Subscribe to the Non-Human & AI Identity Journal

Forums
The Non-Human & AI ...
Agentic AI, AI Agen...
Model context proto...
 
Notifications
Clear all

Model context protocol and A2A: what changes for IAM teams?

 
    Last Post
  RSS

 NHI Mgmt Group
(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 4368
Topic starter 10/06/2026 11:30 pm  

TL;DR: Model Context Protocol and Agent2Agent protocols let foundation models move from answering questions to taking actions across tools and data sources, which Collibra argues raises the stakes for governed data, cross-functional use cases, and approved AI actions. The core issue is no longer model capability alone, but whether identity, data, and task context are controlled before AI systems can act.

NHIMG editorial — based on content published by Collibra: analysis of Model Context Protocol, Agent2Agent, and AI governance

Questions worth separating out

Q: How should security teams govern AI agents that can use enterprise tools?

A: Security teams should govern AI agents as delegated actors, not as simple chat interfaces.

Q: Why do data quality and access governance matter so much for AI systems?

A: Because AI output is only as trustworthy as the data it can reach and the context it is allowed to use.

Q: What breaks when AI workflow approval is left informal?

A: Informal approval breaks accountability.

Practitioner guidance

  • Classify every MCP-connected tool as a governed action endpoint Map each tool the model can reach to its data sensitivity, action type, and approval requirement.
  • Require business-context approval before enabling agent workflows Tie each AI use case to an approved business objective, accountable owner, and permitted action scope.
  • Track agent-to-agent delegation as a governance event Log every handoff between agents, including the source context, destination agent, and resulting action.

What's in the full article

Collibra's full article covers the operational detail this post intentionally leaves for the source:

  • The article expands on how model access to Gmail, JIRA, Confluence, and similar systems changes the control surface for AI.
  • It lays out the author’s own framing of the data and business-case “bookends” that make AI initiatives viable.
  • It provides the original argument for why AI actions taken on behalf of a human must be understood and approved in context.
  • It closes with the source author's perspective on building these controls scalably inside enterprise workflows.

👉 Read Collibra's analysis of Model Context Protocol and AI governance →

Model context protocol and A2A: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
Topic Tags
collibra model-context-protocol agentic-ai-governance delegated-access identity-controls
Forum Jump:
  Previous Topic
Next Topic  
Related Topics
Topic Tags:  collibra (9) , model-context-protocol (31) , agentic-ai-governance (3) , delegated-access (30) , identity-controls (13) ,
Share:

#1 Authority in NHI Education, Research and Advisory, empowering organizations to tackle the critical risks posed by Non-Human Identities (NHIs), including AI Agents.

Get in Touch

Quick Links

Legal & Policies

©2025 NHIMG. All right reserved.