The Standard
The 841 Dimensions Regulatory Mapping Version History Assurance Framework Scoring Methodology
Compliance
Compliance Leaderboard Platform Comparison
Verification
Submit for Verification Self-Assessment Tool
About
About AgentGoverning Press & Media
Contact
Contact
THE STANDARD

The 841 Dimensions of AI Agent Governance

Agent Governing Standard — AGS v2.2 — Published April 2026

AGS v2.2 is the first independently published standard for AI agent governance. Regulators, compliance teams, and enterprise procurement teams reference AGS v2.2 when evaluating AI agent deployments. No purchase required. No vendor relationship required. The standard is free.

↓ Download CSV (841 dimensions)
Showing 60 of 841 dimensions
Certification Tiers
Foundation
AG-1 through AG-24 scored at 2+
View Groups A–D →
Advanced
AG-1 through AG-35 scored at 2+
View Groups E–F →
Comprehensive
All 841 dimensions scored at 2+
View all 841 dimensions →
Verified
All 841 dimensions independently verified
Request verification →
0 Not implemented
1 Partial
2 Full
3 Independently verified
All 841 Dimensions
A
Core Governance Controls
AG-01 – AG-08
AG-01
Operational Boundary Enforcement
Hard limits on agent actions within defined mandate
SOXNIST
Read Full Protocol →
AG-02
Cross-Domain Activity Governance
Cross-domain combination attack detection
NISTEU AI Act
Read Full Protocol →
AG-03
Adversarial Coordination Detection
Multi-agent ring and collusion detection
AMLDFCA
Read Full Protocol →
AG-04
Action Rate Governance
Overlapping window velocity controls
SOXFCA
Read Full Protocol →
AG-05
Instruction Integrity Verification
Prompt injection and instruction override resistance
NISTEU AI Act
Read Full Protocol →
AG-06
Tamper-Evident Record Integrity
Cryptographic hash-chained audit trail
SOXISO 27001GDPR
Read Full Protocol →
AG-07
Governance Configuration Control
Mandate versioning, rollback, change attribution
ISO 27001NIST
Read Full Protocol →
AG-08
Governance Continuity Under Failure
Fail-closed degraded mode behaviour
NISTISO 27001
Read Full Protocol →
B
Identity, Authority & Data Governance
AG-09 – AG-16
AG-09
Delegated Authority Governance
Sub-agent mandate inheritance and circular delegation detection
SOXFCA
Read Full Protocol →
AG-10
Time-Bounded Authority Enforcement
Hard mandate expiry with server-authoritative time
SOXNIST
Read Full Protocol →
AG-11
Action Reversibility & Settlement
Reversal handlers, idempotency, ghost position detection
SOXFCA
Read Full Protocol →
AG-12
Agent Identity Assurance
Cryptographic agent authentication and replay prevention
eIDASISO 27001NIST
Read Full Protocol →
AG-13
Data Sensitivity & Exfiltration Prevention
Classification enforcement and outbound PII blocking
GDPRISO 27001
Read Full Protocol →
AG-14
External Dependency Integrity
Tool response validation and behavioural fingerprinting
NISTISO 27001
Read Full Protocol →
AG-15
Organisational Namespace Isolation
Cross-tenant access blocking and security event logging
ISO 27001GDPR
Read Full Protocol →
AG-16
Cryptographic Action Attribution
HMAC-signed non-repudiation for every governance decision
SOXeIDASISO 27001
Read Full Protocol →
C
Multi-Party Governance
AG-17
AG-17
Multi-Party Authorisation Governance
Quorum voting, deadlock prevention, timeout escalation
SOXFCANIST
Read Full Protocol →
D
Output, Oversight & Compliance
AG-18 – AG-24
AG-18
Output Integrity Verification
Agent output validation against reference data
NISTEU AI Act
Read Full Protocol →
AG-19
Mandatory Human Oversight Enforcement
Hard-stop escalation with block-on-timeout
EU AI ActFCASOX
Read Full Protocol →
AG-20
Purpose-Bound Operation Enforcement
Cross-purpose data reuse detection and blocking
GDPREU AI Act
Read Full Protocol →
AG-21
Regulatory Obligation Identification
Reportable event detection and suppression prevention
SOXFCAAMLD
Read Full Protocol →
AG-22
Behavioural Consistency Monitoring
Baseline drift detection with re-approval triggers
EU AI ActNIST
Read Full Protocol →
AG-23
Resource Consumption Governance
Per-agent token and cost budget enforcement
SOX
Read Full Protocol →
AG-24
Authorised Learning Governance
Sandboxed learning with rollback capability
EU AI ActNIST
Read Full Protocol →
E
Adversarial & Evasion Detection
AG-25 – AG-30
AG-25
Transaction Structuring Detection
Smurfing and threshold circumvention detection
AMLDFCASOX
Read Full Protocol →
AG-26
Incremental Authority Escalation Detection
Trajectory monitoring of authority creep
NISTSOX
Read Full Protocol →
AG-27
Governance Override Resistance
Architectural isolation of governance layer
NISTISO 27001
Read Full Protocol →
AG-28
Active Inter-Agent Collusion Detection
Real-time cross-agent correlation
AMLDFCA
Read Full Protocol →
AG-29
Credential Integrity Verification
Credential anomaly and simultaneous-use detection
eIDASISO 27001
Read Full Protocol →
AG-30
Temporal Exploitation Detection
Off-hours and low-oversight period detection
SOXFCA
Read Full Protocol →
F
Boundary & Privilege Escalation
AG-31 – AG-35
AG-31
Code Execution Boundary Enforcement
Sandbox-to-production escalation prevention
NISTISO 27001
Read Full Protocol →
AG-32
Sequential Data Extraction Detection
Cumulative extraction scope tracking
GDPRISO 27001
Read Full Protocol →
AG-33
Implied Authority Detection
Communication authority claim validation
FCASOX
Read Full Protocol →
AG-34
Cross-Domain Boundary Enforcement
Maximum-of-domains aggregate exposure limits
NISTISO 27001
Read Full Protocol →
AG-35
Cumulative Privilege Acquisition Detection
Privilege ceiling enforcement with trajectory monitoring
NISTSOX
Read Full Protocol →
G
Alignment & Deception
AG-36 – AG-39
AG-36
Reasoning Process Integrity
Rationalisation detection and reasoning consistency
EU AI ActNIST
Read Full Protocol →
AG-37
Objective Alignment Verification
Declared vs inferred goal drift detection
EU AI Act
Read Full Protocol →
AG-38
Human Control Responsiveness
Override compliance and shutdown verification
EU AI ActNIST
Read Full Protocol →
AG-39
Active Deception & Concealment Detection
Observation-aware behaviour modification detection
EU AI Act
Read Full Protocol →
H
Emergent Capability & Self-Modification
AG-40 – AG-43
AG-40
Knowledge Accumulation Governance
Memory write governance and prohibited knowledge enforcement
GDPREU AI Act
Read Full Protocol →
AG-41
Emergent Capability Detection
Capability baseline monitoring with quarantine
EU AI ActNIST
Read Full Protocol →
AG-42
Collective Intelligence Governance
Coalition capability assessment and AGI-threshold detection
EU AI Act
Read Full Protocol →
AG-43
Unauthorised Modification Detection
Self-modification detection across four vectors
NISTISO 27001
Read Full Protocol →
I
Strategic & Environmental Threats
AG-44 – AG-46
AG-44
Long-Horizon Attack Strategy Detection
Multi-day campaign and governance fatigue detection
NISTISO 27001
Read Full Protocol →
AG-45
Economic Incentive Alignment Verification
Reward structure alignment with governance constraints
FCASOX
Read Full Protocol →
AG-46
Operating Environment Integrity
DNS, network route, and configuration tampering detection
NISTISO 27001
Read Full Protocol →
J
Jurisdiction, Provenance & Physical Impact
AG-47 – AG-50
AG-47
Cross-Jurisdiction Compliance Governance
Multi-regime conflict resolution with sanctions screening
GDPRAMLDFCA
Read Full Protocol →
AG-48
AI Model Provenance & Integrity
Model hash verification and behavioural fingerprinting
EU AI ActNIST
Read Full Protocol →
AG-49
Governance Decision Explainability
Human-readable tiered explanation generation
EU AI ActGDPR
Read Full Protocol →
AG-50
Physical & Real-World Impact Governance
Hardware-layer governors and irreversibility assessment
EU AI ActNISTISO 27001
Read Full Protocol →
K
Lifecycle & Deployment Governance
AG-51 – AG-56, AG-60
AG-51
Lifecycle Risk Assessment Governance
Continuous iterative risk assessment throughout the full agent lifecycle
EU AI ActNISTISO 42001
Read Full Protocol →
AG-52
Automation Bias Prevention
Preserving genuine human decision-making against performative oversight
EU AI ActFCA
Read Full Protocol →
AG-53
Post-Market Monitoring & Incident Reporting
Continuous performance tracking with regulatory incident escalation
EU AI ActGDPR
Read Full Protocol →
AG-54
Idempotency & Duplicate Execution Prevention
Idempotency keys and deduplication for all external-effect actions
PSD2ISO 20022
Read Full Protocol →
AG-55
Cascading Failure Containment
Circuit breakers and causal dependency graphs for multi-agent failure isolation
EU AI ActDORANIST
Read Full Protocol →
AG-56
TOCTOU Race Condition Governance
Atomic check-and-act operations preventing time-of-check to time-of-use exploits
ISO 27001PCI DSSNIST
Read Full Protocol →
AG-60
Agent Deployment Authorisation Gates
Pre-deployment governance gates with named responsible person sign-off
EU AI ActSR 11-7FCA
Read Full Protocol →
L
Multi-Agent Trust Infrastructure
AG-57 – AG-59
AG-57
Delegation Chain Depth & Authority Attenuation
Authority diminishment through delegation chains with depth limits
EU AI ActFCASOX
Read Full Protocol →
AG-58
Inter-Agent Trust Scoring
Dynamic behavioural trust scores with decay, degradation, and recovery
NISTISO 27001EU AI Act
Read Full Protocol →
AG-59
Indirect Prompt Injection via Tool Outputs
Sanitisation and detection of instruction-like content in tool outputs
OWASPNISTEU AI Act
Read Full Protocol →