This paper examines how large language models can be embedded in governable agentic workflows for defence decision support. It argues that reliability and accountability in such systems depend on workflow architecture, not only on model capability. Building on the author’s earlier I→E→R model, the paper proposes an audit-first governance framework with three layers: explicit task decomposition, evidence grounding with provenance, and bounded control with logging and authorization gates. The framework is specified through five inspectable roles, four design variables, and bounded autonomy as the guiding design principle. The contribution is conceptual: it defines conditions under which agentic analytical processes can remain transparent, traceable, reconstructable, and auditable, and prepares the framework for later case-study or proof-of-concept evaluation.