SAIL 2.0

/

AI Policy & Safe experimentation (Plan)

/

No Agentic Identity Policy Defined

1.13

.

No Agentic Identity Policy Defined

sail
1.13
Risk

No Agentic Identity Policy Defined

Description

Policy doesn't specify how agent identities are issued, scoped, governed, and decommissioned β€” leaving teams to default to shared credentials, inherited user identities, or unmanaged workload identities for non-human actors.

Example

An enterprise deploys agents across teams; some run under shared API keys, some under developer SSO, some under service accounts with no scoping β€” no policy specifies which identity model applies when, or who's accountable.

Assets Affected

AI Policy

Agent Identity

AI Agent

AI Provider Access Credentials

Mitigation
  • Policy must define both the agent identities and the tools/actions they may use, documenting for each agent class: which tools/actions are permitted, under what authorization, and which identity it must act under (dedicated workload identity vs. delegated per-call user rights). Authorization decisions are delegated per action and bound by the invoking principal's rights (see SAIL 1.12, 5.13, 5.17)." .
Standards Mapping
  • ISO: A.4.5, A.4.6
  • OWASP agentic: ASI03
  • OWASP LLM: LLM06:2025
  • EU AI Act: Art. 15(5)
  • DASF: Agents-Core 13.9, Agents-Core 13.3
  • AIUC-1: B007, E004