Every enterprise is writing AI agent governance policies. Almost none can measure whether the agents follow them. Governance you can’t measure isn’t governance — it’s paperwork.— The Reveille Perspective
The agents are already here, at scale. Microsoft reports that 80% of the Fortune 500 now run active AI agents, and a majority of organizations have them in production, not pilots. In response, governance has become the boardroom word of 2026 — policies, frameworks, agent registries, approval gates. The intent is right and overdue.
But look at what the research actually says is failing. Analyses converging from OWASP’s GenAI project and enterprise security teams keep landing on the same conclusion: the governance gap is not primarily a policy gap. It is a measurement and control-infrastructure gap. The dominant failure modes — observability failures, identity-propagation errors, behavioral-authorization shortfalls — are all things you cannot govern because you cannot see them. Industry research finds fewer than one in ten enterprise applications are fully observable; for agentic systems, the number is lower still.
So the frameworks pile up while the instrumentation to enforce them does not. That distance between the policy you wrote and the behavior you can actually verify is the real exposure. We call it the Measurement Gap.
Core Tension
Enterprises are governing AI agents with documents that describe desired behavior, while the actual behavior — what the agent read, changed, and committed — goes unmeasured. A policy no one can measure against is a statement of intent, not a control.
Quick answers
What is the AI governance measurement gap?
Why do AI agent governance programs fail even with policies in place?
Can OpenTelemetry and APM observability govern AI agents?
How do you govern the content layer AI agents act on?
01 — The Setup
Governance became a document. Behavior stayed invisible.
The rush to govern AI produced a great deal of policy and very little measurement. The two are not the same thing, and only one of them is a control.
When a category matures under pressure, the paperwork arrives first. Over the past year, enterprises stood up AI governance councils, wrote acceptable-use policies for agents, built registries of which agents exist, and added human approval gates to high-risk workflows. This is necessary work. It is also, on its own, unenforceable — because a rule you cannot measure compliance against is a rule in name only.
Consider what a typical agent policy asserts: “agents may only act on current, authorized documents,” or “extraction results below a confidence threshold must be escalated, not committed.” Sensible rules. Now ask the operational question: what system continuously verifies that the document an agent read was the current, authorized one — and fires when it wasn’t? For most enterprises, the answer is nothing. The policy lives in a governance portal; the behavior happens three systems away, on an invoice or a medical record — in an Enterprise Content Management (ECM) repository or an Intelligent Document Processing (IDP) pipeline — that no governance tool is watching. The rule and the reality never meet, because nothing measures the space between them.
02 — The Evidence
The failure modes are all measurement failures
Strip the jargon from the research and every headline agentic-governance risk resolves to the same root: no one is measuring what the agent did at the content layer.
The security community has named the dominant failure modes precisely — observability failures, identity-propagation errors, behavioral-authorization shortfalls. Read them as operational events, not abstractions. An identity-propagation error is an agent acting on a document under the wrong entitlement because the authorization context was lost in a handoff between systems. A behavioral-authorization shortfall is an agent doing something it was never cleared to do — and nothing catching it in the act. Each is invisible to policy and to infrastructure telemetry alike, because each is a fact about content, and content is exactly what neither layer measures.
03 — The Framework
Governance needs a meter, and the meter has a layer
You close a measurement gap with measurement — independent, continuous, and pointed at the layer where agent behavior actually occurs.
Reveille pioneered Content Observability: the continuous visibility, assurance, and optimization of the content and document workflows that drive business outcomes and feed AI. In governance terms, it is the meter the policy layer has been missing — the system that measures, continuously and independently, whether what an agent read and did at the content layer matches what it was authorized to do.
Two properties make it a governance control rather than another dashboard. First, it is independent by structure — the only observability layer not built, sold, or operated by the platforms it measures, which is the entire basis of evidence an auditor or regulator will accept. Second, it speaks the content layer natively across ECM, IDP, and Robotic Process Automation (RPA), so it watches the handoffs between them where identity and authorization quietly break. Cloud-native by design, deployment-agnostic by choice, it generates the content-layer signal that policy frameworks and OpenTelemetry traces can’t produce on their own — and feeds it into the security and audit tools your teams already run, so governance becomes something you measure, not just something you write.
Reveille — Intelligent Automation Assurance
Reveille is the independent Content Observability layer that turns AI agent policy into measurable, audit-ready control — across Hyland, OpenText, ABBYY, IBM, Tungsten, UiPath, Microsoft, and Box. The meter your governance framework has been missing. See it on your stack →
04 — The Matrix
Where each governance failure actually gets caught
Map the named failure modes to the layer that can see them, and the gap becomes obvious.
| Failure mode | Policy framework | OpenTelemetry / APM | Content Observability |
|---|---|---|---|
| Observability failure (can’t see what the agent did to content) | Defines the rule | Sees the call, not the content | Measures the content action end to end |
| Identity-propagation error (wrong entitlement after a handoff) | States the requirement | Blind to cross-vendor seams | Watches the handoff between platforms |
| Behavioral-authorization shortfall (agent acts beyond its clearance) | Prohibits it on paper | No content-level authorization view | Detects the unauthorized content action |
| Audit evidence (prove what document drove a decision) | Requires it | Trace without content context | Independent, content-level record |
05 — The Point
Two ways your AI governance program gets tested
Same policies, same agents — the difference is whether anything was measuring behavior when the question finally came.
In one version, the governance program was built on measurement from the start. When an agent acts on a stale document or crosses an authorization boundary, the content layer catches it in the moment, and the record exists before anyone asks for it. When the auditor arrives, “show me” is answered with a log, not a scramble. The policy was real because it was enforceable.
In the other, the program was a binder of well-intentioned rules with nothing measuring against them. The agents mostly behaved — until one didn’t, in a way no policy tool could see and no telemetry trace could explain, and the incident surfaced as a compliance event with no independent evidence of what actually happened. The rules were fine. The measurement was missing.
The difference isn’t the quality of your policy — it’s whether anything was measuring the behavior the policy describes.
Every enterprise can write the rules for its agents. The only question that decides whether that counts as governance is the one the framework can’t answer for you: when an agent breaks the policy, does anything you own actually see it happen?




