Governance Model
The RMACD Framework
A three-dimensional governance model that combines operational permissions, data classification levels, and autonomy controls to create comprehensive governance for AI agents in enterprise IT operations.
Three Dimensions of Control
Operations
The five fundamental actions an AI agent can perform on enterprise resources:
- Read - View and query information
- Move - Relocate resources
- Add - Create new resources
- Change - Modify existing
- Delete - Remove resources
Data Classification
Permissions vary based on the sensitivity level of the data being accessed:
- Public - Open information
- Internal - Organization only
- Confidential - Need-to-know
- Restricted - Highly sensitive
Autonomy Level
Defines how independently an agent can act without human approval:
- Full - Autonomous action
- Supervised - Logged actions
- Approval - Requires approval
- Manual - Human executes
- Prohibited - Not allowed
Governance Matrix
The 5x4 matrix below shows typical autonomy levels for each combination of operation and data classification. Organizations can customize these based on their security requirements.
Click any cell to see detailed information
| Operation | Public | Internal | Confidential | Restricted |
|---|---|---|---|---|
|
Read
|
Full | Full | Supervised | Approval |
|
Move
|
Full | Supervised | Approval | Manual |
|
Add
|
Supervised | Supervised | Approval | Manual |
|
Change
|
Supervised | Approval | Approval | Manual |
|
Delete
|
Approval | Approval | Manual | Prohibited |
This matrix represents a typical enterprise configuration. Actual permissions should be customized based on your organization's security policies.
Get Started
Read the full documentation, create your first agent profile, or validate existing profiles against the JSON schema.