What is AI governance as code?

AI governance as code means expressing AI governance policies as executable code — not PDF documents, spreadsheets, or natural language guidelines — so that policies are automatically enforced, version-controlled, testable, and auditable.

The evolution of AI governance:

• Governance as documents (traditional): Policies written in PDFs, reviewed annually, violated daily — no enforcement mechanism
• Governance as configuration (YAML/JSON rules): Better than documents but still interpreted by probabilistic models — not deterministic
• Governance as prompts (system prompt instructions): "Don't delete databases" in the system prompt — easily bypassed by prompt injection
• Governance as code (Exogram's approach): Python logic gates that evaluate every action deterministically — same input always produces same output, testable with unit tests, deployable through CI/CD

Exogram's 8 policy gates are Python functions. They can be tested with pytest. They can be reviewed in pull requests. They can be deployed through your existing CI/CD pipeline. They can be rolled back with git revert. When a regulator asks "what governance controls do you have?", you show them code, not a policy manual. Code is the policy. The policy is the code.