Governance Framework
Enterprise controls for AI agent management at scale.
MeetLoyd provides a comprehensive governance framework designed for enterprises that need to maintain control, visibility, and compliance over their AI agent deployments. Every action is auditable, every prompt is versioned, and every level of the hierarchy has its own emergency controls.
Hierarchical Control Model
The governance framework operates at four levels, from organization-wide policies down to individual agent behavior:
Tenant (Organization) → App (Workspace) → Team (Department) → Agent (Individual AI)
This hierarchy enables precise control. Pause an entire workspace during an incident, or fine-tune a single agent's behavior without affecting anyone else.
Kill Switch Hierarchy
When something goes wrong, you need the ability to stop it immediately. MeetLoyd's kill switch system provides cascading emergency controls at every level.
Status States
| Status | Description | Can Execute? |
|---|---|---|
| Active | Normal operation | Yes |
| Paused | Temporary suspension, can self-resume | No |
| Suspended | Admin suspension, requires manual review | No |
| Maintenance | Scheduled maintenance window | No |
Cascade Behavior
When you pause a higher level, all children are blocked:
- Pause Tenant → All apps, teams, and agents stop
- Pause App → All teams and agents in that app stop
- Pause Team → All agents in that team stop
- Pause Agent → Only that agent stops
Available Actions
| Action | Result | Use Case |
|---|---|---|
| Pause | Temporary stop | Investigating an issue |
| Suspend | Full stop, needs review | Security concern |
| Resume | Return to active | Issue resolved |
| Maintenance Start | Planned downtime | Scheduled maintenance |
| Maintenance End | End maintenance | Maintenance complete |
| Emergency Stop | Immediate full stop | Critical incident |
Timed Actions
Emergency actions can have an expiration time. When expired, the system automatically resumes the entity. This is useful for time-boxed investigations where you want the system to self-heal.
Prompt Versioning
System prompts are the "soul" of your agents. In regulated industries, you need a full audit trail of who changed what, when, and why.
Why Version Prompts?
- Audit trail: Every change is recorded with actor, timestamp, and reason
- Rollback: Restore previous versions instantly
- Review workflow: Approve changes before they reach production
- A/B testing: Validate improvements with real traffic before full rollout
Version Lifecycle
Every prompt version moves through a controlled lifecycle:
Draft → Pending Review → Approved → Staging → Production
Rejected versions return to draft for further editing. Deprecated versions are retained for audit purposes.
| Status | Description |
|---|---|
| Draft | Work in progress, not visible to users |
| Pending Review | Submitted for approval |
| Approved | Approved, ready for staging |
| Staging | Deployed to staging environment |
| Production | Live in production |
| Deprecated | Replaced by newer version |
| Rejected | Review rejected, needs changes |
Rollback
If a new prompt causes issues, you can instantly roll back to any previous version. This creates a new version (for audit trail) based on the target and immediately promotes it to production.
Diff Tracking
Each version tracks additions, deletions, and a change summary relative to its parent version. This makes code-review-style prompt reviews straightforward.
AI-Generated Suggestions
When Auto-Discovery detects optimization opportunities (for example, a new integration was connected), it creates prompt suggestions with a confidence score and risk level. You can review, apply, or reject these suggestions from the dashboard.
A/B Testing for Prompts
Before rolling out a prompt change to all users, test it with a subset of traffic.
| Metric | Description |
|---|---|
| Executions | Number of runs per variant |
| Success Rate | Task completion rate |
| Avg Latency | Response time |
| User Score | User satisfaction rating |
You define the traffic split, minimum sample size, and maximum duration. When the test completes, promote the winning variant to production.
Audit Trail
Every governance action is logged with full attribution:
| Action | Description |
|---|---|
| Create Draft | New version created |
| Submit Review | Submitted for approval |
| Approve | Approved by reviewer |
| Reject | Rejected by reviewer |
| Request Changes | Changes requested |
| Promote Staging | Deployed to staging |
| Promote Production | Deployed to production |
| Rollback | Rolled back to previous version |
| Apply Suggestion | AI suggestion applied |
Integration with Watchdog
The governance framework integrates with MeetLoyd's Watchdog system:
- Watchdog detects issue → Can trigger auto-pause via kill switch
- Emergency action executed → Logged in Watchdog alerts
- Automatic recovery → Timed pauses auto-resume
Budget Controls
Set spending limits at any level of the hierarchy to prevent runaway costs.
Budget Hierarchy
| Level | Scope | Use Case |
|---|---|---|
| Tenant | All usage in organization | Company-wide spending cap |
| App | Environment-level limits | Dev vs Production budgets |
| Team | Department budgets | Marketing team limit |
| Agent | Per-agent limits | Limit experimental agents |
Actions When Exceeded
| Action | Behavior |
|---|---|
| Block | Stop execution, return error |
| Warn | Allow execution, send alert |
| Throttle | Reduce request rate |
| Queue | Queue requests for later |
Data Loss Prevention (DLP)
DLP prevents sensitive data from being exposed through AI agent responses. Configure rules to detect, redact, or block sensitive information.
Built-in Classifications
| Category | Examples | Default Action |
|---|---|---|
| PII | SSN, passport numbers | Redact |
| Financial | Credit cards, bank accounts | Block |
| Credentials | API keys, passwords | Block |
| Health | PHI, medical records | Redact |
| Infrastructure | IP addresses, hostnames | Warn |
DLP Actions
| Action | Behavior |
|---|---|
| Block | Stop response, return error |
| Redact | Replace sensitive data with placeholder |
| Warn | Allow but log violation |
| Log | Silent logging only |
You can also create custom classification patterns for industry-specific data (e.g., internal project codes, employee IDs) and grant specific agents permission to access certain data categories with time-limited exemptions.
Chain of Thought (CoT) Logging
For compliance and debugging, you may need to understand why an agent made a decision.
Why Capture Reasoning?
- Audit requirements: Regulators may require explainability
- Debugging: Understand failures in complex workflows
- Training: Improve prompts based on reasoning patterns
- Legal: Demonstrate non-discriminatory decision making
Capture Levels
| Level | What's Captured | Storage Impact |
|---|---|---|
| None | Nothing | None |
| Metadata | Decision type, outcome, timing | Low |
| Summary | Condensed reasoning | Medium |
| Full | Complete thinking process | High |
Capture Triggers
CoT is captured when specific events occur:
| Trigger | Description |
|---|---|
| High cost | Execution exceeded cost threshold |
| Error | Agent encountered an error |
| Tool use | Agent used external tools |
| Verification fail | Output verification failed |
| DLP violation | DLP detected sensitive data |
| Budget warning | Approaching budget limit |
| Random sample | Random sampling for QA |
| Manual | Explicitly requested |
Governance Integrations
Connect MeetLoyd governance events to your existing incident management systems.
Supported Platforms
| Platform | Type | Features |
|---|---|---|
| PagerDuty | Alerting | Incidents, escalations, auto-resolve |
| ServiceNow | ITSM | Tickets, workflows, CMDB mapping |
Sync Directions
| Direction | Behavior |
|---|---|
| To External | MeetLoyd → PagerDuty/ServiceNow only |
| From External | External → MeetLoyd only |
| Bidirectional | Full two-way sync |
Workspace Briefing & Context Propagation
Inspired by Salesforce's V2MOM (Vision, Values, Methods, Obstacles, Measures), MeetLoyd supports cascading context from leadership to all AI teams.
How It Works
Workspace Briefing → Team Manager reads and extracts relevant context → Human approves the summary → Stored in Team Memory → Available to all team agents via RAG
Why Workspace Briefing?
Public information gives the marketing perspective. But AI teams need insider context: strategic priorities, internal processes, key relationships, cultural norms, and budget constraints.
Cascading Governance Policy
Governance policies cascade through a 4-level hierarchy, giving you precise control from organization-wide defaults down to individual agent behavior. Each level inherits from its parent, and you only need to configure overrides where behavior should differ.
Autonomy Levels
| Level | Behavior | Use Case |
|---|---|---|
| Autonomous | Agents act freely, no approval needed | Fully automated deployments |
| Proactive | Agents propose, humans approve | Most production teams (default) |
| Reactive | Agents wait for human instruction | Testing, debugging |
| Locked | All agent actions blocked | Highly regulated scenarios, maintenance |
| Adaptive | Dynamically resolved from compliance scores | Progressive autonomy -- proven compliance earns freedom |
Adaptive Autonomy
When set to adaptive, the autonomy level is automatically determined based on your agents' real-time PVP compliance scores. Agents that consistently comply earn expanded autonomy; those that violate policies get restricted.
| Compliance Score | Resolved Level |
|---|---|
| 95% or higher | Autonomous |
| 80% or higher | Proactive |
| 60% or higher | Reactive |
| Below 60% | Locked |
Discovery Controls
Control what agents can automatically discover from connected integrations:
| Capability | Description |
|---|---|
| Dynamic tool loading | Load tool schemas on demand instead of upfront |
| Tool discovery | Discover new tools from connected integrations |
| Data discovery | Introspect schemas and data structures |
| Memory creation | Store discovery results in agent memory |
| Skill suggestion | Suggest skills based on discoveries |
| Auto tool sync | Automatically assign discovered tools to agents |
Per-Artifact Governance
Control governance independently for each of the 9 artifact types (schedules, workflows, triggers, prompts, interaction rules, memory, bootstrap tasks, continuous watch, and tasks). Each supports its own autonomy level override and optional approval role.
- Start with restrictive defaults -- Set restrictive autonomy at tenant level, then grant more freedom to specific teams
- Disable auto-sync by default -- Turn off auto tool sync organization-wide and enable it only for teams that need it
- Lock sensitive artifacts -- Set prompts and interaction rules to locked at tenant level for compliance
- Override at the right level -- Prefer team-level overrides over agent-level for easier management
Transparency Principle
MeetLoyd operates on a core governance principle: full transparency.
- All system prompts are visible and editable
- No hidden instructions or protected templates
- Every change is tracked and auditable
This ensures compliance with emerging AI regulations, builds trust through visibility, and enables easy debugging and improvement.