Resources/Glossary
Glossary

AI Governance Terms, Defined

Plain-English definitions of every key term in AI agent governance, security, and observability. 21 terms, built for enterprise security and compliance teams.

AI Agent

Core Concepts

An AI agent is an autonomous software system powered by a large language model (LLM) that can perceive its environment, reason about a goal, and take actions — such as calling APIs, reading files, writing code, or sending communications — to accomplish that goal without step-by-step human instruction. Unlike a chatbot that only responds to direct queries, an AI agent plans and executes multi-step workflows independently.

Related:LLMMulti-Agent SystemAgentic AI

AI Governance

Core Concepts

AI governance is the set of policies, controls, processes, and oversight mechanisms an organization uses to ensure its AI systems — particularly autonomous AI agents — behave safely, reliably, and in compliance with business and regulatory requirements. It covers the full lifecycle: from who can deploy an agent, to what policies govern its actions, to how incidents are investigated and remediated.

Related:AI Policy EnforcementAI ComplianceShadow AI

AI Observability

Core Concepts

AI observability is the ability to understand the internal state and behavior of an AI agent system by examining its outputs: execution traces, structured logs, metrics, and events. It answers three questions: What is the agent doing right now? Why did it make a specific decision? What did it do historically? Without observability, AI agents are black boxes — ungovernable and unauditable.

Related:Execution TraceAudit TrailAI Agent Monitoring

Shadow AI

Security & Risk

Shadow AI refers to AI tools, models, or autonomous agents deployed and used within an organization without the knowledge, approval, or oversight of IT, security, or governance teams. It is the AI-native evolution of 'shadow IT.' Shadow AI is particularly dangerous because AI agents can autonomously process sensitive data and take consequential actions — all outside any governance or compliance framework.

Related:AI Agent DiscoveryShadow ITAI Risk

Prompt Injection

Security & Risk

Prompt injection is an attack where malicious instructions are embedded inside content that an AI agent processes — a document, webpage, email, or database record. When the agent reads that content, it may treat the embedded instructions as legitimate commands and execute them. Unlike traditional injection attacks that require technical knowledge, prompt injection can be executed by anyone who can write text in any field the agent reads.

Related:AI SecurityLLM SecurityGuardrails

LLM (Large Language Model)

Core Concepts

A large language model is a deep learning model trained on massive datasets of text to understand, generate, and reason about natural language. LLMs like GPT-4, Claude, Gemini, and Llama are the reasoning engines that power most AI agents. An LLM itself is stateless and does not take actions — it requires an agent framework around it to perceive inputs, use tools, and take actions in the world.

Related:AI AgentFoundation ModelInference

Agentic AI

Core Concepts

Agentic AI refers to AI systems that operate with a degree of autonomy — they receive a high-level goal, plan a sequence of steps to achieve it, and execute those steps using available tools and resources without requiring human input at each step. Agentic AI systems contrast with conversational AI (chatbots) that only respond to direct queries. The term is often used interchangeably with 'AI agent.'

Related:AI AgentAutonomous AIMulti-Agent System

Multi-Agent System

Core Concepts

A multi-agent system is an AI architecture where multiple specialized AI agents collaborate to complete a complex task. One agent may orchestrate the workflow, delegating subtasks to specialized agents (a research agent, a writing agent, a code agent). Multi-agent systems increase the scope of what AI can accomplish — and proportionally increase the governance complexity, since each agent in the network must be individually observed and controlled.

Related:AI AgentOrchestrationAI Governance

RAG (Retrieval-Augmented Generation)

Core Concepts

Retrieval-Augmented Generation is a technique where an AI system retrieves relevant documents or data from a knowledge base and includes them in the model's context before generating a response. RAG allows AI agents to answer questions grounded in up-to-date or proprietary information without retraining the model. From a governance perspective, RAG introduces data access risk — the agent must have access to the knowledge base, which may contain sensitive information.

Related:LLMVector DatabaseData Access Controls

Policy Enforcement

Governance & Compliance

In the context of AI governance, policy enforcement refers to the automated evaluation of AI agent actions against defined organizational policies — and the ability to allow, block, flag, or route those actions to human review in real time, before the agent executes them. Effective enforcement happens at inference time, not retrospectively after logs are reviewed.

Related:AI GovernanceGuardrailsHuman-in-the-Loop

ISO 42001:2023

Governance & Compliance

ISO 42001:2023 is the world's first international standard for AI Management Systems (AIMS), published by the International Organization for Standardization in December 2023. It provides organizations with a structured framework for responsible AI development, deployment, and governance — covering AI risk assessment, transparency, human oversight, impact assessment, and lifecycle management. Unlike ISO 27001 (information security) or SOC 2 (service organization controls), ISO 42001 was purpose-built for AI. Organizations can pursue third-party certification to demonstrate their AI governance program meets the standard. For enterprises deploying AI agents, ISO 42001 is the foundational compliance standard — it is the AI governance equivalent of ISO 27001 for information security.

Related:AI GovernancePolicy EnforcementHuman-in-the-LoopEU AI Act

Guardrails

Governance & Compliance

Guardrails are technical controls that constrain AI agent behavior — preventing the model from producing outputs or taking actions outside an acceptable boundary. Guardrails can be implemented at the model level (system prompts, fine-tuning), at the inference layer (output classifiers), or at the infrastructure layer (tool call authorization, policy enforcement platforms). Infrastructure-level guardrails are generally more reliable because they work even if the model is jailbroken.

Related:Policy EnforcementAI SafetyPrompt Injection

Human-in-the-Loop (HITL)

Governance & Compliance

Human-in-the-loop is an AI system design pattern where human judgment is required at one or more points in an AI agent's decision process — particularly before taking high-risk or irreversible actions. A well-designed HITL system routes borderline or high-stakes actions to a human review queue rather than either blocking them entirely or allowing them without oversight. HITL is a key component of responsible AI governance for consequential use cases.

Related:Policy EnforcementAI GovernanceRisk Management

Zero-Trust AI

Security & Risk

Zero-trust AI applies the zero-trust security principle — 'never trust, always verify' — to AI agent systems. Rather than assuming an AI agent will behave as designed, zero-trust AI requires every agent action to be explicitly authorized, every data access to be scoped and logged, and every output to be validated before it takes effect. Zero-trust AI is the security architecture standard for enterprise AI deployments.

Related:AI SecurityPolicy EnforcementLeast Privilege

Execution Trace

Observability & Monitoring

An execution trace is a complete, chronological record of every step an AI agent took during a session or task — the inputs received, the reasoning performed, the tools called and their results, and the final output. Traces are the primary instrument for understanding agent behavior, debugging unexpected outcomes, and providing audit evidence for compliance requirements.

Related:AI ObservabilityAudit TrailSession Replay

Audit Trail

Governance & Compliance

An audit trail is a chronological, tamper-proof log of all actions taken by an AI agent — who invoked it, what data it accessed, what tools it called, what outputs it produced, and what policies were evaluated. An immutable audit trail is required for compliance frameworks including SOC 2, HIPAA, ISO 27001, and the EU AI Act. Without an audit trail, organizations cannot demonstrate to regulators or auditors that AI systems operated as intended.

Related:Execution TraceAI ComplianceAI Observability

Data Loss Prevention (DLP) for AI

Security & Risk

AI DLP refers to controls that prevent sensitive data from leaving an organization's control through AI agent operations — preventing agents from including PII, credentials, trade secrets, or regulated data in prompts sent to external model providers, or from outputting such data to unauthorized destinations. AI DLP operates at the model boundary, not just the network perimeter.

Related:PII DetectionAI SecurityData Governance

PII Detection

Security & Risk

PII detection is the automated identification of personally identifiable information — names, email addresses, social security numbers, health records, financial account numbers — within AI agent inputs or outputs. In enterprise AI governance, PII detection is used to prevent agents from inadvertently sending personal data to external AI providers, logging sensitive data in traces, or including protected information in outputs delivered to unauthorized parties.

Related:Data Loss PreventionGDPRAI Security

Agent Discovery

Governance & Compliance

Agent discovery is the process of automatically identifying and inventorying every AI agent running within an enterprise environment — including cloud-hosted agents, on-premises deployments, embedded AI features within SaaS applications, and shadow AI deployments. Continuous agent discovery is the foundation of AI governance: you cannot govern, secure, or audit agents you don't know about.

Related:Shadow AIAI Asset InventoryAI Governance

On-Premises AI Agent

Infrastructure

An on-premises AI agent is an autonomous AI system that runs entirely within an organization's own infrastructure, using locally-hosted models (such as Ollama, vLLM, NVIDIA NIM, or PrivateGPT) rather than cloud-based AI providers. On-premises deployments are used when data sovereignty, regulatory requirements, or latency considerations require that AI processing occur without data leaving organizational control. They require the same governance controls as cloud AI — but are often less visible to central security teams.

Related:OllamavLLMAI GovernanceShadow AI

Jailbreaking (AI)

Security & Risk

AI jailbreaking refers to the use of adversarial prompts or techniques to bypass a model's built-in safety behaviors, causing it to produce outputs or take actions it was trained to refuse. In enterprise agent contexts, a successful jailbreak is particularly dangerous because the agent has real tool access — a jailbroken enterprise agent can take harmful actions in connected systems, not just produce harmful text.

Related:Prompt InjectionGuardrailsAI Security