The promise of AI agents has captivated enterprise leaders, yet many implementations stall before they even begin. The culprit isn’t the reasoning power of the models—it’s the permissions. Every agentic workflow eventually confronts the same challenge: What can this agent access? On whose authority? And how does the system validate each step?
Workday is tackling this head-on by positioning its core operational platform as the governance backbone for AI agents. Gerrit Kazmaier, Workday’s president for product and technology, explained in a recent discussion that organizations often hit a wall when they attempt to bolt AI onto disjointed systems. "Sana ensures that every approval and security protocol remains intact," Kazmaier said. "That’s where we see customers struggle—they build DIY AI solutions that bypass rich security models, leading to overbroad and insecure outcomes."
Workday’s Sana, launched in March, now integrates with Google’s Gemini Enterprise to make agent workflows discoverable and manageable at scale. This partnership allows agents built on Sana to operate within Workday’s established governance framework while leveraging Gemini’s reasoning capabilities.
Building trustworthy agent workflows
For HR and finance teams, accuracy isn’t optional—it’s existential. A miscalculated payroll run or an incorrect promotion decision can ripple through an organization for months. Kazmaier emphasized that "almost right" is unacceptable in these contexts. "Consider paying employees accurately, closing financial periods correctly, or scheduling staff without errors," he noted. "In HR and finance, there’s rarely a chance to correct mistakes after the fact."
Verifying agent behavior in these domains is uniquely complex. Role-based access policies, organizational hierarchies, and regulatory constraints are deeply intertwined. A minor misconfiguration can compound into systemic failure. To address this, Workday layered its own context engine and business logic atop Gemini’s reasoning layer. Additional verification and classification models "interrogate" outputs before any action is executed, ensuring alignment with organizational rules.
The connection between accuracy and identity is fundamental: Does the system possess sufficient context about the agent, the human authorizing it, and the current state of records to act appropriately? Workday’s advantage lies in its ability to infer organizational structures directly from customer data. Since many enterprises already rely on third-party identity providers like Okta that sync with Workday, the platform acts as a single source of truth for permissions and context.
The Sana Self-Service Agent uses Gemini as the conversational interface to trigger workflows. Once a user initiates a request, they’re authenticated and authorized through Workday’s identity and security framework. Agents operate strictly on behalf of the user and within their permission boundaries, ensuring that actions remain compliant and traceable.
Audit trails follow the same principle. While Gemini retains interaction logs for conversational context, the authoritative audit trail remains within Workday and its customer’s systems, preserving a complete and immutable record.
Governance as the foundation, not an afterthought
For teams in regulated industries like HR and finance, a robust permission and governance layer isn’t a preference—it’s a requirement. Dan Obendorfer, director of product at Würk, underscored this point in a recent communication. "Governance must reside in the system of record," he said. "That’s not a guideline—it’s the only viable approach. If permissions live outside the system where data resides, you’ve already compromised compliance and security."
Kadan Stadelmann, chief technology officer and co-founder of Compance.AI, echoed this sentiment. "Without clear ownership of agents, their performance, costs, or actions, the result is chaos," he warned. "Agents need defined boundaries, accountability, and continuous monitoring to function reliably in enterprise environments."
Looking ahead: AI agents that scale without compromising control
The next phase of enterprise AI will belong to platforms that prioritize governance as deeply as they do capability. Solutions like Workday’s Sana demonstrate that AI agents can deliver transformative value—automating workflows, accelerating decisions, and reducing manual effort—without sacrificing security or compliance. The key lies in embedding permissioning and auditability into the fabric of the system from the outset, not as an add-on.
As enterprises increasingly adopt agentic systems, the distinction between those that succeed and those that stall will likely come down to one factor: not what the AI can do, but what it’s allowed to do.
AI summary
İşletmeler AI ajanlarını kullanırken karşılaştıkları en büyük engel performans değil, yetkilendirme ve güvenlik modellerindeki boşluklar. Workday Sana’nın çözümüne detaylı bakış.
