Mercury Security

AI Agent Oversight Pack — SLA & Scope
(v1.0, 2025)

The AI Agent Oversight Pack provides annual governance assurance for customer-facing and internal AI agents. This document defines the service scope, monitoring cadence, and client responsibilities.

1. Service Scope

Covered Agent Types

  • Reception & call answering agents
  • Customer support & FAQ agents
  • Knowledge retrieval agents (internal or external)
  • Social media posting agents
  • Workflow automation agents (simple decision support)

Included Governance Controls

  • Human-in-the-Loop (HITL) escalation procedures
  • Logging & retention policy
  • Bias & safety testing (scenario-driven)
  • Incident & escalation playbook
  • Hosting & assurance documentation (third-party vetted)

2. Service Level Agreement (SLA)

Monitoring Cadence

  • Monthly: Bias & safety sampling (20–50 test prompts per agent).
  • Quarterly: Review of logs, HITL escalations, and refusal handling.
  • Annually: Full Oversight Report with findings and recommendations.

Response Targets

  • Critical failures (unsafe completions, data leakage): reported within 5 business days of discovery.
  • Non-critical findings: documented in quarterly report.

Evidence Delivery

  • Oversight evidence is compiled into an Oversight Pack, including logs, test results, and policy updates. Delivered annually in PDF/DOCX.

3. Client Responsibilities

Clients must:

  • Provide timely access to agents and logs (via secure portal or API).
  • Assign a product/data owner for remediation follow-up.
  • Respond to Mercury requests within 5 business days.
  • Implement agreed remediation actions (Mercury does not enforce changes).

4. Exclusions

The Oversight Pack does not cover:

  • Model retraining or fine-tuning.
  • Development of new guardrails or moderation policies.
  • Formal legal compliance opinions or filings (e.g., DPIAs).
  • Vendor management or contractual negotiations.

5. Escalation Path

  • Unsafe or prohibited completions → documented & escalated to client owner.
  • Repeat failures → flagged in Oversight Report with recommended remediation.
  • Material governance failures → Mercury reserves right to suspend Oversight certification until remediation is complete.

6. Fees

  • $10,000 per year, organization-wide, for up to 3 production agents.
  • Additional agents may be covered via add-ons (see Add-On Catalog).

✅ The Oversight Pack ensures that AI agents remain governed, logged, and auditable throughout their lifecycle — not just at the point of initial deployment.

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram