# AI Context Governance AI Context Governance is the set of policies, controls, and practices that determine what context AI agents can access, how that context is managed, and who is responsible for its quality and security. It's the governance layer of [[Enterprise Context Management (ECM)]]. As AI agents gain access to more organizational knowledge (via [[Retrieval-Augmented Generation (RAG)|RAG]], [[Model Context Protocol (MCP)|MCP]], knowledge bases, and tool integrations), the question shifts from "how do we give AI enough context?" to "how do we control what context AI gets?" ## Key concerns - **Access control**: which agents can access which knowledge, and under what conditions - **Data classification**: which information is safe to include in AI context and which is restricted (PII, trade secrets, credentials) - **Audit trails**: tracking what context was provided for which decisions, especially in regulated industries - **Context quality**: who is responsible for keeping context accurate and current? Stale or wrong context is worse than no context - **Cross-boundary sharing**: how context flows between teams, departments, and external partners without leaking sensitive information - **Compliance**: ensuring AI context management meets GDPR, SOC2, HIPAA, and industry-specific regulations ## The governance paradox More context generally produces better AI outputs. But more context also increases risk. AI context governance navigates this tension: maximizing AI usefulness while minimizing exposure. ## References - ## Related - [[Enterprise Context Management (ECM)]] - [[Team Context Management (TCM)]] - [[Context Engineering]] - [[Retrieval-Augmented Generation (RAG)]] - [[Model Context Protocol (MCP)]] - [[AI Agents]] - [[Harness Engineering]]