Agent Types
Document Agent
A specialized AI agent that reads, understands, and processes documents. No template recognition, no rigid OCR – contextual language understanding. Document Agents process invoices, sick leave certificates, contracts, certificates, and receipts. Every decision is documented via the Decision Layer.
Workflow Agent
An AI agent that orchestrates business processes across systems. From incoming mail through approval to booking. Every step is logged. When queries arise or information is missing, the workflow pauses – it does not abort.
Knowledge Agent
An AI agent that provides contextual answers from enterprise knowledge. Company agreements, policies, collective bargaining agreements. Every answer includes source reference and rule version. Without a source, no answer is given.
Governance Terms
Decision Layer
The central governance component between agent and target system. The Decision Layer verifies professional rules, model confidence, risk, works council restrictions, and bias potential. A complete audit trail entry is generated per decision. The Decision Layer does not shift professional responsibility to AI – it makes it structurally manageable.
Human-in-the-Loop
An architectural principle where final decision authority remains with humans. Not added retroactively, but integrated into the agent architecture from the start. At low confidence or exceptions, the agent automatically escalates to the responsible specialist – with complete context and recommendation.
Governance by Design
Governance requirements are not added after the fact but are an integral part of the agent architecture. Audit trail, role concept, Decision Layer, and Human-in-the-Loop are present from day 1. The opposite of Shadow IT.
Audit Trail
The complete documentation of every agent decision: input data, applied rule, rule version, confidence score, result, timestamp. Not just for internal traceability – but for auditors, works councils, and certification audits.
Cert-Ready by Design
An architectural approach where all controls and documentation mechanisms are built to meet the requirements of common audit standards (ISA, PS 951, IDW, GoB/GoBD) during normal operations. No retroactive audit preparation.
Co-determination (Mitbestimmung)
The German right to workplace co-determination through the works council (BetrVG). For AI agents that process employee data or prepare personnel decisions, involving the works council is legally required. Gosign agents are designed to be works-council-ready from the start.
→ Co-determination & AI Agents
Shadow IT
IT systems operated without the knowledge or approval of the IT department. Particularly critical for AI agents, as uncontrolled LLM usage creates data privacy, compliance, and security risks. Gosign agents are integrated into existing IT governance – not as a parallel system.
Infrastructure Terms
Retrieval Augmented Generation (RAG)
An architecture where an LLM doesn’t just respond from its training corpus but additionally retrieves relevant documents from a knowledge base. In enterprise RAG: semantic chunking, metadata enrichment, hybrid search, source citation, and regular re-indexing.
LLM Hosting
Operating Large Language Models. Cloud (Azure OpenAI, Google Vertex AI – EU regions with DPAs), Self-Hosted (Llama, Mistral, DeepSeek – open source, own hardware), or Hybrid (sensitive data self-hosted, non-critical loads in the cloud).
Model-Agnostic
The property of an agent architecture not being bound to a specific LLM. Gosign agents work with Claude, ChatGPT, Gemini, Llama, Mistral, DeepSeek, and gpt-oss. Switching models does not change business logic, rule sets, or the audit trail.
Co-Build
Gosign’s model for client enablement. The agent is developed jointly, the client’s team is built up in parallel. After 12–18 months, the client operates their agents independently. No vendor lock-in, no permanent consulting model.
Regulatory
EU AI Act
The EU Artificial Intelligence Act (Regulation (EU) 2024/1689). Classifies AI systems by risk level and defines requirements for transparency, documentation, human oversight, and risk management. Particularly relevant for AI agents in HR and finance.
Data Residency
Control over where data is physically stored and processed. In enterprise AI infrastructure: EU regions (Azure West Europe, GCP europe-west3), DPAs with all sub-processors, no data transfer outside the defined scope.