advanta

HomeGlossaryGovernance

Framework

Governance

P5

Delegation-authority register

Audience

GC / CLOLegal OperationsRisk & ComplianceCIO / CISO

DEFINITION

The Tier 4 governance instrument that names exactly what an autonomous agent may and may not do within its delegated scope, requiring board or committee sign-off before deployment. The register defines the agent's action bounds, escalation triggers, and the named human accountable for the agent's behaviour within that scope.

Detailed Explanation

The Delegation-Authority Register is a governance mechanism that maps every Tier 3 (Workflow operator) and Tier 4 (Autonomous agent) AI capability to a clearly named human accountable owner. It is the primary control used to mitigate Class 9 (Accountability dilution) at the per-capability level.

For each Tier 3+ capability, the Register records:

  • Delegated decision classes: the specific types of decisions the AI system is allowed to make.
  • Guardrails: decisions or actions the system is not permitted to take without triggering an exception and human-in-the-loop (HITL) review.
  • Materiality threshold (linked to GOV-16): the impact level at which decisions become materially significant and may require additional controls or oversight.
  • Escalation path: who and how to escalate when decisions exceed scope, risk, or materiality thresholds.
  • Revocation trigger: conditions under which the delegation is suspended or revoked.
  • Signatory: the accountable approver (General Counsel or a delegated AI Task Force Chair) who formally authorises the delegation.

The Delegation-Authority Register is operated at corpus scale by the Delegation-Authority Register Architecture (GOV-14) module. This module ensures that every Tier 3 and Tier 4 capability has:

  • Explicitly defined decision scope and constraints.
  • A named human accountable for errors or harms arising from delegated decisions.
  • A structured escalation and revocation mechanism.

Operational cadence and dependencies

  • The Register is refreshed quarterly in line with the Governance Operating Cadence (GOV-15), ensuring that changes in systems, risk posture, or organisational structure are reflected in the delegations.
  • Tier 4 (Autonomous agent) capabilities require additional coverage under the Agentic Governance Charter (GOV-08), adding stricter conditions and oversight for higher-autonomy systems.

Evidence and assurance outputs

The Register feeds into the Decision & Posture Store (DPS) by producing:

  • DE-1 (Decision traceability) evidence: showing which system made which decision, under which delegation, and who the accountable human is.
  • DE-4 (Governance posture) evidence: demonstrating the organisation’s current delegation landscape, coverage of Tier 3/4 systems, and alignment with governance policies.

In practice, the Delegation-Authority Register ensures that no Tier 3+ AI capability operates without:

  1. A clearly bounded decision mandate.
  2. Non-negotiable guardrails and HITL triggers.
  3. A documented, named human accountable for outcomes.
  4. A defined path to escalate or revoke authority when risk or performance changes.

Use the Delegation-Authority Register as the single source of truth for: (1) which AI systems are allowed to decide what, (2) who is accountable when those decisions go wrong, and (3) how to escalate or revoke that authority when risk thresholds are crossed.

Quick Facts

Term Type

Framework

Category

Governance

Related Pillar

P5 · Use Cases

Governance

Methodology
v2026.1

Explore Glossary

← All Terms