, because agent governance inherits the human operator's entitlement baseline.
- Simplify access certification paths Shorten review lists, clarify entitlement descriptions, and route exceptions through explicit escalation rather than broad approval queues. The goal is to reduce rubber-stamp behaviour and make real review feasible.
- Measure whether users can complete governance tasks without bypassing them Track how often requests go to the help desk, how many approvals are rushed, and how frequently reviewers approve without evidence. Those signals show whether identity controls are being used as intended.
- Sequence AI governance after workforce cleanup Do not treat agent oversight as a substitute for workforce identity remediation. Build agent controls on top of a stable human identity baseline, not alongside unresolved privilege sprawl.
Key takeaways
- The article argues that AI agent governance will fail if workforce identity remains overloaded, because agents inherit the access model built by humans.
- Roughly half of employees carrying excessive or privileged access shows that the underlying identity problem is already broad, not theoretical.
- The most practical response is to clean up human entitlements, simplify certification, and only then scale autonomous access controls.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | PR.AC-4 | Access permissions and review quality are central to this workforce identity problem. |
| NIST Zero Trust (SP 800-207) | AC-4 | The article depends on least-privilege access decisions that zero trust expects to be continuously verified. |
| OWASP Non-Human Identity Top 10 | NHI-03 | The piece links identity sprawl and excess privilege to non-human access governance. |
Map workforce and agent provisioning to PR.AC-4 and remove standing privilege before scaling AI governance.
Key terms
- Workforce Identity: The set of identities, roles, entitlements, and governance processes used to manage human employee access. In practice, workforce identity is the control plane that determines who can request, approve, and administer access across systems, and it directly shapes how safely downstream non-human and agent access can be governed.
- Access Certification: A periodic review process used to confirm that an identity still needs the access it holds. Effective certification depends on reviewers understanding the entitlement and making a real decision, not simply clearing a queue. When the process becomes too complex, it stops reducing privilege and starts producing audit theatre.
- Standing Privilege: Persistent elevated access that remains in place after the immediate task is finished. Standing privilege is risky because it expands the time window in which a compromised account or a poor approval decision can be abused, and it often becomes the default condition when governance processes are weak or burdensome.
- Agent Governance: The policies, approvals, and monitoring controls that define what an autonomous system can do, who can delegate to it, and how its access is constrained. In this context, agent governance is only as strong as the human identity and approval processes that create the agent's starting privileges.
What's in the full article
Clear Skye's full blog post covers the operational detail this post intentionally leaves for the source:
- How Clear Skye frames workforce identity workflows inside ServiceNow for day-to-day access administration.
- The specific usability arguments it makes for reducing certification friction and help desk dependence.
- The article's full discussion of ServiceNow's AI Control Tower direction and its relevance to machine and non-human identity governance.
- The broader sequence Clear Skye recommends for organisations balancing human identity cleanup with emerging AI oversight.
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or governance in your organisation, it is worth exploring.
Published by the NHIMG editorial team on 2026-06-24.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org