Building Trustworthy AI Agents: A How-To Guide for Enterprise Deployments with SAP and NVIDIA

Introduction

In the rapidly evolving landscape of enterprise AI, specialized agents are moving beyond simple assistants to become autonomous actors in critical systems—from finance and procurement to supply chain and manufacturing. These agents can touch systems of record, cross application boundaries, and operate without human review at every step. This shift fundamentally changes the trust equation. Enterprises need robust boundaries, policy enforcement, and audit trails before deploying such agents into production. That's where the collaboration between SAP and NVIDIA comes in, embedding the open-source runtime NVIDIA OpenShell into the SAP Business AI Platform. This guide walks you through the essential steps to implement secure, governed agentic AI in your enterprise, based on the proven framework co-developed by SAP and NVIDIA.

Source: blogs.nvidia.com

What You Need

Before starting, ensure you have the following prerequisites in place:

SAP Business AI Platform – the enterprise environment for building and managing end-to-end AI agents (including Joule Studio for custom agents).
NVIDIA OpenShell – an open-source runtime for securely developing and deploying autonomous AI agents. SAP engineers are co-designing and contributing hardening enhancements to this project.
Enterprise identity and access management (IAM) integration – to enforce role-based permissions and data boundaries.
Policy modeling tools – to define rules at the filesystem, network, and application layers.
Audit and governance infrastructure – for logging agent actions and maintaining compliance.
Understanding of the five-layer AI stack (energy, chips, infrastructure, models, applications) – as noted by NVIDIA CEO Jensen Huang, the application layer is where economic value is created.

Step-by-Step Guide

Step 1: Assess Your Trust Requirements for Autonomous Agents

Before any technical implementation, map out the specific trust needs of your business. Consider the following questions:

Which systems of record will the agent touch? (e.g., ERP, finance, supply chain)
What cross-application boundaries must the agent cross?
At what points can the agent operate without human review?
What are the data privacy and compliance obligations (GDPR, SOX, etc.)?

This assessment directly informs the policy enforcement and isolation boundaries you will configure later. The SAP–NVIDIA collaboration emphasizes that governance must be built into the runtime, not bolted on later.

Step 2: Embed NVIDIA OpenShell as the Runtime Security Layer

Within your SAP Business AI Platform, ensure that OpenShell is enabled as the runtime security layer for all AI agents, including custom agents built in Joule Studio. OpenShell provides:

Isolated execution environments – containers that limit what the agent can access.
Policy enforcement at the filesystem and network layers – preventing unauthorized reads/writes or network calls.
Infrastructure-level containment – guards against damage when agent logic fails (e.g., runaway processes).

SAP has embedded OpenShell directly into the platform, so this step is largely about verification and configuration. Contact your SAP administrator to confirm that the runtime module is active for your tenant.

Step 3: Define and Enforce Policy Rules

With OpenShell in place, you need to model your enterprise policies. Follow these sub-steps:

Map agent roles and permissions – Use SAP’s identity integration to link agents to existing user roles and groups. For example, a procurement agent should only see purchase orders within its authorized cost center.
Set filesystem policies – Restrict the agent from reading sensitive directories (e.g., HR files) or writing to system folders.
Configure network policies – Limit outbound calls to approved APIs or databases. Prevent the agent from making external HTTP requests to unknown endpoints.
Define process boundaries – Ensure the agent cannot spawn new processes or escalate privileges. OpenShell’s containment layer handles this at the infrastructure level.

SAP engineers are contributing to OpenShell’s policy modeling capabilities, specifically for enterprise-grade requirements. Leverage these contributions to simplify rule definition.

Step 4: Integrate Enterprise Identity and Audit Trails

A key aspect of trustworthy agentic AI is making each agent’s actions traceable. Here’s how:

Building Trustworthy AI Agents: A How-To Guide for Enterprise Deployments with SAP and NVIDIA — Source: blogs.nvidia.com

Enterprise identity hooks – Connect OpenShell with your existing IAM system (e.g., SAP ABAP, Azure AD, Okta). Every agent action should be performed under a specific identity that can be audited.
Audit and governance hooks – Enable logging at the runtime level. OpenShell’s open-source codebase includes contribution from SAP for auditing hooks designed for production workloads. Configure these to capture: agent ID, timestamp, resource accessed, operation performed, and result.
Review logs regularly – Use SAP’s built-in monitoring or export logs to a SIEM (Security Information and Event Management) system.

These measures satisfy the “audit trail” requirement that SAP and NVIDIA emphasize for production deployment.

Step 5: Deploy and Monitor Your Agents

With policies and security in place, you can now deploy agents to production environments. Start with a limited rollout (e.g., a single business process) and monitor the following:

Performance impact – Does the containment layer introduce latency? Tune resource limits.
Policy violations – Track any denied actions; refine policies if false positives occur.
Agent logic failures – If an agent goes haywire, OpenShell’s containment should prevent damage. Verify with test scenarios.
Feedback loop – Use insights from monitoring to feed back into policy modeling and agent training. The SAP-NVIDIA collaboration emphasizes continuous improvement of the runtime.

NVIDIA itself runs finance, supply chain, and logistics on SAP, providing real-world validation of these governance practices. Their experience shows that agentic AI can be deployed safely when the runtime foundation is solid.

Tips for Success

Start with a pilot agent – Don’t rush to deploy all at once. Pick one specialized agent (e.g., a procurement assistant) and iterate on policy configuration before expanding.
Leverage the open-source community – OpenShell is actively co-developed by SAP and NVIDIA. Contribute your own policy templates or runtime optimizations to benefit from peer reviews.
Engage both business and IT – The trust equation involves not just technical controls but also business process owners. Ensure they understand the boundaries set for agents.
Keep the “five-layer cake” in mind – Application-layer agents are where value is created, but they depend on robust infrastructure, models, chips, and energy management. Coordinate with your entire AI stack team.
Plan for policy evolution – As agents become more capable, revisit boundaries. The SAP engineers continuously harden OpenShell for emerging threats. Stay updated with releases.
Test failure scenarios – Intentionally trigger agent misbehavior in a sandbox environment to verify that containment works as expected. This builds confidence before going live.

By following these steps, your enterprise can harness the power of specialized AI agents without compromising security, governance, or trust. The collaboration between SAP and NVIDIA provides a proven blueprint—now it’s up to you to implement it effectively.