Enterprise DNA

Omni by Enterprise DNA

Enterprise DNA Resources

Latest AI and industry news. Practical AI operating-system thinking for owners, operators, and teams doing real work.

220k+

Data professionals

Omni

AI agents and apps

Audit

Map the manual work

News Trending AI News

NVIDIA and SAP Build a Trust Layer for Enterprise AI Agents

At SAP Sapphire 2026, NVIDIA and SAP unveiled a governance framework that decides when and how AI agents can act inside enterprise systems.

Enterprise DNA | | via NVIDIA Blog
NVIDIA and SAP Build a Trust Layer for Enterprise AI Agents

When an AI agent inside your supply chain decides to re-route a shipment, approve an invoice, or cancel a vendor contract — who stops it if it’s wrong?

That’s the question NVIDIA and SAP answered at SAP Sapphire 2026 on May 12. The two companies expanded their collaboration to bring enterprise-grade trust and governance to specialized AI agents, embedding NVIDIA’s OpenShell runtime directly into SAP Business AI Platform.

The move addresses what enterprise AI teams have quietly identified as their biggest operational fear: agents that have the technical ability to act, but no guardrails stopping them from acting in ways the business never intended.

Two Checkpoints, Not One

The framework operates as a dual control layer, and the distinction between those two layers matters.

NVIDIA OpenShell sits at the runtime level and asks: Can this agent action safely execute? It handles security, network controls, privacy guardrails, and policy enforcement at the point where agent code meets real infrastructure. Think of it as the technical seatbelt — keeping agents within defined boundaries regardless of what they have been asked to do.

SAP’s Joule Studio operates at the enterprise level and asks: Should this action happen at all? This is where business logic, approval workflows, compliance requirements, and organizational policies live. Even if an action is technically safe, Joule Studio can block it if it falls outside what the business has explicitly sanctioned.

Together, they close a gap that application-layer security alone cannot. A single checkpoint can be misconfigured or bypassed. Two independent layers — one at the runtime level, one at the business logic level — create meaningful defense in depth for agentic AI.

Why This Matters in SAP’s World

SAP runs the operational backbone for a significant share of global business: finance, procurement, supply chain, manufacturing, HR. As Joule-powered agents take on more of those workflows, the trust question stops being theoretical.

When an AI agent has access to SAP’s finance module, it can approve payments. When it’s in procurement, it can commit to contracts. When it’s in supply chain, it can re-route goods already in transit. These are not demo capabilities. They are real business actions with real financial and legal consequences.

The OpenShell integration also carries an important signal for the broader AI ecosystem: NVIDIA and SAP are building this as open source. SAP engineers are contributing directly to the OpenShell codebase, with a focus on runtime hardening, enterprise identity integration, policy modeling, and auditing hooks. That means enterprises running other platforms can, in principle, adopt the same control layer.

Jensen Huang joined SAP CEO Christian Klein’s Sapphire keynote by video to make the announcement — a signal of how seriously both companies are treating the governance problem.

What This Means for Business

If you’re deploying AI agents — or planning to — the NVIDIA and SAP framework makes one thing clear: governance is not a later problem. It’s the foundation you need before an agent goes anywhere near a live business system.

The dual-layer model is a pattern worth understanding regardless of which platforms you use. The right question before any agent goes live is not “what can this agent do?” It’s “what should it be allowed to do, and who approved that?”

Most businesses deploying agentic AI right now have the first answer. Very few have the second. Frameworks like OpenShell and Joule Studio are starting to fill that gap — and the fact that they’re being built into enterprise platforms by default suggests this kind of governance scaffolding is becoming a baseline expectation, not an optional extra.

The practical next step is the free Working With Claude field guide. Thirty-two pages covering the ecosystem, Claude Code, and how to govern a rollout properly. Get your copy.

Working With Claude field guide cover

Free Resource

Going deeper with Claude?

Get the free 32-page implementation guide for ANZ teams.

No spam. Unsubscribe any time.