The operating system for the human + AI company

Run people and AI agents like a real institution.

Luca Org is the governance layer for companies where humans and autonomous AI agents work side by side. Every role has defined access, graded autonomy, and one accountable owner — under a company constitution with real checks and balances.

Built on established governance standards — NIST/ANSI RBAC, RACI/RAPID decision rights, and current AI-agent safety practice. Not a spreadsheet. A constitution.

Hi, I'm Luca — I keep every human and agent in their lane.
Luca, the Luca Org guide
The problem

When AI agents join the workforce, governance breaks.

Org charts, access systems, agent settings, and policy docs all drift apart. Nobody can answer the three questions that actually matter.

🎯

Who's accountable?

An AI agent spawns three more, takes an action, and something breaks — and the trail dead-ends in an automated call tree. No named human owns the outcome.

⚖️

How much can it do?

Autonomy is a blunt on/off switch. Agents get too much authority for irreversible actions, or too little to be useful. There's no graded, enforceable middle.

🗺️

What's the source of truth?

The org chart says one thing, the access system another, the agent config a third. There's no single governed home for how the company actually works.

The system

Every role binds three things — or it doesn't exist.

Luca Org's core rule, enforced as a hard constraint: a role is invalid unless it maps to access, autonomy, and ownership together.

The Role Triple is the atom of the whole system. Whether the principal is a person or an AI persona, the same three legs must all be present:

Humans & AI, one model Enforced at write time One accountable owner Autonomy never exceeds access
1
AccessWhat it may touch — least-privilege permissions
+
2
AutonomyHow independently it may act — a Trust & Autonomy tier
+
3
OwnershipWhat it owns — a system or duty, with one accountable owner
Missing any leg? The role is rejected. Governance you can't forget to apply.
Trust & Autonomy Index

Graded autonomy, with a human before every high-stakes move.

Five tiers from observe-only to full delegation. Agents act freely in their lane, but eight classes of high-consequence action always halt to a human approver.

TAI-0 · OBSERVE
Read-only. Proposes, never executes.
TAI-1 · ASSIST
Reversible, scoped work. No external comms.
TAI-2 · DELIVER
Full work in its lane; gated actions halt.
TAI-3 · OPERATE
Acts within its own plane under guardrails.
TAI-4 · GOVERN
May approve others' gated actions.
mergedeploydestructivenew capability spendexternal commsidentity / accesssecret access

↑ The eight gated action classes. Anything not on the list is denied by default; destructive actions need an out-of-band code; if an approver is unreachable, the action holds — it never fails open.

More than access control

A company that governs itself like an institution.

📜

A real Constitution

Separation of powers — constituent, executive, legislative, judicial — with entrenched clauses, an amendment process, and judicial review. Laws sit above policies.

🏛️

System Ownership Registry

Every product, system, and standing duty resolves to exactly one accountable owner. No orphans — a live map of who owns what.

🗂️

Division-of-Work Schedule

Every recurring task mapped to who's responsible and accountable, at what cadence, at what autonomy tier, with what permission.

🔗

Accountability that can't break

Every agent — and every sub-agent it spawns — inherits an immutable link to a responsible human. Nothing autonomous acts unaccountably.

🛡️

Least-privilege by construction

Built on the NIST/ANSI RBAC model with deny-fences and separation of duty. Autonomy is always capped by permission.

🔍

Drift you can see

Continuously reconciles the declared org against the live access and autonomy systems, surfacing every divergence.

How it works

Declare the org. Enforce the rules. Watch the drift.

Register every principal

Humans and AI personas alike become first-class principals, each with a role that binds access, autonomy, and ownership — validated the moment it's saved.

Govern with a constitution

Ratify the articles, enact policies beneath them, and route high-stakes actions through the right approver. Rules are machine-readable and enforced.

Stay honest over time

Drift reports flag any gap between what you declared and what your systems actually grant — so paper and production never diverge.

Who it's for

Anyone running a hybrid human + AI workforce.

If AI agents are doing real work in your company, you need to govern them like employees — with roles, limits, accountability, and law.

  • AI-native companies — running fleets of autonomous agents that ship code, handle ops, and talk to customers.
  • Software factories & platform teams — where agents and engineers commit, review, and deploy side by side.
  • Regulated & security-conscious orgs — that need least-privilege, separation of duties, and audit-grade accountability.
  • Founders & operators — who want their operating model written down, enforced, and self-governing.
Grounded, not invented

Built on decades of governance science — adapted for AI.

NIST / ANSI RBAC RACI & RAPID decision rights Separation of duties ITIL change authority OpenAI & Anthropic agent-safety practice Delegation-of-authority matrices Constitutional balance of powers

Give your AI workforce a constitution.

Luca Org turns "how our company works" into a living, enforced system — for a workforce that's part human, part machine, and fully accountable.