AI Governance
Every AI tool in your estate. Classified, scored, and compliance-mapped.
Mima's AI Governance module maintains a live inventory of every AI asset in your estate — SaaS AI tools, MCP servers, A2A agents, and on-device models like LM Studio and Ollama running below the browser. Each asset is classified (Sanctioned, Monitored, Blocked, Unclassified), scored for risk, and mapped to your DLP policies. Access trails and prompt guard logs provide a forensic record of what was queried, by whom, and with what data.
Compliance posture is scored against EU AI Act, NIST AI RMF, and ISO 42001 simultaneously. For organisations subject to EU AI Act Article 9 risk management requirements, Mima maps each AI tool to its regulatory tier and surfaces gaps for CISO review. Token spend analytics track AI cost against policy boundaries. Every governance action is Merkle-signed — the audit trail is cryptographically verifiable.
| Asset Name | Classification | Source | Risk |
|---|---|---|---|
| ChatGPT Enterprise | Sanctioned | Okta OAuth | Low |
| Notion AI Assistant | Monitored | SIEM Web-logs | Medium |
| Midjourney Design | Blocked | Browser Ext | High |
| LM Studio (Local Model) | Local | Endpoint Agent | Low |
| Copilot MCP Server | Unclassified | Network Hook | Medium |