AI Governance Framework
ASG Confidential · v1.0 · Updated February 2026
ASG's enterprise AI governance framework defines how client data is handled, isolated, audited, and protected across every engagement. This framework is our enterprise moat — the answer to every CISO, general counsel, and compliance team that asks "what happens to our data?"
TL;DR — ASG's Core Commitments
Data Residency & Storage
Client data never leaves the agreed boundary. ASG does not train on client data.
No model training on client data
Client inputs, outputs, and documents are never used to fine-tune or retrain any AI model. Zero carryover between client sessions.
Configurable residency
By default, data flows through Anthropic's API (US-based) and ASG's Azure infrastructure (region-configurable). Enterprise clients may specify US, EU, or regional data residency requirements.
Ephemeral processing
Prompt/completion payloads are not persisted by ASG beyond the active session unless the client explicitly enables logging for their own audit purposes.
Document handling
Client documents uploaded for analysis are processed in-memory and purged post-session. Long-term document storage is client-controlled, not ASG-controlled.
Client Isolation Architecture
Hard boundaries between clients at every layer. No cross-contamination of context, data, or outputs.
Session isolation
Each client engagement runs in a fully isolated agent session. No shared context, no shared memory, no shared conversation history between clients.
Credential separation
Each client may use their own API keys (Anthropic, Azure, etc.). ASG can operate with client-provided credentials that never leave the client's environment.
Namespace isolation
Vector stores, document indices, and any persistent embeddings are namespaced per client. A query from Client A cannot retrieve data from Client B's namespace.
Agent scope enforcement
AI agents are scoped to defined tool sets and data access permissions per engagement. Agents cannot self-expand their access scope.
Access Controls & Identity
Principle of least privilege throughout. Human oversight maintained at every escalation point.
Role-based access
ASG team members access client data on a need-to-know basis only. Engagement leads, not the full team, have access to client workspaces.
Human principals in the loop
ASG's AI agents operate under human oversight. No autonomous action with material client impact occurs without human review. The principals (JJ, Nick) have override authority at all times.
Client portal access
Clients access their deliverables through authenticated portals. Sharing links are scoped, time-limited, and auditable.
Credential hygiene
API keys and service credentials are rotated on a defined schedule, stored in secrets management (Azure Key Vault), and never appear in codebases or logs.
Audit Trail & Logging
Every significant agent action is logged with timestamp, actor, and rationale. Clients can request full audit exports.
Agent action logging
All AI agent actions (file reads, API calls, data transformations, outputs) are logged with timestamp, agent ID, and the triggering context. Logs are immutable.
Decision traceability
For analytical outputs (risk scores, method recommendations, efficiency ratings), ASG maintains a traceable chain from input data → model → output. Clients can audit how any conclusion was reached.
Access logging
All human access to client workspaces and data is logged. Logs are retained per contractual and regulatory requirements (minimum 7 years for financial/tax-adjacent work).
Client-facing audit export
Enterprise clients can request a full audit log export in standard formats (JSON, CSV) covering the duration of their engagement.
Model Governance & Selection
ASG's Smart AI Routing system selects models on technical merit. Clients know what models touch their data.
Disclosed model usage
ASG discloses which AI models are used in each engagement (e.g., Anthropic Claude, GPT-4, specialized models). Clients may restrict usage to approved models.
Model substitution policy
If a model provider changes their data handling terms in a material way, ASG notifies clients within 5 business days and adjusts routing if required.
No shadow AI
ASG does not use consumer-grade or unvetted AI tools in client work. All models used have enterprise data processing agreements (DPAs) in place.
Output quality gates
ASG's routing system includes quality gates — outputs below confidence thresholds are flagged for human review before delivery. No unreviewed AI output goes to clients in high-stakes domains.
Incident Response
Defined response playbook. Client notification within 24 hours of any confirmed data incident.
24-hour notification
In the event of a confirmed data security incident affecting client data, ASG notifies the client within 24 hours with: what happened, what data was affected, what has been done, and next steps.
Containment-first protocol
Upon incident detection: (1) isolate affected systems, (2) preserve evidence, (3) assess scope, (4) notify client, (5) remediate. Containment precedes public communication.
Post-incident review
Every incident receives a formal post-mortem within 14 days: root cause analysis, timeline, corrective actions, and policy updates. Shared with affected clients upon request.
Continuity planning
ASG maintains backup service pathways. If a primary AI provider experiences downtime, backup routing activates automatically. Clients experience no interruption to critical workflows.
Compliance & Regulatory Posture
Built for enterprise and regulated industries. SOC 2, GDPR, and CCPA readiness roadmap in progress.
SOC 2 Type II (roadmap)
ASG is building toward SOC 2 Type II certification. Current controls cover Security, Availability, and Confidentiality trust service criteria. Target certification: Q4 2026.
GDPR-ready architecture
For EU-based clients or EU data subjects: data residency can be restricted to EU Azure regions, right-to-erasure requests are supported, and DPAs are available upon request.
CCPA compliance
For California-based clients: ASG does not sell personal data, supports data subject access requests, and maintains required privacy disclosures.
Financial services alignment
For engagements touching financial or tax data: ASG operates under NDAs with explicit trade secret and confidentiality provisions. All staff with access to financial data sign purpose-limited confidentiality agreements.
Human Oversight Commitment
AI accelerates. Humans decide. No material client output ships without human review.
The human-in-the-loop rule
For all client-facing deliverables: AI agents draft, analyze, and synthesize. A human ASG principal reviews, edits, and approves before delivery. This is non-negotiable in regulated domains.
Escalation protocol
AI agents are configured to flag uncertainty, conflicting data, or out-of-scope requests to human principals. Agents do not speculate beyond their defined knowledge boundaries.
Override authority
Human principals (JJ, Nick, designated client contacts) can override any AI agent action at any time. The kill switch is always available.
Continuous calibration
ASG reviews agent performance on a per-engagement basis. Agents that produce errors or drift from expected quality thresholds are recalibrated before the next engagement.
Lex — Legal Standing
This framework forms the basis of ASG's client data processing agreements (DPAs) and enterprise NDAs. Lex recommends formalizing this into a signed client addendum for any engagement involving regulated data (financial records, tax documents, PII). Before sharing externally, have counsel review the SOC 2 and GDPR language — the commitments are accurate but should be qualified appropriately for the current pre-certification stage.