Monthly Governance Evidence
Northwind Logistics — autonomous operations & procurement agents
The period at a glance.
Runtime Governance evaluated 48,920 agent actions before execution this period across 12 governed agents. 842 unsafe actions were prevented and 466 were escalated for human review. Governance coverage held at 100% of defined forbidden states (Ω), including two newly onboarded tools. No uncovered reachable path to a forbidden state was observed at period end.
Every action resolved to a verdict.
Volume rose 14% versus April as the procurement agent expanded, while blocked actions fell 9% — consistent with an improving governance posture as upstream policies tightened. 12 agents and 34 tools were under governance.
What was blocked before it executed.
| Category | Count | Representative example |
|---|---|---|
| Unsafe external action | 572 | Calls to unapproved third-party APIs |
| Data exfiltration | 121 | Bulk export of customer records to an external endpoint |
| Privilege escalation | 64 | Agent attempting to elevate its own role |
| Destructive operation | 47 | Mass-delete against a production datastore |
| Unauthorised fund transfer | 38 | Transfer above threshold with no approver |
Routed to a human, with outcomes.
Of 466 escalations, 449 were approved after review and 17 were rejected. Median time-to-decision was 6 minutes. Escalations concentrated on first-time vendor payments and cross-system data movements — the categories where human judgement adds the most value.
Coverage against forbidden states (Ω).
18 forbidden states are defined for this environment, spanning financial loss, data exfiltration, privilege escalation, and destructive operations. Two new tools (a payments connector and a vendor-onboarding API) were onboarded and re-mapped to Ω during the period. End-of-period coverage: 100% of defined states, with 0uncovered reachable paths detected.
Exposure removed before it could occur.
The 38 prevented unauthorised-transfer attempts alone represented a modelled single-event exposure of £0,000,000+ had any reached execution. Reachable exposure across all governed agents fell relative to the April baseline as new tools were brought under governance at onboarding rather than after deployment. Figures are modelled and illustrative.
Prioritised next actions.
- HighTighten the approval policy on payment tools so first-time vendor transfers always require a named approver.
- MediumReview the two newly integrated third-party APIs and confirm their Ω mappings with the security team.
- MediumSchedule the quarterly Ω revalidation to keep forbidden states aligned with new workflows and regulation.
- LowExtend governance to the planned logistics-routing agent before it reaches production.
Tamper-evident, reproducible record.
Illustrative sample. “Northwind Logistics” is fictional and all figures are for illustration only. A live report reflects your systems, your defined Ω, your agents, and your data. Available as a hosted view and as a PDF for board distribution.