Every enterprise AI deployment involves the same five elements. Most deployments never make the relationships between them explicit.
The five elements
Human — The principal. The person or role whose authority the agent is ultimately exercising. Every agent should trace back to a named human accountable for its actions.
Agent — The actor. The AI system that receives delegated authority and acts on it. The agent does not have authority of its own — it exercises authority granted by the human principal.
Tool — The capability. What the agent can use to act — APIs, databases, communication systems, other agents. The scope of available tools defines the blast radius if something goes wrong.
Resource — What gets affected. The data, systems, or external parties that the agent’s actions touch. Authorization should be scoped to specific resources, not granted broadly.
Outcome — What actually happened. The result of the agent’s action, including unintended consequences. Governance requires visibility into outcomes, not just intentions.
The question each element must answer
| Element | The question |
|---|---|
| Human | Who is accountable for this agent’s actions? |
| Agent | What authority has it been explicitly granted? |
| Tool | What capabilities is it allowed to use? |
| Resource | What is it allowed to affect? |
| Outcome | Who reviews what actually happened? |
The failure mode
Most enterprise AI deployments can answer the middle three questions reasonably well. The tool list is documented. The resources are roughly scoped.
The failures happen at the edges — at Human and Outcome.
The human accountability chain is vague: “the platform team” or “the AI governance committee” rather than a named person with decision authority. And outcome review is either absent or happens only when something goes wrong.
An agent without a clear human principal and without outcome review is not governed. It is running on hope.
Can you draw this model for every AI agent in your environment right now?