Glossary · Agentic AI audit and governance
The terms regulators and auditors use, defined plainly.
A short glossary of the terms regulators, auditors, procurement teams, and internal AI governance committees reach for when they evaluate agentic AI. Each entry is plain-English, linked to the regulatory frames where the term lives, and linked to the substrate capability it asks an operator to produce.
What is an agent audit trail?
The durable, attributable record of what an AI agent did: which actions it took, on what data, under which policy, in what sequence, and with what outcome.
What is audit by construction?
The discipline of producing the audit record as a property of the action itself, not as a downstream reconstruction from logs.
What is a tamper-evident audit log?
A record whose integrity an auditor can verify from any point back to the start. Any modification produces a chain that does not verify.
What is agentic AI accountability?
The ability to answer, for any decision an AI agent influenced, which agent acted, on whose authority, against which policy, with what data, and with what outcome.
What is non-human identity?
The credentials and machine identities under which agents, services, and automation act. NHI management is a distinct category from the audit trail of what NHI did.
What is a harness autonomy tier?
The level of independence an AI agent has inside the harness that orchestrates it, from every action human-approved to agents acting on their own authority inside policy.