AI Agent Access Control for Regulated Industries in the EU

Bringing access control evidence to your next compliance audit was already a pain in the past - now AI agents entered the scene. And are making it 10x harder.

Let's be honest: Proving to your auditor that your company runs an end-to-end access control process for your employees (i.e. human users) is something many companies are struggling with until today - even in highly regulated industries.

Access of AI agents makes this 10x harder. Today, agents get introduced by employees directly and connected to other company systems: Static access with broad permissions - and then the agent acts autonomously at machine speed. Zero audit trail.

Controlling this as a central security team is incredibly difficult today - let alone building a log that you can show your auditor. Most compliance frameworks - ISO 27001, SOC2, DORA, etc - haven't been written with AI agent access in mind. But: They require granular access controls - so your auditors will ask for AI access too in your next audit.

What You’ll Learn

• Why agents are a fundamentally different access problem than human access
• Static access, autonomy, catch-all permissions - why all three compound each other
• Why human-in-the-loop approval often breaks down in practice
• How to start with toxic access combinations before touching a single policy
• What EU auditors are already asking about agentic access under DORA/HIPAA/ISO
• How to best prepare yourself to bring agent access control evidence to your next audit

Even if you can't attend, sign up anyway and we'll send you the recording.