- Post History
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Monday - edited Monday
What is AI Control Tower?
AI Control Tower is the ServiceNow control plane for discovering, governing, securing, observing, and measuring AI across the enterprise. It gives AI Stewards, risk and compliance teams, and AI asset owners a single place to maintain visibility and oversight as AI deployments grow in scope and complexity.
The June 2026 release advances three pillars in the same cycle. Discover gets broader automated coverage and new cross-ecosystem publishing capabilities. Govern gets day-one regulatory readiness through pre-built compliance content. Together, these features reduce the manual effort required to keep AI inventories current and compliance programs up to date.
All features in this article are generally available in the June 2026 release.
In this article:
✓ Q1 2026 recap: three features already available
✓ Feature 1: Automated Rules for Managed Assets
✓ Feature 2: Service Graph Connector Discovery — Databricks, Snowflake, Hugging Face
✓ Feature 3: Publish to Microsoft Agent 365
✓ Feature 4: Pre-Built Compliance Content
These features became generally available in the Q1 2026 release. They are the foundation for several capabilities shipping in June.
MCP Servers in the AI Asset Inventory
MCP servers are now tracked as a governed asset type in AI Control Tower, alongside models, agents, datasets, and prompts. AI Stewards can discover, register, and manage MCP servers through the same inventory and lifecycle workflows used for all other AI assets.
- AI Stewards can require formal approval before an MCP server can be activated for use in any agent builder application.
- Unapproved servers are not visible to agent builders — the control is enforced in the tooling, not just documented in policy.
- Once in inventory, MCP servers follow the same lifecycle, offboarding, and change request workflows available for other asset types.
Managed and Unmanaged Assets
AI assets can now be explicitly designated as Managed or Unmanaged, giving teams control over governance scope without losing visibility into the broader AI landscape.
- Only Managed assets have governance workflows, risk assessments, value measurement, and monitoring enabled.
- Only AI Stewards can move assets between Managed and Unmanaged states.
- Product Owners and other personas have visibility into Managed assets only, keeping their experience focused.
- Historical data and audit trail are preserved when an asset is moved out of active governance.
Salesforce Discovery
AI assets deployed in Salesforce are now discoverable through a standardized Service Graph Connector, bringing Salesforce AI into the central inventory alongside other platforms.
Enhanced AI Asset APIs
Updated APIs expose detailed asset metadata, lifecycle states and status, and risk and controls information, making it easier to integrate AI Control Tower data with external tools and workflows.
AI Asset Lifecycle: Change Management and Offboarding workflows and Use & Purpose
AI assets can now be formally offboarded through a governed workflow. A structured Use & Purpose field captures why an asset exists, providing the context needed for accurate risk classification and compliance assessment.
AI Gateway is ServiceNow's governance layer for AI agent connections, sitting between agents and MCP servers to give AI Stewards centralized control over which connections are allowed, how they're authenticated, and what's happening across them in real time.
Centralized MCP Server Governance
AI Stewards can browse and import MCP servers directly from the MCP community catalog, integrated into AI Control Tower. Selecting a server auto-populates its details — URL, authentication type, and exposed tools — with no manual entry required. Every server moves through a defined approval lifecycle (In Review → Approved → Active → Deprecated) and the full history is logged.
Frictionless Client Registration
Register a CIMD-enabled host once in AI Control Tower and that registration applies across all MCP servers on that host — no repeat setup as new servers are added. MCP servers can also be imported directly from the Anthropic-managed MCP catalog, auto-populating server details with no manual entry required.
Automated Sensitive Data Protection
AI Stewards can activate PII detection for any MCP server using a single toggle. Once enabled, every call is automatically scanned; if sensitive data is detected, AI Gateway blocks the entire payload before it reaches the requesting agent. No code changes are required from agent builders.
Enforced Approvals in AI Agent Studio
When the mandate is enabled by an AI Steward, dropdowns in AI Agent Studio show only approved MCP servers. Unapproved, rejected, and paused servers are hidden from selection — the governance decision is enforced in the tooling, not just documented in policy.
Enhanced Connection Analytics
The Security & Privacy tab in AI Control Tower shows which clients are connecting to MCP servers, authorized access attempt counts, and failed access attempt counts, alongside the existing request volume, tool-level call counts, and latency metrics available from the KPIs & Metrics tab.
Risk-Based Classification at Intake
Risk assessment questions are now embedded in the AI asset intake form. High-risk or non-compliant submissions are automatically flagged for AI Steward review, so assets entering the CMDB carry an initial risk classification from day one — without requiring a separate triage step.
- Risk classification (High / Medium / Low) is based on the asset's use and purpose, captured at intake.
- Flagged submissions route automatically to the AI Steward for review before the asset is onboarded.
Anonymous Reporting of AI Cases
Users can now report concerns about AI misuse or incidents without identifying themselves, supporting whistleblowing requirements and encouraging broader participation in AI oversight.
BYOK Model Provider Governance
AI Stewards can now govern customer-configured model providers alongside ServiceNow OEM providers from a single configuration page. Data routing controls and approval enforcement at the Skill Kit level ensure that only approved providers and models are available to skill and agent builders.
Improper Output Handling
A runtime metric that provides two complementary guardrails for ServiceNow AI agents, surfaced under Agentic Threat Monitoring in the Security & Privacy tab in AI Control Tower. Agent deviation detection flags when an agent strays from its authorized role or constraints — including prompt injection attempts, role boundary breaches, and override attempts. Output screening scans agent outputs deterministically for PII leakage and embedded security vulnerabilities including XSS, SQL injection, and remote code execution — without additional LLM calls. Each detection includes explicit evidence and reasoning to support investigation, audits, and regulatory reviews. Configurable sampling, thresholds, and coverage are available through the Security & Privacy tab.
Security Policy Violation Detection
Surfaced under Data Model Integrity in the Security & Privacy tab — distinct from Agentic Threat Monitoring — this capability continuously scans LLM outputs across all invocation types (user, agent, and skill) against enterprise policy rules. It detects harmful content, jailbreaks, and refusal quality issues, flagging both cases where the model helps when it shouldn't and cases where it refuses when it could have safely answered. Full evidence and reasoning is included for each finding.
The following features are generally available in the June 2026 (Australia) release.
Managing an AI inventory at scale requires keeping priority assets under active governance without relying on manual effort. Automated Rules let AI Stewards define recurring criteria that automatically move matching assets into the Managed state — on demand or on a schedule.
How it works:
- Define up to 10 rules, with 5 active at a time. Three rules are included out of the box.
- Rules evaluate asset attributes and promote matching assets to Managed state automatically.
- Rules can be triggered on demand or run on a recurring schedule.
✓ Key Takeaway: Priority assets stay continuously governed without ongoing manual promotion — even as your AI inventory grows.
Discovering AI across the enterprise requires coverage across the platforms where models and agents are actually built and deployed. This release adds three new generally available Service Graph Connector (SGC) discovery integrations, and simplifies credential management for AWS and Azure.
New connectors:
- Databricks — discover models and agents deployed on Databricks.
- Snowflake — discover AI assets running in the Snowflake data platform.
- Hugging Face — discover models published to or sourced from Hugging Face.
Tenant-level credentials for AWS and Azure:
Set credentials once at the tenant level and all accounts and projects are discovered automatically — no per-account credential setup required.
Organizations standardizing on Microsoft Agent 365 need their ServiceNow-built agents represented in that registry. Starting this release, AI asset owners can publish a managed ServiceNow agent to the Microsoft Agent 365 directory directly from the asset record in AI Control Tower.
How it works:
- The publish action appears on the managed AI agent record — no separate configuration required.
- Once published, the agent appears and can be managed in both AI Control Tower and Agent 365.
- A single source of truth for governance is maintained across both registries.
✓ Key Takeaway: This capability applies to managed AICT agents and is the foundation for future Agent 365 governance and enforcement — extending AI Control Tower oversight into the Microsoft ecosystem.
Building an AI regulatory compliance program from scratch is time-consuming, and new state-level AI regulations are moving into enforcement quickly. Pre-built compliance content gives organizations ready-to-activate content packs so they can stand up a compliance program in hours rather than months.
What's included:
- California AI Act — ready-to-activate pack with regulations, citations, control objectives, and risk statements.
- Colorado AI Act — same structure; activate directly from the content library.
- EU AI Act — content now expanded to include control objectives and risk statements, going beyond citations alone.
Common controls alignment:
A single control can be mapped to multiple regulatory frameworks — California AI Act, Colorado AI Act, EU AI Act, and NIST AI RMF. Test a control once and demonstrate compliance across all mapped frameworks without duplicating effort per regulation.
⚠️ Note: ISO 42001 content is currently in legal review and will be available in a subsequent release.
| # | Feature | Pillar | What It Does | Roles |
|---|---|---|---|---|
| 1 | Automated Rules for Managed Assets | Discover | Automatically promote matching assets to Managed state on a schedule | AI Steward |
| 2 | SGC Discovery: Databricks, Snowflake, Hugging Face + Tenant-Level Credentials (AWS, Azure) | Discover | Expand AI inventory coverage; simplify tenant-wide credential setup | AI Steward, AI Asset Owner |
| 3 | Publish to Microsoft Agent 365 | Discover | Register managed ServiceNow agents in the Microsoft Agent 365 directory | AI Steward, AI Asset Owner |
| 4 | Pre-Built Compliance Content | Govern | Activate California and Colorado AI Act packs; test once, comply across multiple frameworks | Risk & Compliance Analyst, AI Steward |
