Governance as Code — AI Value Worx

A fire-safety policy does not hold back smoke. A fire door does.

Building safety does not depend on people remembering rules under pressure. It depends on doors that close, walls that resist fire, escape routes that exist by design. The policy matters — it expresses intent, defines responsibility, satisfies regulators — but the policy is not what stops the spread of fire. The component is.

This is what good governance increasingly looks like across many domains: not the document that describes the rule, but the system that makes the rule operate at the moment it matters. The principle is older than software, broader than engineering, and now urgent in ways it has not been before. AI systems can act faster than any document-paced governance can keep up with. If governance is to mean anything in 2026, it has to live somewhere that can act at the same speed.

An architectural principle in three forms

An earlier article in this series closed with a small example. A workflow that requires AI-assisted work to cite the timestamps of source documents, and verifies those timestamps are current before the work commits, is something different from a policy that says “use up-to-date sources”. The policy depends on memory and discipline. The workflow does not.

That kind of structural control is the operational form of an architectural principle that runs much wider than AI workflows. Across this series, one architectural insight has surfaced in three forms.

For permission, the old mode is case-by-case authorisation — a person asks, another person decides. The new mode is structural permission — the operating model has already decided.

For control, the old mode is supervisory control — a person inspects after the fact. The new mode is structural control — the workflow itself cannot proceed unless conditions are met.

For governance code, the old mode is documentary governance — the rule lives in a PDF. The new mode is governance as code — the rule lives in the system.

Three forms, one architectural move: from descriptive artefacts to structural artefacts.

The deeper treatment of structural permission, and of the supervisory-versus-structural-control distinction that sits inside it, lives in AI Governance from the Boardroom to the Front Line (Baxter & Abraham, 2026b). The foundational executive-and-participative framework that grounds both lives in The Complete Guide to Strategy Governance (Baxter, 2026a). This article takes the third form — governance as code — and asks what it looks like when you take it seriously.

Why documentary governance fails

Documentary governance fails predictably. The PDF that nobody reads. The induction module nobody remembers. The audit pack nobody could reconstruct from. The committee that approves everything because rejecting requires a meeting. The policy that lives on a SharePoint folder while non-compliant systems are deployed daily by people who have never seen the folder.

The pattern is consistent. Documentary governance fails under three conditions. It fails when policy is far from action: a rule on a server cannot stop a deployment script run from a different server. It fails when policy depends on memory or vigilance: humans under load default to habit, not policy. And it fails when policy lacks an enforcement point: a rule with no gate is a wish.

This is not an argument that documents do not matter. Documents express judgment, authority, accountability and intent. These things have to be expressed in language before they can be expressed in code. The argument here is narrower and stronger. The document that describes a rule is not the rule. The rule is what the system actually permits, blocks, logs, escalates or makes impossible at the moment of action.

A policy in a folder does not prevent a non-compliant deployment. A rule in a deployment pipeline does. A safety standard on a regulator’s website does not stop a fire spreading through a poorly compartmentalised building. A fire door that meets the relevant standard, fitted correctly, does. A policy on AI use does not stop an agent from doing what it is technically able to do. A runtime guardrail that constrains the agent’s permitted actions does.

One pattern, four discoveries

The same architectural principle has been independently rediscovered in four traditions. None of them got there through theory. All of them got there because documents alone failed.

In software engineering, the move began with infrastructure. Configurations expressed as code, version-controlled and reviewable before they are built. Then the policy layer: rules about which deployments are permitted, evaluated automatically as a deployment is proposed and refused before it lands. Then compliance: requirements expressed as executable tests so audit becomes mechanical evidence rather than later assertion. Then admission control at the boundary of a runtime cluster, refusing workloads that violate organisational rules. The pattern is the same across these techniques: rules in machine-readable, version-controlled, testable form, embedded into the deployment pipeline rather than living in a separate document about it. NIST’s Secure Software Development Framework and supply-chain integrity guidance treat governance the same way — as something that happens in the pipeline, not alongside it (NIST, 2022; NIST, 2024).

Manufacturing reached the same insight earlier, by another route. Shigeo Shingo’s poka-yoke — mistake-proofing — is the canonical case. The principle is not that defects should be inspected out, but that the work should be designed so defects cannot easily be produced in the first place. A jig that only fits one way. A fastening sequence that physically prevents the wrong assembly order. A signal that becomes immediately visible the moment an error occurs (Shingo, 1986/2021). Healthcare safety has reached the same conclusion through forcing functions and process design. Where a risk is predictable, high-consequence and technically detectable, the system should not rely solely on correct human behaviour. It should contain a designed constraint: an interlock, a checklist gate, a process step that cannot be skipped (Grout, 2007).

The built environment is the third tradition, and the most accessible to anyone outside engineering or manufacturing. Buildings stay safe not because the people in them have memorised the fire-safety code but because regulation operates through layered control: legal duties, approved guidance, certified components, design-stage approval, components that physically perform safety functions, lifecycle inspection records (UK Government, 2025). The Building Safety Act’s “golden thread” is a particularly clean analogue for the audit trail AI governance now needs. It is a digital record of building information across the building’s lifecycle, owned by accountable persons, available for inspection — a living record of what the building is, what has been done to it, and who decided each thing (UK Government, 2024). Same architectural pattern: governance lives in the components, the certifications, the gates and the lifecycle record.

Organisational design has reached the same conclusion. Sociotechnical systems theory showed half a century ago that work systems allocate authority, information, discretion and feedback architecturally — that the design of the work, not the values statement above it, determines what people can actually do (Trist & Bamforth, 1951; Pasmore et al., 2019). Psychological safety research shows that conditions for participation are designed into the operating model, not announced as cultural aspiration (Edmondson & Bransby, 2023). Participative governance inverts the default: people may act unless a specific policy prohibits it (Kamer, 2021; Parker Jones, 2026). Self-managing organisations embed governance in team size, role design and information flows rather than in rule books (Gray, Sarnak & Burgers, 2015). This is the social form of the same architectural principle — the ground covered in the earlier articles in this series.

The same architectural insight, four times, in four different traditions. Not because they read each other. Because documents alone fail in the same way every time.

What governance as code actually is

What is governance as code, then? Putting together the four traditions:

Governance as code is the practice of translating governance intent into version-controlled, testable, enforceable rules embedded into the work, with the evidence of every consequential decision generated by the system itself.

This is not the replacement of governance with software. It is the translation of important, repeatable governance decisions into executable rules, gates, runtime constraints, evidence requirements and audit trails embedded directly into the systems where consequential work happens. Documents do not disappear. They become the source of authority for the rules the system enforces.

The architecture has six layers.

The first is intent — what matters, what must never happen, what must always happen, who owns the policy. Intent begins in language because judgment begins in language. The second is specification — the rule expressed as structured logic, reviewable by the policy owner before it becomes executable: the bridge between language and code. The third is machine-readable policy — the rule expressed as configuration, validator, access rule, workflow gate or runtime guardrail. The fourth is the enforcement point — the gate where the rule actually acts: a pull request, a deployment pipeline, an admission controller, a workflow step, an agent runtime. The fifth is evidence — the audit trail the system generates: which version of the rule was applied, which input state was evaluated, which actor was involved, which outcome was produced, which exception was approved. The sixth is lifecycle — the governance of governance: who owns each rule, when it is reviewed, when exceptions accumulate enough to indicate the rule itself is wrong, when it is retired.

Diagram of the six-layer architecture of governance as code: Intent, Specification, Machine-readable Policy, Enforcement Point, Evidence, Lifecycle. — Figure 1. The six-layer architecture of governance as code: Intent, Specification, Machine-readable Policy, Enforcement Point, Evidence, and Lifecycle.

The model is generic. It applies to cloud infrastructure, AI agents, workflow tools, building inspection regimes, team charters and the standing orders of a board. The form changes; the architecture is the same.

AI is what makes the principle urgent

AI is what now makes the principle urgent. AI capabilities run faster than document-paced governance can keep up with. Once an AI agent can read across a repository, draft a deployment script, send an email to an external recipient or change a record in a production system, the gap between “we have a policy” and “the system enforces the policy” stops being a quality problem. It becomes a safety problem.

The structural form is straightforward. An agent may read across a repository but may write only inside an approved working directory. An agent may draft an email but may not send externally without confirmation. An agent may change a task status only when a validator has confirmed the underlying conditions are met. Each of these is the technical analogue of bounded autonomy: the same principle that gives a team a defined action space gives an agent a defined action space. The agent is not freer than the team. Both operate within an architected permission structure.

The international standards reflect this without quite saying it. NIST’s AI Risk Management Framework, ISO/IEC 42001 and the EU AI Act do not use the phrase “governance as code” (NIST, 2023; ISO, 2023; European Union, 2024). But their requirements — risk management, logging, oversight, lifecycle responsibility — are far more credible when they are embedded in workflows than when they sit in a documentation pack.

What governance as code is not

A note on what this is not.

Encoding a bad policy does not make it good. It makes it faster, more consistent, and harder to ignore — but the policy still has to be right. Governance as code amplifies whatever governance intent it expresses. The intent has to be worth amplifying.

Documents still matter. They express judgment, authority, accountability and intent. The argument is not that documents are obsolete. It is that documents are no longer where governance lives. Governance lives in the gates the document authorises, the components the standard certifies, the workflows the policy embeds, the agent permissions the runtime enforces. The document remains the source of legitimacy. It is not the source of enforcement.

The argument is not that all written artefacts are weak. It is that descriptive artefacts — the policy that describes what should happen — are weak, while structural artefacts that take effect by their design are strong. The next article picks up a third category: the buildable structural blueprint, which is neither a description nor a running enactment, but the form structural artefacts take when they need to move between organisations.

And the human is not made smaller by this. Governance as code reserves human judgment for the cases that genuinely require it — the novel, the ambiguous, the high-consequence — by automating the cases that do not.

Conclusion

The architectural principle is the same across software, manufacturing, the built environment and organisational design. The form changes — code, component, regulation, role design — but the move is constant. From rules in documents to rules in systems. AI is what now makes the principle urgent, because AI capabilities run faster than any document-paced governance can keep up with.

When governance can be embedded in the system itself, an interesting commercial question follows. If implementation becomes cheaper and the system enforces its own rules, what becomes commercially scarce? And in what form does structural design move between organisations, when the running system itself cannot be transferred? The next article in this series asks those questions (Baxter & Abraham, 2026d) — because once governance lives in code, the specification, not the running software, is the artefact worth owning and the artefact worth transferring.

Governance as code is not the automation of bureaucracy. Done well, it is the architecture of permission.

References

Baxter, M. (2026a) The Complete Guide to Strategy Governance: Executive and Participative Governance from the Boardroom to the Front Line. Goal Atlas.

Baxter, M. and Abraham, P. (2026b) AI Governance from the Boardroom to the Front Line. AI Value Worx.

Baxter, M. and Abraham, P. (2026d) Software by Specification. AI Value Worx.

Edmondson, A.C. and Bransby, D.P. (2023) ‘Psychological safety comes of age: Observed themes in an established literature’, Annual Review of Organizational Psychology and Organizational Behavior, 10, pp. 55–78. Available at: https://doi.org/10.1146/annurev-orgpsych-120920-055217 (Accessed: 30 April 2026).

European Union (2024) Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence (Artificial Intelligence Act). Official Journal of the European Union, 12 July. Available at: https://eur-lex.europa.eu/eli/reg/2024/1689/oj/eng (Accessed: 30 April 2026).

Gray, B.H., Sarnak, D. and Burgers, J. (2015) Home care by self-governing nursing teams: The Netherlands’ Buurtzorg model. New York: The Commonwealth Fund. Available at: https://www.commonwealthfund.org/publications/case-study/2015/may/home-care-self-governing-nursing-teams-netherlands-buurtzorg-model (Accessed: 30 April 2026).

Grout, J.R. (2007) Mistake-proofing the design of health care processes. AHRQ Publication No. 07-0020. Rockville, MD: Agency for Healthcare Research and Quality. Available at: https://www.govinfo.gov/content/pkg/GOVPUB-HE20_6500-PURL-gpo3107/pdf/GOVPUB-HE20_6500-PURL-gpo3107.pdf (Accessed: 30 April 2026).

ISO (2023) ISO/IEC 42001:2023 — Artificial intelligence management system. Geneva: International Organization for Standardization. Available at: https://www.iso.org/standard/42001 (Accessed: 30 April 2026).

Kamer, J. (2021) ‘Create an empowered organization using participatory governance’, The Ready / Medium, 10 March. Available at: https://medium.com/the-ready/create-an-empowered-organization-using-participatory-governance-b5dd2ed20161 (Accessed: 30 April 2026).

National Institute of Standards and Technology (NIST) (2022) Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities. NIST SP 800-218. Gaithersburg, MD: NIST. Available at: https://csrc.nist.gov/projects/ssdf (Accessed: 30 April 2026).

National Institute of Standards and Technology (NIST) (2023) Artificial Intelligence Risk Management Framework (AI RMF 1.0). NIST AI 100-1. Gaithersburg, MD: NIST. Available at: https://nvlpubs.nist.gov/nistpubs/ai/nist.ai.100-1.pdf (Accessed: 30 April 2026).

National Institute of Standards and Technology (NIST) (2024) Strategies for the integration of software supply chain security in DevSecOps CI/CD pipelines. NIST SP 800-204D. Gaithersburg, MD: NIST. Available at: https://csrc.nist.gov/News/2024/nist-publishes-sp-800204d (Accessed: 30 April 2026).

Parker Jones, C. (2026) ‘Permission to Move’, cpj.fyi, 6 April. Available at: https://www.cpj.fyi/posts/permission-to-move/ (Accessed: 30 April 2026).

Pasmore, W., Winby, S., Mohrman, S.A. and Vanasse, R. (2019) ‘Reflections: Sociotechnical systems design and organization change’, Journal of Change Management, 19(2), pp. 67–85. Available at: https://www.tandfonline.com/doi/full/10.1080/14697017.2018.1553761 (Accessed: 30 April 2026).

Shingo, S. (1986/2021) Zero Quality Control: Source Inspection and the Poka-Yoke System. New York: Productivity Press. Available at: https://www.taylorfrancis.com/books/mono/10.4324/9780203733639/zero-quality-control-shigeo-shingo (Accessed: 30 April 2026).

Trist, E.L. and Bamforth, K.W. (1951) ‘Some social and psychological consequences of the longwall method of coal-getting’, Human Relations, 4(1), pp. 3–38. Available at: https://doi.org/10.1177/001872675100400101 (Accessed: 30 April 2026).

UK Government (2024) Keeping information about a higher-risk building: the golden thread. Available at: https://www.gov.uk/guidance/keeping-information-about-a-higher-risk-building-the-golden-thread (Accessed: 30 April 2026).

UK Government (2025) Fire safety: Approved Document B. Available at: https://www.gov.uk/government/publications/fire-safety-approved-document-b (Accessed: 30 April 2026).