Risk
No Agentic Identity Policy Defined
Description
Policy doesn't specify how agent identities are issued, scoped, governed, and decommissioned β leaving teams to default to shared credentials, inherited user identities, or unmanaged workload identities for non-human actors.
Example
An enterprise deploys agents across teams; some run under shared API keys, some under developer SSO, some under service accounts with no scoping β no policy specifies which identity model applies when, or who's accountable.
Assets Affected
AI Policy
Agent Identity
AI Agent
AI Provider Access Credentials
Mitigation
- Policy must define both the agent identities and the tools/actions they may use, documenting for each agent class: which tools/actions are permitted, under what authorization, and which identity it must act under (dedicated workload identity vs. delegated per-call user rights). Authorization decisions are delegated per action and bound by the invoking principal's rights (see SAIL 1.12, 5.13, 5.17)." .
Standards Mapping
- ISO: A.4.5, A.4.6
- OWASP agentic: ASI03
- OWASP LLM: LLM06:2025
- EU AI Act: Art. 15(5)
- DASF: Agents-Core 13.9, Agents-Core 13.3
- AIUC-1: B007, E004