AI Governance Library

Model AI Governance Framework for Agentic AI (Version 1.0)

Agentic AI systems can plan, act, and interact with other systems to achieve goals on behalf of humans. These capabilities introduce new risks that require adapted governance, accountability, and technical controls across the full AI lifecycle.
Jakub Szarmach
3 min read
Model AI Governance Framework for Agentic AI (Version 1.0)
MODEL AI GOVERNANCE FRAMEWORK FOR AGENTIC AI
MODEL AI GOVERNANCE FRAMEWORK FOR AGENTIC AI.pdf
1 MB
download-circle

⚡ Quick Summary

The Model AI Governance Framework for Agentic AI is a practical governance blueprint for organisations deploying AI agents with autonomy and action-taking capabilities. Building on earlier trusted AI frameworks, it translates high-level principles like accountability, oversight, and risk management into concrete practices tailored to agentic systems. The document recognises that agents are no longer passive generators of content, but active participants in workflows, capable of triggering real-world effects. It proposes a four-pillar framework covering upfront risk assessment, human accountability, technical controls, and end-user responsibility. The strength of the framework lies in its operational focus: it moves beyond ethics statements and addresses how organisations should actually design, deploy, monitor, and govern agents in complex, evolving environments. It is explicitly written as a “living document”, encouraging adaptation as agentic AI capabilities mature.

🧩 What’s Covered

The framework starts with a clear explanation of what distinguishes agentic AI from traditional LLM-based applications, including planning, tool use, memory, protocols, and multi-agent configurations. It explains how design choices around autonomy and action-space directly affect risk profiles, particularly when agents can write to databases, access external systems, or operate computer interfaces.

A substantial section is dedicated to risk analysis. The document identifies both familiar AI risks (hallucinations, bias, data leakage) and new system-level risks such as cascading failures, emergent behaviour in multi-agent systems, and unpredictable interactions across agents. It provides structured guidance on assessing suitability of use cases by evaluating impact, likelihood, reversibility of actions, task complexity, and exposure to external systems.

The core of the framework is organised around four governance dimensions. First, organisations are guided on how to assess and bound risks upfront through careful use-case selection, agent limits, least-privilege access, SOP-driven workflows, and emerging approaches to agent identity and permissions. Second, it addresses human accountability, proposing clear allocation of responsibilities across internal teams and external vendors, while adapting human-in-the-loop models to counter automation bias. Third, it details technical controls across the lifecycle, including agent-specific testing, workflow-level evaluations, monitoring, anomaly detection, and gradual rollout strategies. Finally, it focuses on enabling end-user responsibility through transparency, training, and differentiated approaches for external-facing users versus internal users integrating agents into workflows.

💡 Why it matters?

Agentic AI shifts risk from “wrong answers” to “wrong actions”. This framework is one of the clearest attempts to operationalise AI governance for systems that can act, adapt, and collaborate at machine speed. For organisations experimenting with autonomous agents, it offers a concrete way to remain accountable, compliant, and resilient without freezing innovation. It also aligns well with emerging regulatory expectations around human oversight, risk management, and traceability, making it especially relevant for regulated industries and large enterprises.

❓ What’s Missing

The framework deliberately avoids hard legal mapping to specific jurisdictions, which limits its immediate use as a compliance checklist (e.g. EU AI Act alignment). It also leaves many implementation challenges open, particularly around dynamic agent identity, delegation chains, and liability allocation in complex multi-agent systems. While examples are referenced, more detailed case studies would strengthen its practical applicability, especially for smaller organisations with limited governance maturity.

👥 Best For

AI governance leads, risk and compliance teams, security architects, and product owners responsible for deploying or overseeing agentic AI systems. It is particularly valuable for organisations moving from experimentation to scaled deployment of autonomous agents.

📄 Source Details

Model AI Governance Framework for Agentic AI, Version 1.0, published January 2026 by the Infocomm Media Development Authority (IMDA), Singapore. 

📝 Thanks to

IMDA and the contributing public-sector and industry partners who distilled emerging agentic AI practices into a structured, deployable governance model.

Framework
About the author
Jakub Szarmach

Jakub Szarmach

Read next

The NSW AI Assessment Framework (2024)

The AI Regulatory Capability Framework and Self-Assessment Tool

Strengthening AI Governance Through Techno-Legal Framework

Securing AI in the Supply Chain: A Comprehensive Guide to Third-Party AI Risk Assessment

Claude’s Constitution

AI Governance Library

Curated Library of AI Governance Resources

AI Governance Library

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to AI Governance Library.

Your link has expired.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.