Enterprise AI Governance Best Practices

| Term or Phrase | Definition |

|—|—|

| AI | Artificial Intelligence; a broad class of technologies that perform tasks commonly associated with human intelligence, such as generating content, classifying information, summarizing content, detecting patterns, making recommendations, supporting decisions, or acting through tools and systems. |

| AI Accountability | The obligation to identify who is responsible for AI use, AI decisions, AI outputs, AI controls, AI risks, AI incidents, and AI-related outcomes. |

| AI Adoption | The process by which an enterprise introduces, approves, deploys, uses, monitors, and improves AI capabilities across business, technology, data, vendor, and operational domains. |

| AI Agent | A governed AI-enabled actor that can pursue a goal, interact with users or systems, use tools, invoke APIs, execute workflows, retain context, produce outputs, or take actions within an approved scope. |

| AI Agent Authority | The approved scope of what an AI Agent is allowed to do, including the systems it may access, tools it may invoke, data it may use, actions it may take, and conditions under which it may operate. |

| AI Agent Inventory | A governed inventory of AI Agents, including their owners, purposes, use cases, authority, autonomy, tools, APIs, systems, data sources, models, prompts, locations, controls, risks, incidents, lifecycle states, and evidence. |

| AI Agent-to-API Permission Mapping | A governed relationship that identifies which APIs, actions, credentials, systems, and permission boundaries apply to an AI Agent. This relationship may be reified as an inventory when it requires approval, evidence, lifecycle state, or periodic review. |

| AI Agent-to-Location Mapping | A governed relationship that identifies where an AI Agent operates, serves users, processes data, affects stakeholders, or is restricted. This relationship may be reified as an inventory when it requires location-specific approval, controls, evidence, effective dates, or review. |

| AI Governance | The discipline of making AI visible, accountable, controlled, monitored, evidenced, compliant, and improvable across its lifecycle. |

| AI Governance Evidence Package | A governed collection of Evidence Records that proves how an AI Use Case, AI Agent, AI Model, AI Prompt, vendor AI capability, control, obligation, risk, incident, or decision was governed. |

| AI Governance Operating Model | The roles, responsibilities, decision rights, workflows, review forums, approvals, escalations, controls, evidence practices, and reporting structures used to operate AI governance. |

| AI Governance Practitioner | A person who helps make AI governance operational by managing inventories, relationships, controls, evidence, risk classifications, reviews, monitoring, incidents, and governance data. |

| AI Incident | An event or condition in which an AI capability behaves, performs, fails, or is used to create actual or potential harm, policy violation, control failure, regulatory exposure, stakeholder impact, operational disruption, security exposure, privacy exposure, or accountability concern. |

| AI Incident Inventory | A governed inventory or connected incident-management view of AI Incidents, including severity, affected AI assets, affected stakeholders, affected locations, root cause, containment, remediation, notification decisions, evidence preservation, and lessons learned. |

| AI Interaction | A user, system, workflow, application, or agent engagement with an AI capability, including prompts, responses, retrieved context, tool calls, outputs, approvals, and resulting actions. |

| AI Interaction Transcript | A retained record of an AI interaction, which may include prompts, responses, messages, context, tool calls, timestamps, users, agent identifiers, model versions, prompt versions, and system actions. |

| AI Literacy | The knowledge and practical understanding needed for users, leaders, and practitioners to use, govern, review, monitor, and escalate AI appropriately. |

| AI Model | A computational model or model-based service used to generate, classify, predict, summarize, recommend, retrieve, transform, or otherwise process information through AI behavior. |

| AI Model Inventory | A governed inventory of AI Models, including source, provider, version, owner, approved uses, limitations, hosting, locations, evaluations, monitoring, risks, and lifecycle state. |

| AI Output | A result produced by AI, including text, code, summaries, classifications, recommendations, predictions, extracted fields, messages, decisions, workflow actions, system updates, images, audio, video, or other generated or AI-assisted artifacts. |

| AI Prompt | A governed instruction, question, template, system message, user message, tool instruction, or context pattern used to influence AI behavior or output. |

| AI Prompt Inventory | A governed inventory of reusable, production, high-risk, or control-relevant AI Prompts, including owner, purpose, version, supported use cases, supported agents, testing, approval, lifecycle state, risks, and evidence. |

| AI Response | The AI-generated reply or result returned in response to an AI Prompt, instruction, query, event, or workflow step. |

| AI Retention Policy | The enterprise policy that defines which AI prompts, responses, outputs, transcripts, tool calls, runtime traces, logs, evidence records, and related artifacts must be retained, purged, or placed under hold. |

| AI Risk | A potential condition, event, behavior, exposure, failure, misuse, or outcome associated with AI that may harm the enterprise, stakeholders, systems, data, operations, reputation, or legal position. |

| AI Risk Inventory | A governed inventory of AI Risks, including risk statements, categories, affected AI assets, likelihood, impact, inherent risk, residual risk, controls, owners, responses, review dates, and evidence. |

| AI Use Case | A defined business, technology, operational, analytical, productivity, vendor, or agentic purpose for which AI is used or proposed. |

| AI Use Case Inventory | A governed inventory of AI Use Cases, including purpose, owner, category, lifecycle state, users, stakeholders, data, vendors, technical assets, locations, risk classification, controls, approvals, and evidence. |

| AI-Enabled Technical Asset | An Application, Platform, Service, API, Workflow, Automation, Job, Script, Vendor Product, Runtime Environment, Tool, or other technical asset that contains, invokes, exposes, hosts, depends on, or operationalizes AI. |

| Agentic AI | AI that can pursue goals, choose or recommend actions, invoke tools, call APIs, execute workflows, interact with systems, or take actions on behalf of a user, process, team, or enterprise function. |

| Application | A software system or user-facing capability that supports business, technology, operational, analytical, or administrative functions. |

| Approval Evidence | Evidence showing that an authorized person, role, governance body, or workflow approved an AI use, AI Agent authority, vendor AI capability, control, exception, risk acceptance, release, or change. |

| Artificial Intelligence | See AI. |

| Auditability | The ability to inspect, reconstruct, test, and verify AI governance decisions, controls, evidence, records, and actions. |

| Autonomy | The degree to which an AI capability, especially an AI Agent, can operate independently without human approval or direct intervention. |

| Business Record | A record that must be retained because it documents enterprise activity, decisions, obligations, communications, transactions, approvals, incidents, or other business-relevant facts. |

| Change Trigger | An event or condition that requires AI governance reassessment, such as changes to models, prompts, data sources, vendors, locations, regulations, controls, agent authority, output use, incidents, or risk classification. |

| Classification | The assignment of governance attributes, such as category, risk tier, lifecycle state, data sensitivity, stakeholder impact, regulatory applicability, or approval status. |

| Confidential Information | Information that the enterprise must protect from unauthorized access, disclosure, retention, use, or transfer because of business, legal, contractual, privacy, security, or regulatory requirements. |

| Content Provenance | The ability to understand where AI-generated or AI-assisted content came from, what sources influenced it, which model and prompt were used, who reviewed it, and how it changed over time. |

| Continuous Compliance | The practice of maintaining AI governance alignment over time through monitoring, reassessment, control operation, evidence refresh, regulatory updates, change governance, and lifecycle management. |

| Control | A policy, procedure, technical mechanism, workflow, review, approval, configuration, monitoring practice, or operational activity that prevents, detects, limits, corrects, or evidences risk. |

| Control Evidence | Evidence showing that a control was designed, approved, implemented, tested, monitored, or operated. |

| Data and Information | The structured, semi-structured, or unstructured content used, processed, retrieved, generated, retained, or affected by AI. |

| Data Boundary | A defined rule or control that specifies which data may or may not be used with a given AI capability, tool, vendor, model, prompt, user group, or location. |

| Data Drift | A change in the quality, distribution, meaning, freshness, completeness, relevance, or structure of data used by AI that may affect AI behavior or output quality. |

| Data Residency Zone | A defined location, region, cloud region, jurisdiction, or environment in which data must be stored, processed, retained, or restricted. |

| Decision Rights | The explicit authority to make AI governance decisions, including approvals, rejections, exceptions, risk acceptances, release decisions, control decisions, and escalation decisions. |

| Decommissioning | The controlled retirement of an AI Use Case, AI Agent, AI Model, AI Prompt, vendor AI feature, workflow, or technical asset, including access removal, records disposition, evidence preservation, and dependency cleanup. |

| Disclosure | A notice or communication that informs users, customers, employees, partners, or other stakeholders that AI is being used or that content was generated or assisted by AI. |

| Embedded AI | AI contained within, invoked by, exposed through, hosted by, or operationalized inside an Application, Platform, Service, API, Workflow, Automation, Vendor Product, or other technical asset. |

| Enterprise AI Governance | The enterprise-level discipline for making AI visible, accountable, related, located, risk-assessed, controlled, monitored, evidenced, retained, changed, and improved across business, technology, data, vendor, regulatory, and operational domains. |

| Enterprise Inventory Management | The discipline of identifying, governing, maintaining, and improving inventories of enterprise Noun Instances and their relevant attributes, owners, states, and relationships. |

| Enterprise Model | A connected model of enterprise Noun Types, Noun Instances, relationships, attributes, lifecycle states, ownership, controls, evidence, and dependencies used to understand and govern the enterprise. |

| Evidence | A retained artifact, record, log, approval, test result, configuration, assessment, trace, review, or other proof that a governance action, control, decision, event, condition, or requirement occurred. |

| Evidence Readiness | The degree to which required Evidence Records are complete, current, connected, accessible, retained, and sufficient to support audit, compliance, incident response, litigation, regulatory inquiry, or management review. |

| Evidence Record | A governed record that proves a governance action, control operation, review, approval, test, monitoring activity, incident action, retention action, or change action occurred. |

| Exception | A formally approved deviation from standard AI governance policy, control, process, configuration, review, retention, or evidence requirement. |

| Generative AI | AI that creates or transforms content, such as text, code, images, audio, video, summaries, classifications, recommendations, or other generated artifacts. |

| Governed Inventory | A managed collection of Noun Instances with defined attributes, ownership, lifecycle states, controls, evidence, and relationships. |

| Human-in-the-Loop | A control pattern in which a human must review or approve an AI output or action before it is used, released, sent, executed, or relied upon. |

| Human-on-the-Loop | A control pattern in which a human supervises AI behavior and can intervene, pause, override, or correct AI activity without approving every action in advance. |

| Human Oversight | The design and operation of human review, supervision, approval, escalation, override, or intervention for AI outputs, decisions, or actions. |

| Human Productivity AI | AI used by people to accelerate or assist work, such as drafting, summarization, coding, analysis, research support, translation, document review, presentation generation, or meeting assistance. |

| Impact Analysis | The practice of identifying which AI assets, data sources, stakeholders, locations, controls, obligations, vendors, systems, risks, incidents, or evidence records are affected by a change, issue, or decision. |

| Incident Hold | A temporary or formal preservation requirement that prevents deletion or purge of records relevant to an AI Incident. |

| Inherent Risk | The level of risk that exists before controls are applied. |

| Intake | The process for submitting, identifying, describing, classifying, routing, and reviewing a proposed or existing AI use. |

| Jurisdiction | A legal, regulatory, geographic, organizational, contractual, or operational area whose rules or obligations may apply to AI activity. |

| Key Performance Indicator | A metric used to evaluate whether AI governance is achieving intended performance objectives. |

| Key Risk Indicator | A metric used to identify increasing AI risk, control weakness, exposure, or governance deterioration. |

| Kill Switch | A mechanism for quickly disabling, suspending, isolating, or limiting an AI capability, especially an AI Agent or AI-enabled workflow. |

| Legal Hold | A preservation requirement that suspends ordinary deletion or purge of records because of litigation, investigation, audit, regulatory inquiry, or legal obligation. |

| Lifecycle State | The current state of a governed object, such as proposed, under review, approved, pilot, production, suspended, retired, deprecated, rejected, or archived. |

| Location / Jurisdiction | A location, region, jurisdiction, facility, cloud region, data-residency zone, service territory, country, state, province, city, town, or other geographic or legal scope relevant to AI operation, data processing, stakeholder impact, restrictions, or obligations. |

| Material AI Governance Change | A change that may affect AI risk, obligations, controls, evidence, data use, stakeholder impact, location scope, vendor exposure, agent authority, output use, or governance approval. |

| Model Drift | A change in AI Model behavior, accuracy, bias, performance, safety, or suitability over time. |

| Noun Instance | A specific instance of a governed thing, such as a particular AI Agent, AI Use Case, AI Model, AI Prompt, Application, Vendor Product, Regulation, Control, Risk, Incident, or Evidence Record. |

| Noun Type | A category of governed things, such as AI Agents, AI Use Cases, AI Models, AI Prompts, Applications, Vendors, Regulations, Controls, Risks, Incidents, Evidence Records, or Locations. |

| Obligation | A requirement or duty that must be satisfied because of law, regulation, contract, policy, standard, risk decision, or governance rule. |

| Output Review | The process of reviewing AI Outputs for accuracy, completeness, safety, compliance, bias, appropriateness, disclosure, retention, and fitness for use. |

| Permission Boundary | A defined limit on what an AI Agent, user, service, tool, workflow, or system identity may access, invoke, modify, execute, or affect. |

| Prohibited AI Use | An AI use that is not allowed because it violates policy, law, regulation, contract, ethics, security, privacy, safety, or enterprise risk tolerance. |

| Prompt Drift | A change in AI behavior caused by changes to AI Prompts, prompt context, prompt dependencies, model behavior, retrieval content, or workflow conditions. |

| Prompt Injection | A technique or condition in which malicious, unintended, or conflicting instructions are introduced to alter AI behavior, bypass controls, disclose information, or trigger unauthorized actions. |

| Prompt Leakage | The unintended disclosure of AI Prompts, system instructions, hidden context, configuration, sensitive instructions, or other prompt-related information. |

| Reified Relationship | A relationship that is treated as a governed object because the relationship itself requires attributes such as ownership, approval, lifecycle state, controls, evidence, effective dates, restrictions, or history. |

| Regulation | A law, rule, standard, directive, requirement, or authoritative regulatory instrument issued by a Regulatory Body. |

| Regulatory Body | An authority, agency, institution, government body, standards body, or other entity that issues, interprets, supervises, or enforces Regulations or Regulatory Obligations. |

| Regulatory Decomposition | The process of breaking Regulations into Regulatory Bodies, Regulations, Regulatory Obligations, applicability conditions, controls, evidence requirements, owners, lifecycle states, and mappings to affected enterprise objects. |

| Regulatory Obligation | A specific requirement derived from a Regulation, contract, policy, standard, or authoritative source that applies under defined conditions and must be mapped to controls and evidence. |

| Relationship Inventory | A governed inventory of reified relationships used when the relationship itself requires ownership, lifecycle state, approval, controls, evidence, review, effective dates, restrictions, or history. |

| Residual Risk | The level of risk that remains after controls are applied. |

| Retrieval-Augmented Generation | An AI pattern in which a model uses retrieved content, documents, records, knowledge, or other sources to generate or ground outputs. |

| Risk Acceptance | A formal decision to accept residual AI risk under defined conditions, with approving authority, rationale, expiration or review date, and evidence. |

| Risk Tier | A classification that indicates the level of governance depth required for an AI Use Case, AI Agent, AI Model, AI Prompt, vendor AI capability, or other AI-related object. |

| Runtime Monitoring | Monitoring of AI behavior during operation, including prompts, responses, tool calls, API invocations, output quality, errors, policy violations, data access, incidents, and action traces. |

| Semantic Model | A structured representation of meaningful enterprise concepts, Noun Types, Noun Instances, relationships, attributes, and rules used to create shared understanding and governance consistency. |

| Shadow AI | AI use that occurs outside approved governance, tool, procurement, security, privacy, data, vendor, or operating-model channels. |

| Source Traceability | The ability to identify which sources, documents, records, data, retrieved context, or references influenced an AI Output. |

| Stakeholder | A person, group, organization, role, customer, employee, vendor, regulator, partner, or other party that may use, be affected by, rely on, oversee, or be accountable for AI. |

| Technical Asset | An Application, Platform, Service, API, Integration, Workflow, Automation, Job, Script, Data Store, Runtime Environment, Tool, or other technology object used by the enterprise. |

| Tool Call | An action by an AI capability or AI Agent to invoke a tool, API, function, workflow, script, service, system, or external capability. |

| Vendor AI | AI supplied, hosted, embedded, operated, managed, or materially controlled by an external provider, including AI in Vendor Products, Vendor Services, SaaS platforms, cloud services, APIs, and managed services. |

| Vendor AI Feature Drift | A change in a vendor’s AI capabilities, defaults, models, data-processing practices, regional availability, subprocessors, controls, logging, retention, or contractual posture over time. |

| Vendor Product | A product supplied by an external vendor, including software, SaaS, platforms, tools, services, or systems that may contain or expose AI capabilities. |

| Vendor Service | A service provided by an external vendor, including hosted, managed, outsourced, cloud, API, support, processing, or operational services that may involve AI. |

| Versioning | The practice of assigning and preserving distinct versions of AI assets or governance records, such as AI Models, AI Prompts, AI Agents, data sources, controls, policies, workflows, or evidence packages. |