AI agent governance: are your runtime controls keeping up?

TL;DR: AI agents can reply to emails, write code, grant access, and trigger downstream actions without built-in security policies, which is why Zenity frames Gartner’s AI TRiSM as a practical way to govern visibility, accountability, and runtime enforcement across the agent stack. The critical gap is that traditional IAM and security controls do not reliably govern autonomous behaviour once agents start acting across tools and data sources.

NHIMG editorial — based on content published by Zenity: How Zenity Helps Enterprises Apply AI TRiSM to AI Agents

By the numbers:

• 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%).

Questions worth separating out

Q: How should security teams govern AI agents that can access business systems?

A: Security teams should govern AI agents as non-human identities with ownership, scoped permissions, and runtime enforcement.

Q: Why do AI agents complicate IAM and IGA programmes?

A: AI agents complicate IAM and IGA because they are not static users and they do not always behave predictably within a fixed role.

Q: What do teams get wrong about AI agent visibility?

A: Teams often think inventory alone is enough, but visibility without behavioural context does not show what an agent actually did.

Practitioner guidance

• Build an agent inventory with ownership fields Record every AI agent, its business owner, data sources, connected tools, and approved purpose so you can review access and behaviour against a known baseline.
• Separate policy definition from runtime enforcement Define what an agent is allowed to do, then enforce those rules during execution with inspection of inputs, outputs, and function calls.
• Tie agent telemetry to compliance evidence Capture who interacted with each agent, what data it touched, and which downstream tools it invoked, then retain that evidence for audit and incident response.

What's in the full article

Zenity's full article covers the operational detail this post intentionally leaves for the source:

• How Zenity maps AI TRiSM into five layers and where its governance and runtime modules sit within that model.
• Examples of agent misconfigurations, unauthorized function calls, and runtime detections that the article uses to illustrate enforcement.
• Specific ways Zenity ties posture findings to detection and response workflows across enterprise tools.
• The vendor's framing of how AI observability supports attestation, approval, and compliance reporting for AI usage.

👉 Read Zenity's analysis of AI TRiSM for AI agent governance →

AI agent governance: are your runtime controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →