Topic Hub
Governing AI Systems That Can Act
Governed agentic AI is the discipline of giving an AI system bounded authority to act — access tools, touch data, execute workflows, make decisions — and building the controls that keep that authority accountable. It is a different problem from model safety or content moderation. Once a system can act on an organization's behalf, the question stops being "is the output correct" and becomes "was this action authorized, bounded, evidenced, and reviewable."
That shift is why AI governance increasingly has to be agent governance, not only model governance. Most enterprise AI programs still govern models: evaluation, red-teaming, policy review. Few yet govern agents: authority, delegation, runtime enforcement, and human accountability at the moment of action. This hub collects Michael's applied thinking on that gap, developed through building agentic systems in high-consequence environments and through the Agent Delegation Contract, a working specification for making agent authority explicit and enforceable.
Core Thesis
Authority Is the Missing Layer
A prompt describes intent. It does not define what an agent may do, on whose behalf, within what boundary, or what happens when the agent reaches the edge of its authority. Enterprises adopting agentic AI without an explicit authority model are not skipping a nice-to-have control — they are running production systems with an accountability gap that only becomes visible after something goes wrong.
Closing that gap requires four things working together: an explicit statement of what an agent may do (delegation), a way to verify that boundary at runtime rather than assume it (enforcement), a record that survives the moment the agent acted (evidence), and a clear point where a human is accountable for the outcome (oversight). Each is addressed separately in the essays below; together they are the argument this hub makes.
Key Concepts
The Vocabulary of This Work
Authority and Delegation
What an agent is permitted to do, on whose behalf, and within what boundary — stated explicitly rather than inferred from a prompt.
The Agent Delegation Contract
An evolving specification Michael is developing for expressing authority, delegation, constraints, evidence, and accountability in agentic systems.
View the Agent Delegation Contract specification →Runtime Enforcement, Not Just Policy
A written policy an agent cannot violate by design is a control. A written policy nothing checks is a document.
Evidence and Traceability
A record of what an agent was authorized to do and why it acted, produced at the moment of the decision — not reconstructed after an incident.
Human Accountability
A named point at which a human owns the outcome of delegated work, even when the work itself was performed by a machine.
Relevant Experience
This thinking is grounded in two decades of building and governing systems where authority and accountability had to be explicit: leading national cyber-analytics programs at Raytheon supporting DHS and CISA, running global OT cybersecurity at Honeywell, and now leading Critical Services as CTO and GM at Plurilock while building applied agentic-governance prototypes through R2 Advisory.
Essential Reading
A Suggested Reading Sequence
Start Here
Why AI Agents Need Contracts, Not Just Prompts
Prompts describe intent. Enterprises need contracts that define authority, boundaries, evidence, escalation, and accountability for delegated machine work. The Agent Delegation Contract is one emerging expression of that need.
Core Framework
The Agentic Enterprise
Enterprises are moving from AI as a tool to AI as a delegated actor. Most operating models are built to manage people, applications, and vendors, not machine actors that accept work and produce effects.
Technical Implications
Cybersecurity in the Agentic Enterprise
In the agentic enterprise, the security question is no longer only who accessed what. It is what an authorized machine actor is allowed to decide and do right now. Security becomes the enforcement layer for delegated authority.
Accountability and Trust
Trust Architecture for AI-Native Organizations
Trust in the AI-native enterprise is not a policy statement or a compliance posture. It is engineered through identity, authority, provenance, evidence, memory, observability, escalation, and fail-safe control, the connective tissue among cyber, governance, data, and the operating model.
Board and Executive Lens
AI Governance at the Board Level: What Directors Need to Know
Board-level engagement with AI governance has followed the familiar pattern of board-level engagement with cybersecurity a decade ago. The regulatory signal is already visible to anyone watching closely.
Applied Perspective
Secure AI Transformation: What It Actually Takes
Secure AI transformation is the organizational process of adopting AI capabilities in a way that does not create new and unmanaged risk while acquiring new capability. Most enterprises are accumulating risk faster than they are building the capacity to manage it.
Where This Is Applied
This thinking is not theoretical — it directly informs Michael’s current work on Governed Agentic Systems.
Related topic hubs: Cybersecurity and Mission Systems