#ai#servicenow#governance

AI Governance on ServiceNow, in plain terms

·2 min read

The thing that stalls most AI projects on ServiceNow is a security team that hasn’t been given a reason to say yes. Governance is how you give them one.

“Governance” sounds like a policy document nobody reads. In practice it comes down to a handful of questions you need concrete answers to.

What can it touch?

This is scope, and it’s the first question every time. An AI assistant or agent authenticates as something, and that something has permissions. If those permissions are wide, the AI is wide. The fix is the same scoping you already do for integrations and service accounts, pointed at a new kind of caller. Give it the tables and operations it needs for its job, and nothing past that.

Who is acting, and can you prove it?

AI should never use a shared admin login or a borrowed human credential. It authenticates through OAuth and carries a scoped, expiring token, so every action traces back to a named identity. When your security team asks who did this, you need to point at a single scoped service account, not shrug at “the system.”

What did it do?

Audit is non-negotiable. Every read and write an AI makes should land in the audit history exactly as a person’s would. If you can’t reconstruct what the AI touched last Tuesday, you’re running on hope. ACLs and sys_audit already do this work. The job is making sure the AI runs through them, not around them.

How bad is the worst case?

This is blast radius, the question people forget. Assume the AI does the maximum it’s allowed to do, on every record it can reach, at machine speed. If that picture is comfortable, your scopes are right. If it makes you wince, you’ve found your next piece of work before it found you in production.

The part that gets you to yes

None of this is exotic. Scope, identity, audit, and blast radius are the same things you already reason about for any privileged account. ServiceNow’s own oversight tooling, like AI Control Tower, exists to put these answers in one place so you can show them instead of promising them.

For a bank or an insurer, add one line: be able to say exactly what data leaves the instance and what stays. In regulated work, that single sentence is often the difference between a pilot and a polite no.

Done right, governance is what gets you permission to move at all.