AI agent governance: are reliability and traceability keeping up?

TL;DR: Governance gaps often stall AI projects before production as organisations scale agents, and Collibra says its Azure AI Foundry integration is designed to bring reliability, traceability and compliance into AI development workflows. The real issue is not faster build cycles, but whether enterprise controls can keep pace with agent behaviour, data use and accountability.

NHIMG editorial — based on content published by Collibra: AI Governance integration with Azure AI Foundry for agentic AI

By the numbers:

• Gartner predicts that by 2027, over 40% of agentic AI projects will be canceled for exactly these reasons.
• While 71% of IT teams have been advised on AI agent data access, only 47% of compliance teams, 39% of legal teams, and 34% of executives have the same visibility.

Questions worth separating out

Q: How should security teams govern AI agents that access enterprise data and tools?

A: Security teams should govern AI agents the same way they govern other high-impact identities: assign ownership, define allowed data and tool access, record lineage, and require change control.

Q: Why do AI agent programmes need traceability before they reach production?

A: Traceability is what lets teams explain what an agent was built to do, what data it used, and who approved it.

Q: What breaks when privacy controls sit outside the AI development workflow?

A: When privacy controls are separate from development, teams create undocumented exceptions, delayed approvals and weak evidence for compliance.

Practitioner guidance

• Register every agent as a governed actor Capture agent type, ownership, underlying model linkage and operational instructions at creation time so governance evidence exists before deployment, not after an incident review.
• Embed policy checks into build workflows Require approved data sets, classification rules and privacy guardrails to be evaluated inside the development pipeline so exceptions do not accumulate outside review.
• Tie traceability to change control Make every model or agent update produce a visible record of input changes, ownership changes and downstream dependencies so reviewers can assess impact quickly.

What's in the full article

Collibra's full analysis covers the operational detail this post intentionally leaves for the source:

• How the Azure AI Foundry integration registers agent metadata, including type, instructions and ownership, for governance use.
• The specific workflow points where policy, privacy and approval controls are applied during AI development.
• Examples of how lineage and dependency records support later investigation of model or agent issues.
• The financial services, supply chain and healthcare scenarios used to illustrate governance and compliance handling.

👉 Read Collibra's analysis of AI agent governance in Azure AI Foundry →

AI agent governance: are reliability and traceability keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →