Draft - pending review · 3 June 2026

Agent Operating System

The operating environment for governed digital employees.

Enterprise AI has a deployment problem. Agents are easy to build. They are hard to run at scale, across systems, with the identity, permissions, and policy enforcement that enterprise operations actually require. The common answer is to put governance inside each agent, which means every new use case repeats the same governance work by hand, by a developer, at build time.

The NEWWORK Agent Operating System takes a different approach. Governance is a property of the execution environment, not a property of each agent. When a digital employee is deployed, it enters an operating context that already knows who it is, what it can access, where it can act, and when a human needs to stay in the loop. That context does not get rebuilt for every workflow. It is already there.

Where governance lives

Governance belongs to the environment, not to the agent.

The difference decides whether enterprise AI scales or stalls. Put the rules in each agent and you re-do the work every time. Put them in the environment and they are enforced once, for every agent that runs inside it.

Governance in the agent

Every use case starts the governance work over.

Identity, permissions, approval logic, and audit get coded into each agent at build time. A new workflow means the same developer effort again. The boundary is only as good as what one builder remembered to include, and there is no single place to prove it holds.

Governance in the environment

The operating context is already in place.

A digital employee enters a runtime that already enforces who it is, what it can reach, where it can act, and when a person decides. The context is not rebuilt per workflow. Adding capability does not mean adding governance work.

The runtime contract

What every digital employee carries before it can act.

Each digital employee in the NEWWORK platform runs under a runtime contract. These are not configuration options that can be skipped. They are required conditions of execution.

01 · Identity

An assigned identity

The digital employee acts as a known principal. Every action ties to that identity, never to a shared or anonymous service account.

02 · Ownership

A named owner

A human owner is accountable for the digital employee and answers for what it does in production.

03 · Scope

Permitted tools and data

A defined set of tools it can call and data it can reach. Anything outside that set is not available to it.

04 · Autonomy

An autonomy level

How far the digital employee can act on its own before a person is required to decide.

05 · Approval

An approval boundary

The point at which a decision routes to a human for sign-off, set by role, risk, and policy.

06 · Evidence

A continuous audit trail

Every action recorded as it happens, from request to result, ready for review without reconstruction.

An agent without a runtime contract does not run. Governance is the precondition for execution, not a setting applied afterward.

Enforcement at the moment of action

Enterprise work is not single-system. Neither is the boundary that governs it.

Real work crosses systems with every step. The question is not whether the developer who built an agent thought through permissions. It is whether the execution layer enforces the right boundary at the moment of action, every time, regardless of which agent is acting.

An onboarding workflow

  • Identity provisioning
  • Payroll
  • Facilities
  • Access control

A procurement exception

  • Spend limits
  • Approval authority
  • Vendor records
  • Compliance policy

When agents act across those systems, the Agent Operating System enforces the correct boundary at the point of execution. Same enforcement, every agent, every action, no matter who built it.

Agents live in the org chart

Not as a visual metaphor. As an operational fact.

A digital employee is assigned to a department and inherits the access rights, approval structure, and policy scope of that organizational context. When the organization changes, its execution context changes with it.

01
Assigned to a department

The digital employee takes a place in the org structure, the same way a person joining a team would.

02
Inherits its context

Access rights, approval structure, and policy scope come from that department, not from per-agent setup.

03
Organization changes

A reorganization, a new approver, a revised policy. The org chart is updated once.

04
Context follows

The agent's execution context updates with it. No manual reconfiguration. No drift between what the org chart says and what the agent can do.

Architecture that scales

Adding a digital employee does not mean adding governance work. It means placing a role into an environment built to govern it.

Because identity, permissions, policy, approval, and audit are properties of the environment, growth is a matter of assigning roles, not rebuilding controls. The platform scales because the governance does not have to be re-earned each time.

Book architecture session