COMPEL Specialization — AITM-AAG: Agentic AI Governance AssociateArtifact Template 1 of 1
How to use this template
Populate one charter per agent. The charter is the short companion to the full Agent Governance Pack (Article 14) and carries the six fields most commonly consulted during incident, audit, and change-review. A complete charter can be read in ten minutes and is the first artifact the incident commander, internal auditor, or regulator sees. Longer, more detailed governance artifacts live in the Pack and are linked from each section.
Delete the italicised placeholder text in each field and replace with the agent-specific content. Remove sections that do not apply only after marking them “not applicable” with a one-sentence reason.
Every field is dated. If a field has not been updated in the last twelve months, it is stale and the agent’s owner is responsible for refreshing it.
Agent Governance Charter
0. Charter header
Field
Value
Agent identifier
stable-agent-id (e.g., finance-research-v3)
Public name
the name shown to users, if any
Deployment environment
production / staging / internal / customer-facing / mixed
Charter version
1.0
Last updated
YYYY-MM-DD
Next scheduled review
YYYY-MM-DD (per review cadence below)
Owner (role, not person)
role name
Reviewer (governance function)
role name
Reviewer (security function)
role name
Reviewer (legal / privacy function)
role name
1. Purpose and definition
One paragraph (3–5 sentences) describing what the agent does, the problem it addresses, and the intended user. Avoid aspirational language; describe the current deployment, not the vision.
Example: The finance-research-v3 agent retrieves public company filings, internal research notes, and news feeds, synthesises a research summary for internal portfolio managers, and drafts research notes into a shared workspace. The agent does not execute trades, publish externally, or interact directly with customers. It supports portfolio managers in small-cap European equities research.
description of the longest stretch without human approval
Reversibility of actions
read-only / reversible write / irreversible
Tool surface
narrow / medium / broad
Consequence severity
low / medium / high, with specific worst-case noted
Rationale
2–3 sentence justification against the four criteria
Initial classification date
YYYY-MM-DD
Last reclassification
YYYY-MM-DD, trigger
Link to full classification memo in Pack
link
3. Authority chain (Article 4)
Write the authority-chain sentence in full, naming the five components.
Template: The [agent identifier] is authorised, by delegation from [delegating principal role] exercising [organisational decision right], via [deployment authority role], to act within [action scope].
Example: The finance-research-v3 agent is authorised, by delegation from the Head of Research exercising the research-publication decision right, via the Platform Engineering deployment authority, to act within [retrieve public filings; retrieve internal research notes; retrieve subscription news feed; write drafts to the research workspace; send notification emails to research-team members].
Any action outside the action scope is prohibited and is detected by the observability stack (Section 6) and logged as a governance event (Section 7).
Field
Value
Link to full authority-chain memo in Pack
link
4. Tools allowed (Article 6)
Every tool the agent may call is listed. Tools not on the list are not callable regardless of how the agent reasons about them. Changes to this list are governance changes that trigger reclassification.
7. Escalation triggers and human-in-the-loop matrix (Article 5, Article 11)
7.1 Escalation triggers
Trigger
Severity
First responder (role)
Secondary (role)
Escalation time target
anomalous tool-call pattern
medium
operations monitor
security operations
30 minutes
memory-write schema violation
medium
operations monitor
agent owner
2 hours
unauthorised tool-call attempt
high
security operations
stop-go authority
10 minutes
kill-switch triggered
high
stop-go authority
agent owner; executive sponsor
immediate
user complaint alleging wrong output
medium
primary reviewer
agent owner
24 hours
counterparty incident notification
high
agent owner
legal / privacy; executive sponsor
1 hour
regulatory inquiry
high
legal / privacy
executive sponsor; agent owner
immediate
7.2 Human-in-the-loop matrix
A short matrix indicating, per action class, the oversight mode applied. Fuller detail is in Section 5 of the Pack; the summary below is the charter view.
Action class
Oversight mode
Operator role
Notes
external read
post-hoc sampling
operations monitor
memory write (persistent)
runtime intervention + post-hoc
operations monitor
draft to workspace
post-hoc
primary reviewer
email alert dispatch
pre-authorisation
primary reviewer
irreversible action (if any)
pre-authorisation + stop-go
stop-go authority
8. Kill-switch specification (Article 11)
Field
Value
Mechanism
description (e.g., token revocation; process kill; control-loop pause; network isolation)
Describe any special containment boundaries — network, filesystem, tool-scope, time-budget, memory-scope. Reference the containment design in the Pack for full detail.
9. Risk register summary (Article 9)
Categories marked “live” apply to this agent; categories marked “not applicable” have a reason given.
Category
Status
Primary control reference
Goal mis-specification
live / N/A
Section 1 purpose; review cadence
Reward hacking
live / N/A
evaluation design in Pack
Tool misuse
live / N/A
Section 4 tool specifications
Memory poisoning
live / N/A
Section 5 memory defences
Runaway behaviour
live / N/A
Section 8 time/step budgets
Collusion / deception
live / N/A
MAS posture in Pack (if applicable)
Resource exhaustion
live / N/A
Section 4 rate/cost caps
Hallucination cascade
live / N/A
grounding and disclosure design in Pack
10. Regulatory posture (Article 12)
Framework
Applicable?
Primary obligations
EU AI Act Article 14
yes / no
oversight design per Section 7
EU AI Act Article 15
yes / no
accuracy, robustness, cybersecurity per Pack
EU AI Act Article 26
yes / no (if high-risk deployer)
deployer obligations per Pack
EU AI Act Article 50
yes / no (user-facing)
AI disclosure posture
EU AI Act Article 52
yes / no
manipulation / emotion-recognition screen
NIST AI RMF
yes
GOVERN / MAP / MEASURE / MANAGE mapping in Pack
ISO/IEC 42001
yes if certified
clause mapping in Pack
Sector-specific rules
yes / no; name the rule
link to mapping in Pack
Field
Value
Link to full regulatory mapping in Pack
link
Last regulatory-posture review
YYYY-MM-DD
11. Cross-organisational posture (Article 13)
Counterparty
Nature of interaction
Contract reference
Audit reciprocity
Incident notification window
none (internal only)
counterparty name / type
e.g., tool provider; supply-chain agent
contract ID
yes / no
e.g., 24 hours
12. Change log
Date
Version
Change summary
Trigger
Author (role)
YYYY-MM-DD
1.0
initial charter
onboarding
agent owner
13. Sign-off
By signing below, each reviewer attests that the charter as written accurately represents the current deployment and is consistent with the Agent Governance Pack’s more detailed records. Sign-offs are bound to this charter version; a change that increments the version requires re-sign-off.
Role
Name (redacted in public artifact; keep only role)
Sign-off date
Agent owner
Governance function
Security function
Legal / privacy function
Executive sponsor (high-risk deployments)
Review cadence
Review type
Cadence
Scheduled review
quarterly for Level 3; semi-annual for Level 1–2; monthly for Level 4; event-driven for Level 5
Triggered review
on any change event per Article 14 list
Incident-driven review
on any incident involving this agent
Retention of this charter
The charter is retained for the agent’s deployment life plus the longer of (a) the organisation’s general records-retention policy and (b) any applicable regulatory retention horizon. Superseded versions are retained in the change log; deletion of a superseded version is prohibited absent documented legal-retention-expiry reasoning.
