> ## Documentation Index
> Fetch the complete documentation index at: https://agenticadvertisingorg-snap-format-preview-links.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# S4: Governance

> AdCP specialist module S4: Governance protocol mastery. Content standards, property lists, campaign governance lifecycle, policy registry, and compliance automation with sandbox agents.

# S4: Governance

<Info>
  **Members only** — Requires Practitioner credential. \~60 minutes with Addie. Combines hands-on lab and adaptive exam.
</Info>

This specialist module tests your mastery of the full governance protocol. You'll work with sandbox agents to manage content standards, property lists, and collection lists, execute the campaign governance lifecycle (plans, validation, outcomes, audit), resolve compliance policies from the registry, and reason about how governance domains compose. Addie evaluates both your hands-on work and your conceptual understanding.

Passing earns the **AdCP specialist — Governance** credential.

## Specialisms this track prepares you to validate

The following `specialisms` fall under the `governance` domain. Each has its own compliance storyboard — see the [Compliance Catalog](/docs/building/compliance-catalog) for the full taxonomy.

| Specialism                    | Status | What it covers                                                                      |
| ----------------------------- | ------ | ----------------------------------------------------------------------------------- |
| `content-standards`           | stable | Content standards enforcement (brand safety, policy compliance)                     |
| `property-lists`              | stable | Curated inclusion and exclusion lists for targeting and delivery compliance         |
| `collection-lists`            | stable | Curated inclusion and exclusion lists of content programs (shows, series, podcasts) |
| `audience-sync`               | stable | Syncs buyer-provided audience segments into a platform for activation               |
| `governance-delivery-monitor` | stable | Campaign delivery monitoring with drift detection                                   |
| `governance-spend-authority`  | stable | Conditional spend approval and human-in-the-loop governance                         |

## What you'll demonstrate

* Create, update, list, and delete content standards
* Create, update, list, and delete property lists
* Create, update, list, and delete collection lists — program-level brand safety across platforms
* Calibrate content against standards and interpret results
* Create and validate campaign plans with budget authority and policy configuration
* Sync governance agents to accounts via `sync_governance`
* Execute the full governance loop: `sync_plans`, `check_governance` (intent + execution), `report_plan_outcome`
* Use the policy registry to resolve and apply compliance policies
* Interpret audit logs and reason about drift metrics
* Distinguish the three layers of brand safety:
  * **Property lists** — *where* ads run. Stateful lists of properties (domains, apps, CTV services) with include/exclude semantics. Filter supply at the inventory level.
  * **Collection lists** — *what content* ads run in. Shows, series, movies, and sports programs identified by distribution IDs (Gracenote SH/MV/SP). Program-level exclusions independent of which property carries them.
  * **Content standards** — *per-impression adjacency*. Buyer-defined rules that evaluate actual content (not metadata) at serve time via calibrate → execute → validate. Use for episode-level or ephemeral content.
* Explain when to use each layer alone and how they compose (most buyers use one or two)
* Explain how governance domains compose — campaign, property, collection, content standards, creative
* Handle `GOVERNANCE_DENIED` end-to-end: read the `governance_context`, identify the failed rule, correct the payload, and retry
* Walk through the 15-step seller verification of a signed `governance_context` (JWS): `alg` allowlist, `typ` match, JWKS resolution via SSRF-validated fetch, `aud`/`sub`/`phase` binding, `jti` replay dedup, revocation-list check. Explain why each step closes a specific attack (spoofed issuer, plan swap, token replay, key compromise).
* Apply governance across `purchase_type` values: `media_buy`, `rights_license`, `signal_activation`, `creative_services`. All share the same loop; media-buy-specific validations (channel compliance, seller concentration, pacing) apply only when the payload contains the relevant fields
* Explain the `governance_context` correlation model: governance agent issues an opaque token on first check; buyer attaches it to the media buy envelope; seller echoes it on execution checks so the agent reconnects each lifecycle event without re-deriving state
* Configure audience constraints on a campaign plan using policy categories and restricted attributes
* Validate that `check_governance` correctly denies targeting that violates audience constraints

## Prerequisite reading

### Core governance tasks

<CardGroup cols={2}>
  <Card title="property_lists" icon="list-check" href="/docs/governance/property/tasks/property_lists">
    Create and manage property lists for inclusion/exclusion filtering.
  </Card>

  <Card title="collection_lists" icon="clapperboard" href="/docs/governance/collection/tasks/collection_lists">
    Create and manage collection lists for program-level brand safety.
  </Card>

  <Card title="create_content_standards" icon="scale-balanced" href="/docs/governance/content-standards/tasks/create_content_standards">
    Define brand-specific content standards for automated compliance.
  </Card>

  <Card title="calibrate_content" icon="sliders" href="/docs/governance/content-standards/tasks/calibrate_content">
    Test whether content meets defined standards before placement.
  </Card>

  <Card title="validate_property_delivery" icon="clipboard-check" href="/docs/governance/property/tasks/validate_property_delivery">
    Verify that ads were delivered to authorized properties.
  </Card>

  <Card title="sync_governance" icon="arrows-rotate" href="/docs/accounts/tasks/sync_governance">
    Sync governance agent endpoints to accounts for seller-side validation.
  </Card>

  <Card title="sync_plans" icon="file-circle-plus" href="/docs/governance/campaign/tasks/sync_plans">
    Create and update campaign plans that define authorized parameters.
  </Card>

  <Card title="check_governance" icon="shield-check" href="/docs/governance/campaign/tasks/check_governance">
    Validate intended and executed actions against the campaign plan.
  </Card>

  <Card title="report_plan_outcome" icon="flag-checkered" href="/docs/governance/campaign/tasks/report_plan_outcome">
    Report confirmed outcomes and commit budget against the plan.
  </Card>

  <Card title="get_plan_audit_logs" icon="scroll" href="/docs/governance/campaign/tasks/get_plan_audit_logs">
    Review governance decisions, findings, and drift metrics.
  </Card>
</CardGroup>

### Supporting concepts

<CardGroup cols={2}>
  <Card title="Governance overview" icon="building-columns" href="/docs/governance/overview">
    The governance protocol: property, content standards, creative, and campaign governance.
  </Card>

  <Card title="Campaign governance" icon="shield-check" href="/docs/governance/campaign">
    Multi-party validation, budget authority, and the trust model.
  </Card>

  <Card title="Campaign governance safety model" icon="lock" href="/docs/governance/campaign/safety-model">
    Three-party trust model: orchestrator, governance agent, and seller.
  </Card>

  <Card title="Campaign governance specification" icon="file-code" href="/docs/governance/campaign/specification">
    Full technical specification: validation categories, budget tracking, and audience governance.
  </Card>

  <Card title="Policy registry" icon="book" href="/docs/governance/policy-registry">
    Community-maintained compliance policies: regulations (COPPA, GDPR, HFSS) and standards (alcohol, pharma).
  </Card>

  <Card title="Property governance" icon="shield-check" href="/docs/governance/property/index">
    Identity, authorization, and data enrichment for publishers.
  </Card>

  <Card title="Collection governance" icon="clapperboard" href="/docs/governance/collection/index">
    Program-level brand safety with collection lists across CTV, podcast, and other media.
  </Card>

  <Card title="Content standards overview" icon="file-shield" href="/docs/governance/content-standards/index">
    How content standards work: calibration, local execution, and validation.
  </Card>

  <Card title="Content standards implementation" icon="code" href="/docs/governance/content-standards/implementation-guide">
    Implementation guide for content standards.
  </Card>

  <Card title="Content artifacts" icon="file-circle-check" href="/docs/governance/content-standards/artifacts">
    Artifacts generated during content evaluation.
  </Card>

  <Card title="Creative governance" icon="eye" href="/docs/governance/creative/index">
    Creative quality, compliance, and feature analysis.
  </Card>

  <Card title="Provenance verification" icon="certificate" href="/docs/governance/creative/provenance-verification">
    Verifying AI creative provenance and disclosure.
  </Card>

  <Card title="get_creative_features" icon="bars-staggered" href="/docs/governance/creative/get_creative_features">
    Analyzing creative features for compliance evaluation.
  </Card>

  <Card title="validate_content_delivery" icon="square-check" href="/docs/governance/content-standards/tasks/validate_content_delivery">
    Post-delivery content validation.
  </Card>

  <Card title="get_media_buy_artifacts" icon="box-archive" href="/docs/governance/content-standards/tasks/get_media_buy_artifacts">
    Retrieving evaluation artifacts for audit and review.
  </Card>
</CardGroup>

## Connecting to the test agent

Lab exercises run against the public test agent. Use the shared token — no signup required:

```bash theme={null}
export ADCP_AUTH_TOKEN="1v8tAhASaUYYp4odoQ1PnMpdqNaMiTrCRqYo9OJp6IQ"
export AGENT_URL="https://test-agent.adcontextprotocol.org/governance/mcp"
```

See the [Quickstart](/docs/quickstart) for a walkthrough of your first call.

## Lab exercises

1. **Content standards lifecycle** — Create, update, and manage content standards for a fictional brand
2. **Property list management** — Create inclusion and exclusion lists for supply path control
3. **Collection list management** — Create a do-not-air collection list with distribution identifiers, content rating filters, and genre exclusions. Understand how collection lists compose with property lists and content standards for three-layer brand safety.
4. **Content calibration** — Calibrate sample content against your standards and interpret results
5. **Compliance verification** — Verify that sandbox campaign deliveries meet governance requirements
6. **Campaign governance lifecycle** — Sync governance agents via `sync_governance`, create a campaign plan, validate actions (intent + execution), handle denials and conditions, report outcomes, and review audit logs
7. **GOVERNANCE\_DENIED recovery** — Submit a `check_governance` request that fails (audience uses a restricted attribute, or media buy exceeds committed budget). Read the denial reason, correct the payload, and verify the retry passes. Trace `governance_context` through the orchestrator → seller execution check to prove the correlation model.
8. **Purchase type variation** — Run `check_governance` with `purchase_type: "rights_license"` and `purchase_type: "signal_activation"` on the same plan. Observe which validations apply uniformly (budget, geo, flight) and which are media-buy-specific.
9. **Policy resolution and compliance** — Resolve policies from the registry, configure jurisdiction-scoped enforcement, verify that violations are caught
10. **Audience governance** — Configure a plan with `policy_categories` (e.g., `fair_housing`) that carry `restricted_attributes`. Submit `check_governance` requests with audience selectors that use restricted signals and verify the governance agent denies them. Then submit compliant targeting and confirm approval.
11. **Audience drift detection** — Run a series of delivery-phase governance checks with `audience_distribution` indices that gradually shift from baseline parity. Observe how cumulative indices reveal sustained bias patterns that single-period noise obscures, and how governance findings escalate when drift exceeds thresholds.

## Assessment

| Dimension            | Weight | What Addie evaluates                                                                               |
| -------------------- | ------ | -------------------------------------------------------------------------------------------------- |
| Protocol mastery     | 25%    | Full governance protocol mastery across all domains including campaign governance lifecycle        |
| Safety expertise     | 25%    | Understands the three-party trust model, separation of duties, and how governance domains compose  |
| Oracle understanding | 20%    | Understands AI-driven evaluation models and policy registry integration                            |
| Compliance skill     | 30%    | Handles regulatory requirements, policy resolution, jurisdiction scoping, and audit interpretation |

Passing threshold: 70%.

## Start this module

<Card title="Start S4 with Addie" icon="play" href="https://agenticadvertising.org/chat">
  "I'd like to start the governance specialist module."
</Card>
