The six habits
Inventory first — ungoverned means unlisted, and every other practice attaches to an entry. Decision rights as named roles — who approves, who widens, who kills — published where teams can see them. Proportional tiers, because treating a read-only summariser like a payment agent guarantees the process gets routed around. Evidence-gated lifecycle — entry to pilot and production each demand artefacts, not assurances. Runtime enforcement, because an approval frozen at review time governs nothing once the system starts changing under it. And a standing review rhythm fed by real telemetry: incidents, drift, spend, exceptions. The [governing agentic AI guide](/guides/govern-agentic-ai) turns each habit into steps.
What separates operating from decorating
Decorative governance produces documents; operating governance produces decisions with evidence attached. The tells are reliable. Ask who last said no, and to what — a governance function that has never declined anything is a watermark. Ask how long the inventory has been stale. Ask whether any control emits evidence without someone assembling it by hand the week before an audit. Organisations that pass those three questions tend to pass their incidents too, because the same wiring that satisfies an auditor is what contains a misbehaving system.
Where agents raise the bar
Acting systems stress every habit harder. The inventory must now track credentials and tool access, not just model usage. Decision rights need an autonomy dimension — who may widen what an agent does without a human. Tiers must be cut by write-access, not model size. And runtime enforcement stops being aspirational: an [agent's behaviour shifts](/agentic-ai) with every model version beneath it, so the policy that lives only in a review minute is already out of date. Treat agent governance as the stress test your existing practices were waiting for — the gaps it finds were always there.