[ SYSTEM_DIRECTORY / AI_GOVERNANCE ]

AI Governance

Every AI tool in your estate. Classified, scored, and compliance-mapped.

+ + + +

Mima's AI Governance module maintains a live inventory of every AI asset in your estate — SaaS AI tools, MCP servers, A2A agents, and on-device models like LM Studio and Ollama running below the browser. Each asset is classified (Sanctioned, Monitored, Blocked, Unclassified), scored for risk, and mapped to your DLP policies. Access trails and prompt guard logs provide a forensic record of what was queried, by whom, and with what data.

Compliance posture is scored against EU AI Act, NIST AI RMF, and ISO 42001 simultaneously. For organisations subject to EU AI Act Article 9 risk management requirements, Mima maps each AI tool to its regulatory tier and surfaces gaps for CISO review. Token spend analytics track AI cost against policy boundaries. Every governance action is Merkle-signed — the audit trail is cryptographically verifiable.

Asset NameClassificationSourceRisk
ChatGPT EnterpriseSanctionedOkta OAuthLow
Notion AI AssistantMonitoredSIEM Web-logsMedium
Midjourney DesignBlockedBrowser ExtHigh
LM Studio (Local Model)LocalEndpoint AgentLow
Copilot MCP ServerUnclassifiedNetwork HookMedium