TL;DR
AI governance frameworks designed before any AI has shipped tend to be overcautious in the wrong places and undercautious in the right ones. The right sequence is ship first, govern second, and layer governance progressively as the program scales. Three dimensions matter: data, model, and output. The minimum viable governance for a consumer brand fits on one page and covers PII boundaries, approved models, output review, kill switches, and incident escalation. Agents require an extra layer on top.
- Ship the first pilot before writing the governance. Otherwise you are guessing.
- Three dimensions: data, model, output. Anything else is sub-category.
- Minimum viable governance fits on one page. Most consumer brands do not need more in year one.
- Agents need a separate layer: authority scope, action audit trails, kill switches.
- Legal does not own governance alone. Neither does engineering. Operations leads.
In this article
Why pre-shipped governance fails
The default move at most consumer brands when AI shows up on the agenda is to assemble a governance committee, draft a policy, and circulate it for sign-off before any AI ships. Twelve weeks later, the policy is 40 pages, the legal team has added every conceivable restriction, and the operating teams have not been involved. The policy gets approved. The program slows to a crawl. The teams that would have actually used the AI route around the policy or give up.
This is the most common failure pattern I see at mid-market and enterprise consumer brands. It is also the most expensive, because the visible cost (legal time, committee time) is dwarfed by the invisible cost (the AI program that did not ship).
The reason pre-shipped governance fails is structural. Governance is a response to actual risk. Actual risk shows up when AI is running in production against real workflows. Before that, the risk is theoretical. Theoretical risk gets governed conservatively, because the cost of an over-restriction is invisible (the use case that did not ship) and the cost of an under-restriction is vivid (the incident that hits the press).
Pre-shipped governance frameworks are therefore systematically biased toward over-restriction. They feel responsible. They are not. They are expensive in ways that are hard to see.
Governance designed before the first pilot is theory. Governance designed after the first pilot is engineering.
The three governance dimensions
Every AI governance question reduces to one of three dimensions. Trying to govern across more than three creates overlap, contradictions, and confusion. Trying to govern across fewer leaves structural gaps.
1. Data
What data goes into the model. PII boundaries. Customer data handling. Training data sourcing. Retention policies. Geographic restrictions for cross-border data flow.
Data governance is the dimension most consumer brands already partially have, because GDPR, CCPA, and similar regulations forced data policies that pre-date AI. The AI governance work on this dimension is mostly extension: how do the existing data policies apply when the data is being processed by an LLM? Are there new constraints (vendor data residency, model training opt-outs, embedding storage)? The answer is usually "yes, but it is an addendum to the existing data policy, not a new policy."
2. Model
Which models are approved for which uses. Open vs closed. Cloud vs on-prem. The procurement and contract terms for AI vendors. The technical controls (fine-tuning permissions, prompt injection defense, fallback model selection).
Model governance is the dimension that is most often missing. Most consumer brands have no policy at all on which models can be used for what, leaving individual teams to make ad-hoc decisions. The result is sprawl: a marketing team using one vendor, CX using another, ops using a third, with no shared evaluation framework.
3. Output
What happens to the AI's output. Review requirements for customer-facing AI. Approval workflows for high-stakes decisions. Logging and audit trails. Disclosure rules (does the customer know they are interacting with AI?).
Output governance is the dimension where brand risk lives. The AI says something off-brand to a customer. The agent takes an action it should not have. The image generator produces a logo that infringes. These are the incidents that hit the press, and they all live on the output dimension.
The three-dimension model is enough to organize every governance decision a consumer brand needs to make. Decisions that span multiple dimensions (which they often do) get tagged with the relevant dimensions and routed to the right owners. Decisions that fall outside the three are usually not governance, they are operations or finance.
Minimum viable governance for a consumer brand
The minimum viable AI governance for a consumer brand is one page. Not 40. One. It covers exactly five things:
- Data classification and PII boundaries. Which data classes can be sent to which models. Default: no PII to external models unless the contract explicitly allows it.
- Approved model list. The specific models approved for production use, with the use cases they are approved for. New models require explicit review.
- Output review requirements for customer-facing AI. When does a human review the output before it reaches a customer? Almost always, with explicitly defined exceptions.
- Kill switch ownership. Who can turn the AI off, and how quickly. Documented for each production AI system.
- Incident escalation paths. When something goes wrong, who is paged, who decides, who notifies whom externally if required.
That fits on one page. Most consumer brands do not need more than that in year one. The companies that build 40-page policies tend to spend the next twelve months arguing about edge cases instead of shipping AI.
The one-page policy is the artifact that lives inside the AI Center of Excellence and gets reviewed quarterly. As the program scales, the policy gets longer by addendum, not by rewrite.
Progressive layering: ship first, govern second
The right model for AI governance at a consumer brand is progressive layering. Ship the first pilot under a thin, conservative policy. Learn what actually needs governing. Layer additional controls based on what the pilot exposed. Repeat as the program scales.
Year-one progression looks like this:
- Pre-pilot: one-page policy. The minimum viable governance above. Conservative defaults. Approved by the CEO or COO, not by a committee.
- Post-pilot 1: pilot retrospective. What did the pilot expose? Which controls were too tight, which were too loose, which were missing? Update the one-pager.
- End of Q2: governance addendum. Specific addenda for the use cases now in production. Customer-facing AI gets a CX addendum. Creative AI gets a brand addendum. Each is one to two pages.
- End of Q4: annual review. Full policy review with operations, legal, engineering. Consolidate addenda. Update for the next year.
This progression keeps governance grounded in what the program has actually learned. It also creates a culture where governance is responsive rather than restrictive: the operating teams see governance as something that helps them ship, not something that blocks them.
Who owns governance: legal vs operations vs engineering
The most common ownership mistake is to put legal in charge of AI governance. Legal is essential to governance, but not the right owner. Legal's job is to surface risk. Governance's job is to make decisions about that risk in the context of business outcomes. Those are different jobs.
The right ownership distribution at most consumer brands:
- Operations owns the day-to-day. The AI lead or VP AI inside the CoE holds the policy, runs the quarterly review, and is accountable for the governance practice working.
- Legal owns contracts and compliance. Vendor agreements, regulatory compliance, data processing agreements, customer-facing disclosure language.
- Engineering owns the technical controls. Model gateway, eval harness, kill switches, observability, audit logging.
- The executive sponsor (usually COO or CTO) owns escalation. When governance decisions are above the CoE's authority, the sponsor decides.
This distribution puts decisions where the operating context lives, while keeping legal and engineering in their right roles. The mistake of putting legal in charge of governance produces overcautious policies. The mistake of putting engineering in charge produces undercautious ones. Operations holding the policy, with legal and engineering as essential contributors, is the balance that works.
Governance for AI agents specifically
AI agents (systems that take actions, not just produce outputs) require a separate governance layer. The standard output-review model does not work, because the agent is acting in real time. The right model is principal-agent: the agent has delegated authority within defined limits, and every action is logged for review.
The four controls every production agent needs:
- Authority scope. What actions the agent is allowed to take, defined positively (allow list) not negatively (deny list). Anything not explicitly allowed is implicitly denied.
- Action audit trails. Every action the agent takes is logged in a queryable system with the prompt, the model, the output, and the resulting action. Human-reviewable at any time.
- Kill switches. Both per-action (cancel this) and per-agent (stop this agent entirely). Owned by a named human who can be paged in real time.
- Human-in-the-loop boundaries. Specific high-stakes decisions require explicit human approval. Refunds above a threshold. Customer escalations above a severity. Public-facing communications.
Agent governance is a bigger topic than this section can cover. The short version: do not deploy an agent into production without all four controls in place. The cost of a misbehaving agent is much higher than the cost of a misbehaving content generator, because the agent has already done something by the time the issue is discovered.
For the broader context on how governance sits inside the transformation, see the AI transformation playbook and the AI Center of Excellence guide.
The bottom line
AI governance for a consumer brand should be small, late, and progressive. Ship the first pilot under a one-page policy. Learn what actually needs governing. Layer in additional controls based on what the program has exposed. The three dimensions (data, model, output) organize every governance decision. Operations owns the practice. Legal and engineering contribute. The executive sponsor handles escalations.
Agents need an additional layer with explicit authority scope, action audit trails, kill switches, and human-in-the-loop boundaries. Most other AI governance is an extension of existing data and risk policies, not a new corpus.
The companies that build governance after they have shipped move faster and protect themselves better than the companies that build governance before they have shipped anything at all.
FAQ
What is AI governance?
AI governance is the set of policies, controls, and review mechanisms that determine how AI is developed, deployed, and used inside a company. It covers data handling, model selection, output review, and accountability. Good governance enables velocity. Bad governance kills it.
How is AI governance different from AI policy?
AI policy is the written document. AI governance is the operating practice. Policy without governance is theater. Governance without policy is improvisation. Both are needed, and policy is downstream of governance, not upstream.
When should AI governance be designed?
After the first pilot has shipped. Governance frameworks designed before any AI has shipped tend to be overcautious in the wrong places and undercautious in the right ones. The first pilot teaches you what actually needs governing. Then write the policy around what you learned.
Who owns AI governance?
Operations owns the day-to-day. Legal owns the contracts and compliance. Engineering owns the technical controls. The AI Center of Excellence coordinates and holds the policy. No single function should own governance alone, but one function (usually the CoE) must be accountable for the integration.
How do you govern AI agents?
Agents require an additional governance layer: authority scope, action audit trails, kill switches, and explicit human-in-the-loop boundaries for high-stakes decisions. The right model is principal-agent: the agent has delegated authority within defined limits, and every action is logged for review.
What is the minimum viable AI governance?
A one-page policy covering: data classification and PII boundaries, approved model list, output review requirements for customer-facing AI, kill switch ownership, and incident escalation paths. That fits on one page, and most consumer brands do not need more than that in year one.