AI-Augmented Delivery

AI Control Tower in Practice: Governing AI Models Across ServiceNow

By Iconica Editorial
7 min read · Updated June 2026
Table of contents
Summary

Most enterprises are now running more AI than they have inventoried. ServiceNow AI Control Tower — significantly expanded at Knowledge 2026 — addresses this directly, giving organisations the infrastructure to discover, govern, secure, observe, and measure every AI agent and model across their estate, regardless of where it runs. But the platform capability is only half the equation. Governance that works in practice requires an architectural layer that most deployments are missing.

AI Control Tower in Practice: Governing AI Models Across Your ServiceNow Environment

Enterprise AI adoption has moved faster than enterprise AI governance.

The pattern is consistent across industries: an organisation pilots a generative AI tool, the results are promising, procurement follows, and within eighteen months there are AI agents running across ITSM, HR, customer service, and security — built on different models, by different teams, with different permission scopes, and accountable to nobody in particular. The tools work. The visibility does not exist.

ServiceNow's own data illustrates the scale of the problem: the company now tracks over 1,600 AI assets internally, and customers consistently report having more AI in production than they have inventoried or formally accounted for.  The anxiety around this — around control, security, and trust — is not diminishing as AI matures. Two-thirds of enterprise AI leaders have already implemented multi-agent collaboration in live or pilot workflows, yet 44% have only moderate confidence that AI agents can act autonomously without human intervention.  Enterprises are deploying faster than they have established trust.

ServiceNow AI Control Tower is the platform's direct response to this gap. What began as a governance dashboard has evolved into what ServiceNow now describes as a command center for managing AI assets across an entire enterprise, including those running outside ServiceNow's own platform.  This article explains what that means in practice, what the five governance dimensions of AI Control Tower actually cover, and — critically — what architectural discipline has to exist alongside the platform for any of it to hold.

What AI Control Tower Is — and What Changed at Knowledge 2026

ServiceNow AI Control Tower is an enterprise AI governance and management solution built on the ServiceNow AI Platform. It helps organisations centrally manage AI agents, AI models, AI assets, identities, risks, compliance, runtime performance, and business value across the enterprise.

The original version, introduced at Knowledge 2025, was primarily a visibility tool — it gave platform teams a governance layer, a way to see what AI was running and under what conditions. At Knowledge 2026, ServiceNow expanded AI Control Tower with new capabilities that give enterprises control over every AI system, agent, and workflow, regardless of where it runs.  The shift is from visibility and management into what ServiceNow calls a comprehensive, end-to-end solution operating across five dimensions: Discover, Observe, Govern, Secure, and Measure.

Understanding those five dimensions is the starting point for any practical governance conversation.

The Five Dimensions — What Each One Actually Does

Discover

The first governance problem is inventory. You cannot govern what you have not found.

AI Control Tower can now discover AI assets, models, agents, prompts, and datasets running across an organisation's full technology estate, not just those deployed on ServiceNow.  Discovery covers 30 new enterprise integrations spanning Amazon Web Services, Google Cloud, and Microsoft Azure, and enterprise applications such as SAP, Oracle, and Workday. Discovery also extends to non-human identities and connected devices, bringing OT and IoT assets into the same governance model as AI agents and cloud services.

The practical implication: if your organisation has deployed Now Assist alongside Copilot integrations, custom agents built on third-party models, and AI-assisted workflows in HR and security, AI Control Tower can surface all of them in a single inventory — not just the ones ServiceNow built. That matters because shadow AI is not a security concern in isolation. It is a governance architecture problem that compounds as agent proliferation accelerates.

Observe

Discovery tells you what is running. Observation tells you how it is behaving.

Runtime observability into AI agent behaviour helps teams understand how agents reason, where they make decisions, and when action is needed.  This is materially different from monitoring uptime or response time. Agent observability means understanding the decision path — what inputs the agent received, what actions it took, and whether those actions were within scope of what it was authorised to do.

The kill switch demonstration during the Knowledge 2026 keynote, where a prompt injection attack attempted to override pricing rules and suppress its own audit logs, was theatrically staged but technically honest. Agent misbehavior in production is not hypothetical. It is an emerging operational risk category, and most enterprises have no purpose-built response to it today.  

Govern

Governance is where policy meets enforcement. AI Control Tower covers AI lifecycle management, risk assessment, integrated controls, and continuous compliance demonstration. The key word is continuous — not point-in-time audit evidence, but ongoing enforcement of the policies the organisation has defined.

The Veza integration brings patented access graph technology into the Control Tower, mapping permissions across every human identity, non-human identity, and AI agent — currently covering over 30 billion fine-grained permissions at the data layer. When a vendor updates a model or agent, the platform detects the resulting permission changes and triggers a re-scoping workflow automatically.

This addresses one of the most practically awkward aspects of AI governance: model updates. An AI agent whose behaviour changes because the underlying model was updated — without any change to the organisation's own configuration — is a governance gap that most frameworks have not yet caught up with. Automated re-scoping when a model changes is not a minor feature.

Secure

AI Control Tower integrates identity access governance to hyperscaler AI environments, with every agent, model, and action carrying scoped permissions, least-privilege enforcement, and auditable identity chains.  

Security in an agentic environment is structurally different from security in a traditional application environment. An AI agent that can take actions — initiate approval workflows, update records, trigger playbooks — is not simply a tool that queries data. It is an actor with permissions, and those permissions need to be bounded, verified, and auditable in the same way human identities are. The integration with Veza's access graph brings that discipline to AI agents specifically.

Measure

Many organisations invest in AI but struggle to prove business value. AI Control Tower helps measure AI impact with metrics such as cost tracking and ROI dashboards — connecting AI investment with measurable outcomes.  Runaway model spend ranks among the biggest pain points enterprises currently face as they scale AI deployments, and the measurement dimension is ServiceNow's direct response to the CFO question: where is the value?  

The Governance Gap the Platform Alone Cannot Close

AI Control Tower is a significant piece of governance infrastructure. What it cannot substitute for is the architectural discipline that determines whether governance policies are coherent in the first place.

This distinction matters more than it sounds. A governance platform enforces the rules you define. If the rules are defined inconsistently — different permission scopes for similar agents, different standards for what counts as acceptable autonomous action, different definitions of what requires human approval — the platform enforces that inconsistency at scale. It does not resolve it.

In Iconica's delivery model, this is precisely why AI-Augmented Delivery and Architect-First are not independent capabilities that happen to sit in the same framework. The Diamond Playbook is explicit on this point: AI-Augmented Delivery without Architect-First is automation without accountability. The architect provides the guardrails — the standards, the coherence, the judgment — within which augmentation operates safely. Without that, the governance platform is enforcing policies that nobody with full architectural context has validated.

In practice, this means three things have to happen before an organisation can rely on AI Control Tower governance in a meaningful way.

The permission model has to be architecturally designed, not operationally improvised. Which agents are permitted to take autonomous action? At what decision threshold is human approval required? Who owns the scope definition for each agent type? These are architectural questions — they require someone with full platform context to answer them consistently across every agent in the estate. If they are answered agent-by-agent by the teams deploying each tool, the result is a permission landscape that looks governed in the platform but reflects no coherent underlying standard.

The audit trail has to connect to business outcomes, not just operational events. Knowing that an agent took an action is necessary but not sufficient. The governance layer has to connect agent activity to the outcomes the platform was built to deliver — so that when an agent that was supposed to reduce case resolution time is instead generating escalations, that signal surfaces in the accountability layer, not just in the incident log. This is where AI Control Tower's Measure dimension connects to Managed Indicators — the outcome accountability framework within Iconica's InsightNow layer. Operational governance and outcome governance need to be linked from the start.

The human judgment boundary has to be defined before agents go live, not after the first incident. Every agent in a ServiceNow environment is operating within a judgment boundary — a set of decision types it is authorised to resolve autonomously and a set that require human review. Defining that boundary is not a platform configuration task. It is an architectural judgment call that requires understanding the downstream consequences of autonomous action in each process context. An agent resolving a password reset autonomously is a different risk profile from an agent approving a change request or updating an asset record. The distinction matters and it has to be made deliberately, by someone who understands both the platform architecture and the business process at risk.

What Architect-Led AI Governance Looks Like in Practice

When Iconica deploys AI capabilities within a ServiceNow environment, the governance architecture is defined before any agent goes live. The accountable Iconica architect owns the scope of autonomous action for each agent type, validated against the platform's architectural standards and the business process context.

AI Control Tower is then configured to enforce those decisions continuously — not to substitute for them. The platform handles the enforcement layer: permission scoping via the Veza access graph, runtime observability, discovery of any AI assets that emerge outside the governed boundary, and measurement of whether the agents are contributing to the outcomes they were deployed to achieve.

The result is that the governance layer has architectural coherence behind it, not just platform enforcement around it. When a new agent type is introduced — whether a Now Assist capability, a Moveworks integration, or an external agent connecting via Action Fabric and MCP — the scope definition follows the same architectural standard, and AI Control Tower picks up the new asset automatically through discovery.

This is the distinction between governance that is bolted onto an AI deployment after the fact and governance that is designed into it from the start. The platform makes the second model executable at enterprise scale. The architect makes it coherent.

A Practical Starting Point for Platform Owners

For organisations currently running AI capabilities in ServiceNow without a formal governance architecture, the most useful immediate step is inventory. Before any governance framework can be effective, the scope of what needs governing has to be known. ServiceNow's own group VP of AI products put it plainly: "Most organizations have more AI in production than they've inventoried or accounted for — and that anxiety around control, security, and trust isn't going away."

AI Control Tower's Discover dimension addresses the inventory problem. The governance architecture problem — the coherent policy layer that makes discovery actionable — requires the architectural conversation to happen alongside the platform deployment, not after it.

The questions worth asking now, before the next AI capability goes into production:

Who in this organisation is architecturally accountable for the permission model across all AI agents — not just the ones running on ServiceNow? What decision types are each agent class authorised to resolve autonomously, and who signed off on that boundary? When an agent is updated by a vendor, what triggers a governance review, and who owns it? And when AI activity is measured, is it measured against business outcomes — resolution quality, employee experience, process cost — or against operational metrics that tell you what the agent did without telling you whether it was doing the right thing?

These are not platform configuration questions. They are architectural accountability questions. The platform can enforce the answers. Someone with full platform context has to provide them.

Top questions our clients ask

We help organizations develop stronger systems, improved workflows, and more effective teams, guiding them through change with confidence.

What is ServiceNow AI Control Tower and what does it do?

ServiceNow AI Control Tower is an enterprise AI governance platform that helps organisations discover, observe, govern, secure, and measure every AI agent, model, and workflow across their estate — including AI running outside ServiceNow on AWS, Azure, Google Cloud, SAP, Oracle, and Workday. Significantly expanded at Knowledge 2026, it has evolved from a governance dashboard into a full enterprise AI command centre. It addresses one of the most pressing operational challenges enterprises face today: more AI in production than they have inventoried or formally governed.

How does ServiceNow AI Control Tower handle AI agent security?

AI Control Tower integrates identity access governance across every AI agent, model, and connected asset through the Veza access graph — covering fine-grained permissions at the data layer, with least-privilege enforcement and auditable identity chains for every action an agent takes. When a vendor updates a model or agent, the platform detects the resulting permission changes and triggers an automatic re-scoping workflow. It also provides runtime observability into agent decision paths, which is the foundation for detecting and responding to agent misbehaviour such as prompt injection attacks.

Can ServiceNow AI Control Tower govern AI agents that weren't built on ServiceNow?

Yes — this is one of the most significant aspects of the Knowledge 2026 expansion. AI Control Tower now discovers and governs AI assets across the full enterprise technology estate, not just ServiceNow-native capabilities. Through 30 new enterprise integrations and the Action Fabric MCP server, external agents built on Claude, Copilot, or custom platforms can execute governed workflows inside ServiceNow with full identity verification, scoped permissions, and audit trails. Every action routed through Action Fabric runs through AI Control Tower regardless of where the originating agent was built.

What architectural governance does AI Control Tower require to be effective?

AI Control Tower enforces the governance policies you define — it does not resolve inconsistencies in the underlying policy design. For governance to be coherent rather than just present, an architect with full platform context needs to define the permission model for each agent type, establish the human judgment boundary (which decision types require approval vs. autonomous resolution), and connect agent activity measurement to business outcomes rather than operational events alone. Iconica's AI-Augmented Delivery model is built on this principle: the Diamond Playbook treats AI governance and Architect-First as inseparable, because automation without architectural oversight produces outputs that are individually coherent and collectively incoherent.