Implementation Layer
AI Governance Controls
Operational controls for real-world enterprise AI systems — organized by domain, mapped to regulations, with maturity levels and implementation guidance.
Not sure where to start? Answer 3 questions and get a tailored compliance action plan.
What applies to me? →Human Oversight
Review gates, approval workflows, and override mechanisms for AI decisions.
7 controls
AGTAgentic AI
Goal constraints, action boundaries, and escalation paths for autonomous AI agents.
24 controls
SECSecurity
Adversarial input defense, prompt injection protection, and model access controls.
5 controls
ALCAudit & Logging
Immutable records of AI decisions, inputs, outputs, and model versions.
5 controls
CHMChange Management
Model release governance, version rollback, and change approval workflows.
5 controls
DGCData Governance
Training data provenance, privacy controls, and data retention policies.
6 controls
MONMonitoring & Drift
Performance drift detection, anomaly alerting, and operational dashboards.
6 controls
SAFSafety & Reliability
Graceful degradation, fail-safe defaults, and reliability under adversarial inputs.
6 controls
IRCIncident Response
Containment, investigation, and remediation procedures for AI system failures.
6 controls
PRCProcurement
Third-party AI vendor due diligence, contractual obligations, and offboarding.
15 controls
CMPRegulatory Compliance
Multi-jurisdiction regulatory mapping, standards monitoring, and compliance architecture for AI systems.
10 controls
BRDBoard & Executive Governance
Board education, committee charters, executive reporting, risk appetite, and enterprise-wide AI governance program design.
9 controls
104 controls across 10 domains — select a domain above to filter
Human Oversight
7 controlsAI System Risk Classification
Assign every AI system a risk tier that determines the oversight requirements, review frequency, and documentation standards applied to it.
Human Approval Gate for Consequential AI Decisions
Require a qualified human to review and approve AI-generated recommendations before they produce irreversible or high-stakes outcomes.
AI Output Review Workflow
Define a structured, documented process for reviewing AI outputs before they are acted upon or distributed.
Automation Bias Prevention
Implement measures to detect and counteract the tendency for human reviewers to defer to AI recommendations without adequate critical evaluation.
Reviewer Competency Requirements
Define minimum competency requirements for humans who review, approve, or override AI-generated outputs in high-risk contexts.
Override and Escalation Procedures
Document the procedures, authority levels, and logging requirements when humans reject, modify, or escalate AI-generated decisions.
Board AI Risk Reporting and Escalation Thresholds
Establish a recurring reporting cadence that surfaces material AI risk to the board and audit committee, with defined escalation thresholds that trigger immediate notification outside the normal reporting cycle.
Agentic AI
24 controlsAgent Permission Boundaries
Apply least-privilege principles to AI agents by explicitly defining and enforcing the tools, APIs, data sources, and actions each agent is authorized to access.
Agent Prompt Injection Defense
Protect AI agents from prompt injection attacks — adversarial instructions embedded in external content that hijack agent behavior.
Agent Memory and Context Governance
Define policies governing what AI agents store in memory or persistent context, how long it is retained, who can access it, and under what conditions it is deleted.
Multi-Agent Trust Hierarchy
Define explicit rules for which agents can instruct, invoke, or delegate authority to other agents in multi-agent systems.
Human Approval Gate for Irreversible Agent Actions
Require explicit human approval before an AI agent takes actions that are difficult or impossible to reverse, such as sending communications, modifying records, executing transactions, or deleting data.
Agent Action Audit Trail
Log every tool call, decision step, memory read/write, and external interaction made by an AI agent so that the full action sequence can be reconstructed after the fact.
Agent Scope and Task Boundaries
Define and enforce the boundaries of what an AI agent is permitted to do, preventing it from expanding its activity beyond its intended purpose.
Agent Environment Isolation
Run AI agents in isolated execution environments that limit their ability to access host systems, network resources, or data beyond what their task requires.
Agent and Non-Human Identity Management
Issue every AI agent a distinct, bounded identity with scoped credentials, a defined lifecycle, and access controls — rather than sharing service accounts or running under user identities.
Agent Knowledge Source Integrity
Validate that documents, databases, and external sources retrieved by AI agents during task execution have not been tampered with, poisoned, or substituted with adversarial content.
Agent Behavior Monitoring and Anomaly Detection
Continuously monitor deployed agents for behavioral drift, unusual tool call patterns, unexpected resource consumption, and actions outside their defined operational envelope.
Agent Kill Switch and Emergency Stop
Maintain the operational capability to halt any running agent session, workflow, or agent class immediately — without relying on the agent itself to stop — and recover to a known-safe state.
Kill-Switch Propagation Testing
Regularly test that halt commands propagate correctly through all subagent layers and parallel orchestration environments, stopping all agent activity within a defined time window.
Multi-Agent Delegation Chain Logging
Log and attribute every action in a multi-agent system with sufficient detail to trace any action back to its originating instruction, authorized agent, and human principal.
Agent OAuth Scope Drift Detection
Monitor OAuth token scopes granted to AI agents and alert when scopes exceed the originally authorized set or when new permissions are acquired outside the formal provisioning process.
Agentic AI Deployment Readiness Assessment
Require a structured pre-deployment readiness assessment for tool-enabled AI agents, verifying that key governance controls are in place and that the agent's impact on connected systems has been evaluated before go-live.
Agentic Autonomy Expansion Criteria
Define standardized criteria for incrementally widening an AI agent's autonomy thresholds after initial deployment, ensuring that autonomy expansions are deliberate, evidence-based, and approved through the same governance process as initial deployment.
Agent Data Modification Blast-Radius Containment
Define and enforce limits on the scope of data resources a single AI agent can modify, ensuring that an agent malfunction, misuse, or prompt injection cannot propagate data corruption beyond a bounded and recoverable scope.
AI Tool and Plugin Supply Chain Risk Assessment
Assess and manage supply chain risk from third-party tools, plugins, and extensions used by AI agents, including AI-generated code committed to production repositories, applying software supply chain security controls at the AI extension layer.
RAG Retrieval Boundary Controls for Regulated Data
Implement retrieval boundary controls in RAG (retrieval-augmented generation) pipelines to prevent regulated, classified, or out-of-scope data from entering an AI agent's context window, reducing the risk of unauthorized disclosure or cross-contamination of sensitive information.
Human Oversight Classification Rationale Log
Require documented rationale for each decision to classify an agentic AI action as requiring human-in-the-loop (HITL) or human-on-the-loop (HOTL) oversight, creating an auditable record of the reasoning behind oversight design choices.
Agentic AI Governance Tooling Attestation
Require vendor attestation for platform-level tools used as primary agent oversight controls, validating that telemetry is complete, tamper-evident, and sufficient for governance purposes before the tool is relied upon as a control.
Agentic AI Security Assessment — CBRN and Cyber Espionage
Conduct a threat-model assessment of agentic AI deployments covering high-consequence misuse vectors, including chemical, biological, radiological, and nuclear (CBRN) facilitation and AI-orchestrated cyber espionage, and implement mitigations proportionate to the identified risk.
AI Permission Escalation Tabletop Exercise Program
Conduct recurring tabletop exercises that simulate AI agent permission escalation and propagation scenarios, testing whether existing controls contain the escalation, incident response teams can detect and respond effectively, and governance processes are sufficient.
Security
5 controlsPrompt Injection Prevention
Detect and block adversarial inputs designed to override AI system instructions, extract sensitive information, or cause the model to behave in unintended ways.
AI System Access Controls
Apply authentication, authorization, and role-based access controls to AI systems, APIs, and the sensitive data they process.
Sensitive Data Handling in AI Pipelines
Prevent personally identifiable information, credentials, health data, and other sensitive content from entering AI models, prompts, or logs inappropriately.
AI API Credential Management
Securely manage, rotate, and audit API keys and credentials used to access AI services and model providers.
Adversarial Robustness Testing
Systematically test AI systems against adversarial inputs, edge cases, and known attack techniques before deployment and on a recurring basis.
Audit & Logging
5 controlsAI Decision Logging
Record AI system inputs, outputs, model version, confidence scores, and contextual metadata for every decision that affects individuals or business outcomes.
High-Risk AI Audit Trail
Maintain a comprehensive, tamper-evident audit trail for AI systems operating in regulated domains, covering the full lifecycle from input to decision to outcome.
AI Log Retention Policy
Define how long AI decision logs, audit trails, and system logs are retained, in what format, and the procedures for their eventual deletion.
AI Explainability Documentation
Document how AI systems reach decisions in sufficient detail that affected individuals, reviewers, and regulators can understand and challenge outcomes.
Regulatory Audit Readiness
Maintain AI documentation, logs, and governance records in a state that can be produced efficiently in response to a regulatory inquiry or audit.
Change Management
5 controlsAI Model Version Control
Track model versions, configurations, prompts, and deployment history so that any production state can be reproduced and compared.
Model Deployment Gate Process
Require formal approval before new model versions, prompt changes, or configuration updates are deployed to production AI systems.
Model Rollback and Emergency Shutdown
Maintain tested procedures to rapidly revert an AI system to a prior version or disable it entirely in response to detected failures or safety events.
AI Model Change Documentation
Record what changed between model versions, why the change was made, what testing was performed, and who approved the deployment.
Model Deprecation Procedure
Define the process for retiring AI models from production, including notification, data handling, audit trail preservation, and transition planning.
Data Governance
6 controlsTraining Data Provenance
Track and document the origin, composition, licensing, and preprocessing history of data used to train or fine-tune AI models.
PII Handling in AI Systems
Establish controls governing how personally identifiable information is handled when it flows through AI inputs, outputs, training pipelines, and logs.
Data Minimization for AI Systems
Ensure AI systems only process the data strictly necessary for their defined purpose, avoiding unnecessary collection, retention, or use of personal information.
AI Output Retention and Deletion
Define and enforce retention schedules and deletion procedures for AI-generated content, decisions, and the personal data contained within them.
Cross-Border Data Transfer Controls for AI
Govern the international transfer of personal data through AI systems, including data sent to AI API providers, training pipelines, and cloud infrastructure in other jurisdictions.
AI-Generated Code and Open-Source License Compliance
Establish controls to identify, track, and manage open-source license obligations and supply chain risks introduced by AI-generated code before it is committed to production systems.
Monitoring & Drift
6 controlsAI Performance Baseline
Establish documented, quantified performance baselines for production AI systems against which ongoing performance can be compared.
Model Drift Detection
Monitor production AI systems for data drift, concept drift, and output distribution shifts that indicate degraded or changed model behavior.
AI Bias and Fairness Monitoring
Continuously monitor AI system outputs for discriminatory patterns across protected demographic attributes in production.
AI Output Anomaly Detection
Automatically detect unusual, unexpected, or potentially harmful AI outputs in production for investigation and response.
Continuous Model Evaluation
Run ongoing evaluation pipelines against held-out test sets and curated adversarial examples to continuously measure model performance in production.
Behavioral Anomaly Detection for Agentic Systems
Implement monitoring that detects when AI agents deviate from their expected behavioral envelope — unusual action sequences, unexpected resource access, or goal-directed behavior inconsistent with assigned tasks.
Safety & Reliability
6 controlsHallucination Detection and Mitigation
Implement controls to detect, reduce, and manage AI-generated factual errors and fabrications before they reach end users or inform decisions.
AI Output Validation
Validate AI-generated outputs against defined quality, safety, and format criteria before they are presented to users or used in downstream processes.
AI Graceful Degradation
Define and implement fallback behavior for AI systems when they are unavailable, underperforming, or producing outputs below acceptable quality thresholds.
AI Reliability Testing
Systematically test AI systems for consistency, repeatability, edge-case handling, and behavior under load before deployment and on a recurring basis.
Harmful Content Filtering
Apply input and output filtering to prevent AI systems from generating or acting on harmful, toxic, illegal, or policy-violating content.
Post-Deployment Adversarial Testing Cadence
Schedule and execute recurring adversarial testing of production AI systems on a risk-tiered cadence, separate from and in addition to pre-deployment red-teaming.
Incident Response
6 controlsAI Incident Classification
Define a taxonomy for AI incidents that categorizes events by type and severity, determining the appropriate response urgency and notification requirements.
AI Incident Response Playbook
Document step-by-step procedures for identifying, containing, investigating, and resolving AI system incidents, including role assignments and escalation paths.
AI Harm Notification Procedures
Define procedures for notifying regulators, affected individuals, and other required parties when an AI system causes or contributes to harm.
AI Post-Incident Review
Conduct a structured review after every significant AI incident to identify root causes, contributing factors, and systemic improvements.
AI Incident Log and Tracking
Maintain a centralized, structured log of all AI incidents, near-misses, and governance concerns, accessible to the AI governance function.
Cross-Jurisdictional Incident Reporting Tracker
Maintain a live tracker of incident notification deadlines across all jurisdictions where the organization operates AI systems, pre-mapped to the incident categories that trigger each obligation.
Procurement
15 controlsAI Vendor Due Diligence
Assess AI vendors against security, governance, and compliance criteria before procurement and at defined intervals during the vendor relationship.
AI Contractual Requirements
Define minimum contractual provisions that must be present in agreements with AI vendors, covering data handling, transparency, audit rights, and incident notification.
Third-Party AI Model Evaluation
Evaluate third-party AI models against defined performance, safety, and bias criteria before deploying them in enterprise workflows.
Vendor AI Incident Notification Requirements
Require AI vendors to notify the organization of incidents affecting their AI systems within defined timeframes and with specified information.
AI Procurement Risk Assessment
Assess and document the risks of procuring an AI system or service before approval, including technical, legal, privacy, and operational risks.
Vendor Safety Commitment Verification
Establish a workflow to verify that AI vendors are honoring their published safety commitments, voluntary pledges, and contractual safety obligations on an ongoing basis — not only at the time of procurement.
Vendor Governance Change Monitoring
Monitor material changes to AI vendors' governance structures, safety leadership, and organizational policies that may affect the risk profile of deployed systems.
Vendor Model Update Disclosure and Re-Assessment Protocol
Require AI vendors to disclose material model updates, including capability changes, safety evaluation results, and model card revisions, and establish an internal re-assessment trigger process so that vendor model changes do not nullify the organization's prior due diligence.
AI Vendor Concentration Risk Assessment
Assess and manage the risk arising from organizational dependence on a small number of AI vendors or underlying model providers, and maintain a documented supplier redundancy posture to ensure operational continuity if a primary vendor is disrupted, suspends access, or becomes unavailable.
AI Vendor Financial Stability Assessment
Assess the financial stability and organizational viability of AI vendors as part of vendor selection and periodic due diligence, applying criteria calibrated to the current market environment including consolidation pressure, regulatory cost exposure, and dependence on continued investor funding.
Federal AI Procurement Submission and Review Process
Establish an internal process for meeting AI vendor submission requirements under federal procurement rules, and monitor the transition of voluntary pre-deployment evaluation commitments to mandatory requirements so that procurement workflows remain compliant as the regulatory baseline shifts.
AI Safety Index and Benchmark Monitoring
Track external AI safety indices, benchmark ratings, and third-party evaluation results for AI vendors and models used by the organization, and incorporate material findings into the vendor risk assessment and re-assessment cycle.
AI Platform Conflict-of-Interest Assessment
Assess and manage conflicts of interest that arise when an AI vendor both develops or deploys AI models and provides the oversight tooling, monitoring, or safety evaluation services used to govern those same models, ensuring governance decisions are not structurally dependent on vendor-controlled inputs.
Shadow AI and Third-Party Widget Inventory and Classification
Detect and classify AI capabilities embedded in third-party SaaS tools, browser extensions, and client-side scripts operating within the organization's environment, and apply appropriate data processor and vendor risk controls to these shadow AI vectors.
Procurement-Stage AI Governance Conditions
Establish governance preconditions that must be satisfied before AI system procurement is completed, including binding contractual commitments to governance standards, whistleblowing policy requirements, and internal approval workflow triggers that make governance a dependency of procurement rather than a post-hoc addition.
Regulatory Compliance
10 controlsMulti-Jurisdiction AI Regulatory Compliance Mapping
Maintain a structured map of AI regulatory obligations across all operating jurisdictions, identifying where requirements diverge, conflict, or demand simultaneous compliance.
International AI Standards Monitoring Workflow
Track changes to international AI standards from ISO, NIST, OECD, ITU, and other bodies, and translate material updates into internal compliance obligation reviews.
Voluntary AI Framework Obligation Mapping
Map voluntary AI commitments (industry pledges, government agreements, sandbox conditions) against sector-specific regulatory requirements to identify where voluntary obligations create compliance risk or regulatory uplift.
Non-Legislative AI Obligation Tracker
Identify and track AI governance obligations that arise outside formal legislation, including procurement rules, bilateral agreements, sandbox exit conditions, and regulatory guidance letters.
Regulatory Engagement Process for AI Standards Development
Define how the organization participates in regulatory consultation processes, comment periods, and public-private working groups during the development of AI regulations and standards.
AI Content Watermarking and Labeling Compliance
Maintain an operational checklist of jurisdiction-specific requirements for labeling, watermarking, and provenance disclosure of AI-generated content, and implement the required technical and procedural controls.
EU AI Act Conformity Assessment and FRIA Process
Implement the EU AI Act's conformity assessment pathway for high-risk AI systems, including technical documentation, notified body engagement where required, and fundamental rights impact assessment.
Federal AI Regulatory Monitoring and Pre-Deployment Vetting
Monitor US federal AI regulatory developments across executive orders, agency guidance, and frontier model requirements, and maintain a pre-deployment vetting protocol aligned to current federal expectations.
AI Hardware Provenance and Export Control Compliance
Document the origin and supply chain of AI-relevant hardware (GPUs, specialized chips) and screen all AI infrastructure procurement against applicable export control regulations.
AI Use in Regulatory Reporting and Risk Modeling
Map all AI system use cases in regulatory reporting, stress testing, and risk modeling to supervisory expectations, and document how AI outputs are validated before submission to regulators.
Board & Executive Governance
9 controlsDirector AI Literacy and Competency Assessment
Establish a board-level AI literacy program that assesses director competency against defined standards, closes identified gaps through targeted education, and ensures the board can discharge its AI oversight obligations effectively.
AI Governance Committee Charter and Decision Rights
Establish a cross-functional AI governance committee with a formal charter defining its mandate, composition, decision rights, quorum requirements, escalation paths, and reporting obligations to the board.
Board-Level AI Safety Committee Charter
Establish a dedicated board-level committee with fiduciary responsibility for AI safety oversight, distinct from the operational AI governance committee, with defined authority over high-consequence AI risk decisions.
AI Governance ESG and Investor Disclosure
Establish a structured process for disclosing AI governance maturity, AI-related risk management, and AI safety posture to shareholders, institutional investors, and ESG rating agencies.
AI Governance Maturity Assessment
Conduct structured self-assessments and external benchmarking of the organization's AI governance program against defined maturity frameworks, and use assessment results to prioritize governance improvements.
AI Risk Tolerance and Appetite Documentation
Establish a formal process for defining, documenting, and approving the organization's AI risk tolerance and appetite across key risk categories, with board-level sign-off and periodic review.
Federated AI Governance Design
Design the accountability model for AI governance across distributed deployments, defining the balance between central control and business unit autonomy, and the escalation path when BU-level governance is insufficient.
Voluntary AI Governance Adequacy Standard
Define an internal AI governance adequacy standard for organizations operating without binding AI mandates, providing a documented and defensible governance posture that satisfies stakeholder expectations and anticipated regulatory requirements.
Unified Multi-Framework AI Risk Register
Maintain a single AI risk register that consolidates obligations from multiple frameworks (NIST AI RMF, ISO 42001, EU AI Act, sector regulations) into a unified view, eliminating duplication and identifying where a single control satisfies multiple requirements.