Skip to content
EVVO DIGITAL

Governance · Risk · 7 min read

Agentic AI risk: what your risk register is missing.

Permissioned actions, transaction limits, tool allow-lists, third-party model use — and the four questions your CISO will be asked that your current register can't answer.

EVVO DIGITAL

A traditional AI risk register tracks models. An agentic register has to track actions — and that is a different kind of problem.

Most enterprise risk registers were written for a world where AI meant a model that scored a probability. The agentic era breaks that assumption: the AI can now act, with delegated authority, against a system of record.

Four questions your CISO will be asked in the next twelve months — and that most current registers cannot answer: (1) Which AI agents can take which actions, and on whose authority? (2) What are the transaction limits, and who approved them? (3) Which tools, APIs and data sources is each agent permitted to use? (4) How do we revoke, rollback or shut down an in-flight agent?

If the register cannot answer these, the register is not the problem. The problem is that there is no system of record for agent risk in the first place.

The fix is not a new policy. It is an inventory that connects the model, the agent, the actions it can take, the approvals behind those actions, and the controls that can stop them. Once that exists, the policy becomes a one-page document.

We build that inventory in 4–8 weeks as part of our AI Governance & Agent Risk Assessment — and the most useful artefact we hand over is the one that lets the CISO answer the four questions in a single meeting.

Want to dig deeper?

Book a 30-minute briefing — we'll walk you through how the topic above lands on a real engagement.