Enterprise AI Governance Glossary

An agentic AI system goes beyond one-shot generation. It decomposes a goal into steps, selects tools, calls APIs or retrieval, observes results, and adapts the next action. In an enterprise context, this only becomes safe when paired with an orchestrator, policy enforcement, and execution traces. See AI Agent Orchestration for the runtime view.

See also: Multi-Agent Orchestration, Tool Governance

AI agent governance covers who can build agents, which tools they can call, which models are approved, what knowledge they can read, and how every execution is recorded. Without it, agent rollout becomes opaque and unauditable. The AI Agent Governance pillar describes the platform controls VDF AI uses to make agents reviewable end-to-end.

See also: Audit Log (AI), Tool Governance, Risk Management System

An AI inventory (sometimes “AI system register”) is the prerequisite for any compliance program. You cannot classify risk, run a DPIA/FRIA, or report to regulators without a baseline of what exists. The AI Inventory & Shadow AI Discovery use case explains how to build one across code repos, document stores, and collaboration tools.

See also: Shadow AI, AI Risk Classification

The EU AI Act assigns obligations based on risk tier. High-risk systems trigger conformity assessments, technical documentation, and post-market monitoring; limited-risk systems trigger transparency duties; some uses are outright prohibited. See AI Risk Assessment & Classification for the workflow VDF AI uses to map this systematically.

See also: High-Risk AI System, Conformity Assessment

An approval workflow pauses an agent before a high-impact step — sending a customer email, modifying a record, escalating a case — and routes the proposed action to a human reviewer. Approvals should be enforced in the orchestrator, not at the UI, so they cannot be bypassed by a different caller. See AI Agent Governance.

An AI audit log is the source of truth when something looks wrong: a sensitive output, a regulator request, or a misbehaving agent. It needs to capture timestamps, user identity, agent identity, retrieved sources, tool calls, and model decisions. See AI Agent Observability: Logs, Traces, Audit.

See also: Observability (AI Agent), Decision Traceability

Bias detection evaluates whether a model or workflow produces materially different outcomes across protected groups. It is required for high-risk EU AI Act systems and increasingly expected by procurement teams. See Bias Detection & Fairness Auditing.

A conformity assessment verifies that a high-risk AI system has a risk management system, technical documentation, data governance, logging, transparency, human oversight, accuracy and cybersecurity controls. The architecture decisions you make early — especially logging and traceability — determine whether this is straightforward or painful. See EU AI Act-Ready On-Premises AI Architecture.

Data sovereignty is why many regulated organizations cannot route prompts, retrieved passages, or logs through uncontrolled third-party services. It is the practical driver behind on-prem and sovereign-cloud AI architectures. See Sovereign AI with VDF AI.

See also: On-Premise AI Agent Platform, Hybrid Deployment

Decision traceability ties outputs back to the inputs, retrieved sources, tool calls, and model selection that produced them. Without it, “why did the system decide that?” has no answer. See Decision Traceability for Audits.

DPIA is a structured analysis of how a system affects personal data; FRIA is the EU AI Act equivalent for fundamental rights, required for high-risk systems used by public bodies and certain private deployers. Running them together avoids duplicate documentation. See DPIA/FRIA Integrated Impact Assessment.

Embeddings turn passages into vectors that can be searched by meaning rather than keyword. In a Private RAG architecture, the embedding store is sensitive — it contains a representation of internal documents — and is one of the first places enterprises ask “where does this live?”. See Private RAG.

See also: Vector Database

Energy-aware routing prefers smaller, more efficient models for high-volume work where the quality threshold is met, reserving frontier models for steps that genuinely need them. See Orchestration & Energy research and the white paper How We Reduce Energy Consumption.

See also: LLM Routing

The EU AI Act entered into force in 2024 with staged applicability. It introduces prohibited practices, high-risk requirements, GPAI obligations, transparency duties, and post-market monitoring. Architecture choices — where data lives, what is logged, how human oversight is enforced — largely determine cost of compliance. See EU AI Act-Ready Architecture and VDF AI Compliance.

See also: GPAI Model, Provider vs Deployer, Transparency Obligations

Foundation models are the generic substrate of modern AI. Enterprises rarely use them raw; they layer retrieval, routing, and governance on top. For high-volume internal tasks, a smaller specialised model often outperforms a generic foundation model on cost, latency, and energy. See Small Language Models in Enterprise AI.

See also: Small Language Model (SLM)

A governance plane is what turns a collection of agents into a controllable enterprise system. It is not a reporting dashboard added later; it is the runtime that decides who can do what, with which model, on which data. See AI Agent Governance.

GPAI providers face specific transparency, documentation, and (for systemic-risk models) evaluation and incident-reporting obligations. Deployers of GPAI inside a high-risk product inherit additional duties. See EU AI Act-Ready Architecture.

Hallucinations are reduced — not eliminated — by good retrieval, citations, and evaluation. In an enterprise setting, the more dangerous failure mode is a hallucinated action, not a hallucinated answer: an agent that fabricates a justification for the wrong tool call. See Private RAG vs Enterprise Search.

High-risk AI systems include those used in critical infrastructure, education, employment, essential services, law enforcement, migration, and the administration of justice. They trigger the bulk of EU AI Act obligations. Architecture matters because logging, oversight, and documentation cannot be retrofitted cheaply. See EU AI Act-Ready Architecture.

Hybrid deployment is the realistic shape of most regulated enterprise AI. Retrieval, embeddings, logs, and routing stay local; specific workflows can call external models when policy allows and quality benefits justify it. See On-Premise AI Agent Platform.

LLM observability is what turns a black box into an operable system. Without it, every failure looks like “the agent did something strange.” See AI Agent Observability: Logs, Traces, Audit.

LLM routing is how enterprise AI economics actually work. Routing pushes classification and summarization to smaller models, reserves frontier models for hard reasoning, and respects policy (some tasks cannot leave a boundary). See the LLM Routing pillar and the SEEMR architecture for the VDF AI implementation.

See also: SEEMR (Self-Evolving Model Router), Energy-Aware Routing

MCP lets you wrap an internal API or a third-party agent platform as a tool any compatible agent can invoke. In practice it is the integration glue between platforms — for example, running n8n or CrewAI flows as tools inside a VDF AI Network. See Integrate n8n & CrewAI as MCP Tools.

A model card is the artefact procurement and compliance teams ask for. It is also useful internally: when routing decides which model handles a step, the card explains why that model is approved for that workload. See Model Evaluation Suite.

Multi-agent orchestration is what enterprise AI looks like past the single-chatbot phase: retrieval, reasoning, validation, and action are different agents, run as a DAG with per-node model routing and explicit approval points. See the AI Agent Orchestration pillar and VDF AI Networks.

See also: LLM Routing, Tool Governance

AI agent observability goes beyond LLM call logs. It needs to capture orchestration paths, tool invocations, approvals, retries, and downstream effects. See AI Agent Observability: Logs, Traces, Audit.

An on-premise AI agent platform is more than a model host. It bundles agent runtime, private retrieval, policy enforcement, observability, and deployment control so the enterprise retains data and runtime control. See the pillar page and On-Prem AI overview.

Without permission-aware retrieval, the RAG layer becomes a permissions bypass: it indexes content the user would not be allowed to open in the source system and serves it back through the chat surface. See Private RAG.

Private RAG differs from cloud RAG in three ways: where the embeddings live, who controls retrieval policy, and whether retrieval is audited as part of the AI platform. See the Private RAG pillar and Private RAG vs Enterprise Search.

See also: Permission-Aware Retrieval, Vector Database, Embeddings

Most enterprises are deployers, not providers. Deployer duties (oversight, monitoring, fundamental-rights impact assessment) are different from provider duties (conformity assessment, technical documentation, post-market monitoring). Knowing which role you play for each system is the start of any compliance plan. See EU AI Act-Ready Architecture.

RAG reduces hallucination and gives users source citations. Quality depends on ingestion, chunking, embeddings, ranking, and freshness — “upload documents and chat” is the demo, not the architecture. See RAG Technology Best Practices.

See also: Private RAG

The EU AI Act requires high-risk systems to operate a risk management system across the full lifecycle: design, development, deployment, and post-market monitoring. It is not a one-off document. See AI Governance & Compliance Problems.

SEEMR formalises model selection as a runtime decision shaped by policy, cost, latency, energy, and outcome feedback — rather than a static configuration. See the SEEMR architecture page and the white paper The Self-Evolving Model Router.

Shadow AI is the gap between employees adopting new tools and IT discovering they exist. Recent surveys put it above 30% of weekly AI usage in many enterprises. You cannot govern what you cannot see. See AI Inventory & Shadow AI Discovery.

Small language models are how enterprises make high-volume internal AI economically viable: many routine tasks (classification, extraction, summarization) do not need a frontier model. See Small Language Models in Enterprise AI.

Sovereign AI is the practical answer to “our data cannot leave the country / cannot leave our control.” It usually combines on-prem or sovereign-cloud deployment, private retrieval, and approved local or jurisdiction-bound models. See Sovereign AI with VDF AI.

Tool governance is where governance becomes operational. An agent that can read documents is one risk profile; one that can modify records or send customer-facing content is another. The orchestrator must enforce scope, not the calling code. See AI Agent Governance.

Transparency obligations apply broadly, not only to high-risk systems. Deployers of emotion-recognition or biometric-categorisation systems have additional disclosure duties; providers of generative AI must mark synthetic outputs. See AI Governance & Compliance Problems.

A vector database is the storage layer behind RAG. In a private deployment, it sits next to the documents it indexes — not in a separate vendor tenant — so retrieval, permissions, and audit live in one boundary. See Private RAG.

Zero data retention is one of the controls procurement teams ask for when sensitive prompts must traverse an external API. It is not a substitute for keeping data local — logs, embeddings, and retrieved passages still live somewhere — but it constrains what a third party can keep. See Why Data Security Matters in AI.