AI Autonomy Levels Model
A four-level classification system that maps AI agent capabilities to governance requirements. Every AI deployment sits somewhere on this spectrum – and governance intensity must match.
Assisted
Human decides, AI informs
AI provides recommendations, analysis, or data summaries. All decisions remain with a human operator. The system has no authority to act.
Governance
Standard review. Periodic audit.
Decision Rights
Human retains full authority.
Example
CV screening suggestions, risk score dashboards.
Supervised
AI acts, human approves
AI generates outputs or takes preliminary actions, but requires human approval before execution. Human acts as gatekeeper with override authority.
Governance
Approval workflows required. Audit trail mandatory.
Decision Rights
Shared – AI proposes, human disposes.
Example
Auto-drafted contracts pending review, AI-generated shortlists.
Delegated
AI acts within defined boundaries
AI operates autonomously within predefined guardrails, policies, and thresholds. Exceptions trigger human escalation. Monitoring is continuous.
Governance
Real-time monitoring. Escalation protocols. Regular governance review.
Decision Rights
AI holds operational authority. Human retains strategic override.
Example
Automated loan pre-approvals within risk parameters.
Autonomous
AI acts independently, reports after
AI makes and executes decisions without prior human approval. Humans receive post-hoc reports. Governance is structural, not operational.
Governance
Board-level oversight. Full observability stack. Regulatory reporting.
Decision Rights
AI holds full authority. Human role is governance, not operation.
Example
Autonomous trading agents, self-scaling infrastructure, agentic workflows.
Governance Principle
As autonomy increases, governance must shift from operational approval to structural accountability. The question moves from "Did a human approve this?" to "Is the system designed so that accountability is never ambiguous?"
Sources: EU AI Act risk classification (2024), NIST AI RMF 1.0, ISO/IEC 42001:2023