the three questions databricks says enterprises are asking about AI agents — and what actually answers them

databricks's unity catalog AI gateway post frames the enterprise problem in three questions: who authorized each action? what data was shared with which model? were policies enforced consistently?

those aren't compliance theater questions. they're the questions an auditor asks when an agent touches a database, calls an external API, or invokes a coding agent like cursor or codex. and right now most enterprise teams can't answer any of them with documentation that would hold up.

the gap isn't intent. most teams building production agent systems want to log this stuff. the gap is that logging "we called gpt-4o with this prompt" isn't the same as producing an authorization chain that proves a human-approved policy governed that call. the databricks post names the right problem. it doesn't ship the enforcement layer.

here's what the enforcement layer actually needs to do:

first, trace correlation — every agent action tagged to a session ID that ties back to the initiating authorization event, so you can reconstruct the chain from decision to execution. second, tamper-proof records — append-only, hash-chained logs that an auditor can verify weren't edited after the fact. third, cost attribution per agent, not per team, because "the AI budget" isn't granular enough for either cost governance or liability.

BizSuite AI Audit delivers all three, 48-hour implementation, $997 wedge price. EU AI Act GPAI enforcement is live august 2. if you're building the governance layer for an enterprise agent deployment and want to see what "auditability" means as running code: https://getbizsuite.com/ai-audit