Implementation Layer
AI Governance Controls
Operational controls for real-world enterprise AI systems — organized by domain, mapped to regulations, with maturity levels and implementation guidance.
Human Oversight
Review gates, approval workflows, and override mechanisms for AI decisions.
6 controls
AGTAgentic AI
Goal constraints, action boundaries, and escalation paths for autonomous AI agents.
8 controls
SECSecurity
Adversarial input defense, prompt injection protection, and model access controls.
5 controls
ALCAudit & Logging
Immutable records of AI decisions, inputs, outputs, and model versions.
5 controls
CHMChange Management
Model release governance, version rollback, and change approval workflows.
5 controls
DGCData Governance
Training data provenance, privacy controls, and data retention policies.
5 controls
MONMonitoring & Drift
Performance drift detection, anomaly alerting, and operational dashboards.
5 controls
SAFSafety & Reliability
Graceful degradation, fail-safe defaults, and reliability under adversarial inputs.
5 controls
IRCIncident Response
Containment, investigation, and remediation procedures for AI system failures.
5 controls
PRCProcurement
Third-party AI vendor due diligence, contractual obligations, and offboarding.
5 controls
6 controls matching filters
Human Oversight
1 controlSecurity
1 controlChange Management
1 controlIncident Response
3 controlsAI Incident Classification
Define a taxonomy for AI incidents that categorizes events by type and severity, determining the appropriate response urgency and notification requirements.
AI Post-Incident Review
Conduct a structured review after every significant AI incident to identify root causes, contributing factors, and systemic improvements.
AI Incident Log and Tracking
Maintain a centralized, structured log of all AI incidents, near-misses, and governance concerns, accessible to the AI governance function.