Article9 AI Governance Platform

Welcome to the Article9 AI Governance Platform

A unified system of record for every AI capability your organisation deploys — from low-risk conversational skills to high-risk autonomous agents. Covers all four tiers of the Agentic AI Governance Framework v1.1.

What this platform does:

Registers every capability — Skills (conversational, SKILL.md-based) and Agents (deployed runtimes, webhooks, autonomous workflows) each get a permanent, auditable registry entry with a unique ID (SK-YYYY-NNN or AG-YYYY-NNN).

Classifies tier automatically — upload your SKILL.md, mcp_config.json, README, or any documentation and Claude analyses it against the 8 classification questions (Q1–Q8) to assign a defensible risk tier. All four tiers are supported: T1 through T4.

Captures all required artefacts — Design Review (2.2), Risk Acceptance Statement (3.3), Decision Record (3.1), and Policy Approval Record (2.4) are completed inside the platform before gate sign-off, not retrospectively.

Tracks MCP servers and incidents — every approved MCP server connection has a registry entry (MCP-YYYY-NNN); every incident is logged at detection with severity, owner, and PIR tracking (INC-YYYY-NNN).

Together with your Word toolkit documents, this platform constitutes a complete, defensible governance record aligned to the Agentic AI Governance Framework v1.1.

Step 1

Tier Classification (Q1–Q8)

Upload documentation or describe your capability. Claude applies the 8 classification questions and assigns T1, T2, T3, or T4 automatically. You can override. Highest triggered question wins.

Step 2

Design Review (2.2)

AI pre-fills approved purpose, out-of-scope actions, data flows, and tool provenance. Tech Lead signs off before production. T3/T4 attach peer review checklist (2.3). Uncertainty about tier → escalate to AI Program Owner.

Step 3

Risk Acceptance (3.3)

Three specific risks documented with qualitative likelihood, impact, controls, residual risk, and why each is acceptable in this context. Aggregate position required. Complete before gate sign-off — never retrospectively.

Step 4

Decision Record (3.1)

Required for T2, T3, and T4. Specific description of what was approved — not just 'approved for deployment'. Conditions, scope boundaries, review triggers, and decision owner captured.

Step 5

Policy Approval (2.4)

Approving authority by tier: T1 none · T2 Department Head · T3 AI Program Owner · T4 Executive Leadership. Legal review flags for customer-facing capabilities, personal data, or Confidential+ MCP connections.

Step 6

Registry Entry (1.1 / 1.2)

Permanent record with unique ID, HITL configuration, and linked artefact IDs. Agents additionally require task graph, kill switch reference, multi-agent role, and replay environment status (T3/T4 must be Ready).

Tier coverage — all four tiers supported:

T1 — Read-only / conversational: No tool access · No sensitive data · 30-day log retention · No formal policy approval required.

T2 — Internal access / supervised: Internal system reads · may handle Confidential data · Batch HITL permitted · Department Head approval · 12-month retention.

T3 — Write access / customer data / external systems: Writes or modifies data · customer personal data · external system access · Individual HITL per gate · AI Program Owner approval · 3-year retention.

T4 — Irreversible / financial / production: Financial transactions · access control changes · production writes · Per-action HITL · Executive Leadership approval · 7-year retention · Replay environment must be Ready before production.

MCP Servers and Incidents: Register every MCP server before production use (sidebar → MCP Servers). Third-party servers connecting to Confidential or Restricted workflows require an executed DPA regardless of security vetting. Log every incident at detection — not at resolution — using the Incident Register. P1/P2 incidents require a post-incident review within 10 business days of closure.

Saving your data: Your registry is stored in your browser's local storage. Export regularly as JSON (Reports → Export JSON) and store the file in SharePoint, Google Drive, or email. Data will be lost if you clear your browser storage.

Dashboard

Governance health overview

Capabilities

Skills + Agents

Complete Records

All mandatory fields

Review Due

This month

Overdue

Past review date

Governance Health

Governance Metrics (KPIs)

Tier Breakdown

Review Schedule

Recent Activity

Skills Registry

1.1 — every AI skill · SK-YYYY-NNN · Unregistered = not approved for production

↑ Import

Name	ID	Ver	Tier	Data Class.	Status	Approval Auth.	Governance	Last Review

Agent Registry

1.2 — autonomous agents with task graphs, HITL enforcement, kill switch config · AG-YYYY-NNN

Name	ID	Tier	MA Role	Combined Tier	Replay	Status	Governance	Last Review

MCP Server Registry

1.3 — every approved MCP server · No connection operates without a registry entry · MCP-YYYY-NNN

Model Version Inventory

1.4 — every model version in production · Required at Managed tier · MOD-YYYY-NNN

Track every model version deployed across your capabilities. When a model version changes, the affected capability record must be updated and reviewed. Link model IDs to the capability registry entries that use them.

Incident Register

1.5 — log every incident at detection, not at resolution · INC-YYYY-NNN

P1/P2 require a Post-Incident Review within 10 business days of closure. Root cause must be specific and technical. Do not modify or delete earlier entries — append corrections as new rows.

ID	Sev	Capability	Detected	Status	Description	PIR

Reports

Governance evidence — Component 9.2

Governance Record Export

Full structured JSON — capabilities, MCP servers, model inventory, incidents, and all artefact references. Store securely.

Quarterly Summary (9.2)

Plain-text quarterly report for the oversight body — tier distribution, governance completeness, open PIRs, incident trends.

Registry Summary

Settings

Organisation profile, API key, subscription tier, data management

Organisation

API Key

Subscription

Data

Organisation Profile

Organisation Name

Industry

Governance Contact

AI Program Owner (name + role)

—

AI-assisted intake · Agentic AI Governance Framework v1.1

01Upload

02Classify

03Review Record

04Artefacts

📎

Drop files or click to browse

Upload SKILL.md, mcp_config.json, README, system prompts, or any documentation

Or describe manually

Read-only / conversational

No tool access · No sensitive data · 30-day log retention

▸ Classification answers (Q1–Q8)

Registry Entry

Design Review (2.2)

Risk Acceptance (3.3)

Decision Record (3.1)

Peer Review (2.3)

Fields marked AI were pre-filled by Claude. Review every field before saving — your sign-off confirms personal ownership of the content, not just form completion.

Capability Name AI *

Type

Version *

Version History Link

Unique ID

Tech Lead *

Approval Authority *

Data Classification AI *

Status

Approved Scope — Permitted AI *

e.g. 'Can retrieve and summarise documents from the HR SharePoint library. Can generate draft text for human review.'

Approved Scope — Not Permitted AI

Bundled Tools and Data Sources AI

HITL Configuration AI *

e.g. 'All outputs held in review queue. Named approver clicks Approve before any action is taken. Approval logged with reviewer ID, timestamp, and capability UID.'

Evaluation Suite Reference

Linked Artefacts (auto-populated)

Component 2.2 — complete before gate sign-off. Tech Lead signs off. For T3/T4 attach peer review checklist (2.3) before marking Approved. Uncertainty about tier → escalate to AI Program Owner before proceeding.

Approved Purpose AI

Out-of-scope Actions AI

Business Context

Data Flows AI

Bundled Tools — Provenance Review AI

Tier Assignment Confirmed

Tech Lead Sign-off

Design Review Date

Escalation Required?

Component 3.3 — complete BEFORE gate sign-off, not retrospectively. Each risk must include a specific description, qualitative likelihood and impact, controls in place, residual risk, and why it is acceptable in this context. 'Low risk' without explanation does not satisfy this requirement. AI Program Owner and CISO sign-off required at T3/T4.

Capability (auto)

Aggregate risk position

Overall risk position and basis for acceptance AI

Risk Owner (Name + Role)

Statement Date

Reviewer (AI Program Owner / CISO at T3/T4)

Component 3.1 — required for every T2, T3, and T4 capability. Complete BEFORE gate sign-off. 'Approved for deployment' is insufficient — describe the specific configuration, scope, and constraints that were approved.

Decision Description AI

Business and Governance Context

Conditions Placed on Approval

Scope Boundaries

Review Trigger

Decision Owner (Name + Role)

Decision Date

Policy Approval Record (2.4)

Required before production

Approving Authority

T1: No formal approval · T2: Department Head · T3: AI Program Owner · T4: Executive Leadership

Approval Date

Decision

Legal Review Required?

Approval Notes

Component 2.3 is required for T3 and T4 capabilities. All items below must be checked and a reviewer named before the capability can be marked Approved.

Peer Reviewer (Name + Role)

Peer Review Date

Peer Review Notes

1.3 — every server must be registered before production use · MCP-YYYY-NNN

Third-party servers connecting to Confidential or Restricted workflows require an executed DPA regardless of security vetting status. Credential management must be described technically — 'stored securely' is not acceptable.

Server Name *

Unique ID (auto)

Source

Permitted Tools and Scope

Actions Explicitly Excluded

Data Classifications Handled

DPA Status

Security Assessment Date

Security Assessment Outcome

Credential Management Approach

Version Pinning Reference

Status

Vetting Assessment (8-point)

1. Source & Provenance *

2. Permissions Requested

3. Data Access & Classification

4. Data Processor Assessment

5. Network Access

6. Credential Handling

7. Update & Maintenance

8. Isolation

Add Model Version

1.4 — model version inventory · Required at Managed tier · MOD-YYYY-NNN

Model Name *

Unique ID (auto)

Model Version / String *

Provider

Deployment Date

Status

Used In Capabilities (IDs)

Change from previous version

Notes

Log Incident

1.5 — log at detection, not at resolution · INC-YYYY-NNN

Severity *

Affected Capability + Registry ID

Incident Owner *

Description *

Detection Date / Time

Status

Containment / Remediation Actions

Root Cause (required at closure)

PIR Reference (P1/P2 — required within 10 business days of closure)

Confirm

Export Data

Tap Copy to clipboard then paste into a new file in your Files app, Notes, or email. On desktop use Cmd+A then Cmd+C in the text area below.

Tap the text area to select all content