the governance gap

Enterprise AI coding policy: what good looks like.

Every enterprise is writing one of these right now, because AI-generated code is already inside the repo whether the policy exists or not. The hard truth: a policy is a document, and a document doesn't stop anything. Veracode's 2025 report found AI introduces a vulnerability in 45% of generated code. A PDF in Confluence won't catch a single one of them. What good looks like is a policy that runs — encoded once, enforced on every change, before production. Here is the template, and the software that makes it real.

Get in line for first access See pricing

why now

Vibe coding moved faster than your governance did.

The pattern is the same in every org: developers (and increasingly non-developers) started describing features to an AI and shipping the output. It's fast, it feels like magic, and then six months later nobody can explain why a screen is red, the dependency tree is a swamp, and a credential is sitting in a prompt log on someone's consumer account. 'Shadow AI' — unapproved tools pasting your proprietary logic into external servers — is now the default, not the exception. The policy exists to close that gap. But most policies fail for one reason: they describe behaviour they have no mechanism to enforce.

AI-generated code is already in your main branch — the question is whether anything governs it.
Consumer-tier tools (Free, Pro) train on your prompts and offer no IP indemnity — that's the leak.
Veracode 2025: 45% of AI-generated code ships a vulnerability. Hope is not a control.

the template

The 8 sections every good AI coding policy needs.

Standards like NIST AI RMF and ISO/IEC 42001 all point to the same baseline: a written, leadership-approved, regularly-reviewed acceptable-use policy. Strip away the boilerplate and a usable enterprise AI coding policy comes down to eight sections. Categorize, don't ban — a flat prohibition just pushes usage underground.

Scope & definitions — what counts as 'AI tool', 'agentic', 'AI-generated code', 'sensitive data'.
Approved tools & tiers — name the licensed product AND the tier (Enterprise/Business only; consumer tiers prohibited).
Data classification — map Restricted/Confidential/Internal/Public to what tool may touch it.
Review standards — human review of AI code is non-negotiable; the committing developer owns the logic.
High-risk use cases — auth, crypto, payments, PII, hiring/credit decisions require senior sign-off.
CI/CD enforcement — secrets scanning, security scans, license-tier checks wired into the pipeline.
Logging & audit — what's captured, retention, who reviews.
Governance & cadence — owner, quarterly review, exception process, consequences.

the principle

Accountability without enforcement is just blame.

The core line in every serious policy is right: 'the developer who commits the code is fully accountable for its logic, regardless of whether a human or an AI wrote it.' Nobody disagrees. The problem is what that sentence asks a person to do — read, understand and vouch for code an agent wrote in seconds, at a volume no human review can keep up with. So one of two things happens: the review becomes a rubber stamp, or it becomes a bottleneck that kills the velocity AI promised. Accountability you can't operationally meet isn't a control. It's a way to assign blame after the incident. A good policy moves the guarantee from a tired human to a deterministic structure.

A 'human review required' rule that nobody can keep up with degrades into a rubber stamp.
Make the guarantee structural: rules that run automatically don't get skipped under deadline.
The reviewer's judgement goes to what matters — is the result right — not parsing every diff.

the method

The Digital Native Method: encode the policy, don't just publish it.

The way out of unenforceable governance isn't a longer document — it's a different shape of work. A Product Owner describes the intended outcome on the live product. A Tech Lead encodes the rules once — your architecture, conventions, security posture, the policy's high-risk constraints — and every agent boots inside them. Agents implement; a structure verifies. Deterministic gates run on every change before it can reach production: lint, types, tests, and a security scan. Green or it doesn't land. Your eight policy sections stop being prose someone might follow and become the runtime every change passes through.

Tech Lead encodes the policy once — agents physically cannot ship outside it.
Gates (lint / types / tests / security) run on every change, every time — zero rubber stamps.
Everything ships through your own GitHub, on your existing AI plan — your review trail, your audit log.

the software

A policy needs software to enforce it. That's Agentation.

You can adopt the method by hand, but it doesn't hold at scale — which is why the method needs a product to apply it. Agentation is that product. It's the system that turns your AI coding policy from a document into an enforced workflow: the Tech Lead that encodes your rules, the agents that work inside them, and the gates that verify every change before production. Approved-tier models, data classification, review thresholds, high-risk sign-off — these stop being clauses people are supposed to honour and become the path every change is forced to take. The policy isn't on a wiki anymore. It's the rails.

Turns the 8-section policy into an enforced pipeline, not a PDF.
Audit trail and gate results on every change — exactly what ISO 42001 / NIST RMF reviews ask for.
Runs on your GitHub and your AI plan — adopt it without rebuilding your stack.

cocorico

Sovereign on the tooling — a French answer to the governance problem.

Agentation is a French company, built by a French team. We're honest about sovereignty: nobody in Europe is sovereign on the frontier models — Claude, GPT and the rest are American. But the models are only one layer. The orchestration around them — the tool that decides what an agent may touch, encodes your rules, gates every change and holds the audit trail — is where governance actually lives, and that you can own in Europe. With raw models alone you don't do much; the orchestration is the larger, more strategic half. So we make the tooling sovereign: hosted in the EU (Hetzner, Germany), data in the EU (Supabase), code in your GitHub, GDPR by construction. Your policy enforced on European rails.

Sovereignty on the orchestration layer — the part that enforces your policy — even when the models aren't European.
EU hosting (Hetzner, Germany), EU data (Supabase), GDPR by design.
Your code stays in your GitHub — we never store it.

FAQ

What should an enterprise AI coding policy contain?

Eight sections: scope and definitions; approved tools and license tiers; data classification rules; human review standards; high-risk use cases (auth, crypto, payments, PII); CI/CD enforcement; logging and audit; and governance with a review cadence. Align it to NIST AI RMF and ISO/IEC 42001, which both require a written, leadership-approved, regularly-reviewed acceptable-use policy. The one rule that makes it work: categorize tools by tier, don't ban them outright — bans just create Shadow AI.

Do you have an AI coding policy template we can copy?

The eight-section structure above is the template — scope, approved tiers, data classification, review thresholds, high-risk use cases, CI/CD enforcement, logging, and governance cadence. The part most templates skip is the hardest part: enforcement. A clause that says 'AI code must be reviewed' is worthless without a mechanism that guarantees it. Agentation provides that mechanism, so the template becomes a running workflow rather than a document.

How do we enforce the policy instead of just publishing it?

Move the rules out of prose and into the pipeline. A Tech Lead encodes your standards once; agents boot inside them; deterministic gates (lint, types, tests, security) run on every change before production, and everything flows through your GitHub. That's the difference between a policy someone is supposed to follow and a policy every change is physically routed through. Encoded enforcement is what NIST RMF and ISO 42001 audits actually want to see.

Which AI tool tier should our policy approve?

Enterprise or Business tiers only — Copilot Business, Claude for Enterprise, ChatGPT Enterprise — because the tier is your proxy for the contractual protections that matter: a no-training warranty on your code and IP indemnification. Consumer Free and Pro tiers should be explicitly prohibited for any company code: they may train on your prompts and offer no indemnity. Agentation runs on your existing enterprise AI plan, so your tier policy carries straight through.

Is this another vendor that sees our source code?

No. Agentation runs on your own GitHub and your own AI plan — the code stays in your repositories and we don't store it. As a French company we host in the EU (Hetzner, Germany) with data in the EU (Supabase) and are GDPR-compliant by design. The sovereignty point is deliberate: you may not control the model, but you control the orchestration layer that enforces your policy — and that's where governance actually lives.

Won't strict governance kill the speed AI was supposed to give us?

Only if governance means a human re-reading every diff — that's the bottleneck. The point of encoded, deterministic gates is the opposite: they run in seconds, automatically, so good changes flow and bad ones are stopped without a person in the loop slowing every merge. You get the velocity of vibe coding with the assurance of a reviewed system — which is the whole reason the method exists.

Turn your AI coding policy into a workflow that enforces itself.

Get in line for first access