[2604.05229] From Governance Norms to Enforceable Controls: A Layered Translation Method for Runtime Guardrails in Agentic AI

Computer Science > Artificial Intelligence arXiv:2604.05229 (cs) [Submitted on 6 Apr 2026] Title:From Governance Norms to Enforceable Controls: A Layered Translation Method for Runtime Guardrails in Agentic AI Authors:Christopher Koch View a PDF of the paper titled From Governance Norms to Enforceable Controls: A Layered Translation Method for Runtime Guardrails in Agentic AI, by Christopher Koch View PDF HTML (experimental) Abstract:Agentic AI systems plan, use tools, maintain state, and produce multi-step trajectories with external effects. Those properties create a governance problem that differs materially from single-turn generative AI: important risks emerge dur- ing execution, not only at model development or deployment time. Governance standards such as ISO/IEC 42001, ISO/IEC 23894, ISO/IEC 42005, ISO/IEC 5338, ISO/IEC 38507, and the NIST AI Risk Management Framework are therefore highly relevant to agentic AI, but they do not by themselves yield implementable runtime guardrails. This paper proposes a layered translation method that connects standards-derived governance objectives to four control layers: governance objectives, design- time constraints, runtime mediation, and assurance feedback. It distinguishes governance objectives, technical controls, runtime guardrails, and assurance evidence; introduces a control tuple and runtime-enforceability rubric for layer assignment; and demonstrates the method in a procurement-agent case study. The central claim is mode...