AI Governance Framework
Knowledge Reference
20
Controls
4
Source Frameworks
6
Lifecycle Domains
2
Assessment Tiers
Quick Links
All 20 Controls
Browse controls with audit checklists
4 Source Frameworks
ISO 42001, NIST AI RMF, OWASP
Quick Reference
Implementation roadmap guide
Governance Templates
Policies, checklists, and assessments
Cross-Reference Matrix
Framework-to-control mapping
Search
Find any control, framework, or guidance
Lifecycle Domains
| Domain | Description | Tier 1 | Tier 2 | Total |
|---|---|---|---|---|
| DATA | Address the unique risks of data input, retention, and generation in AI systems, which often differ from standard data protection needs. | 2 | 1 | 3 |
| MODEL | Focus on securing the AI models themselves against adversarial attacks and ensuring output quality. | 3 | 2 | 5 |
| APPLICATION | Govern the behavior of AI agents, user interfaces, and integrations. | 3 | 1 | 4 |
| ASSURANCE | Focus on testing and monitoring AI systems for vulnerabilities, anomalous behavior, and incident readiness. | 2 | 1 | 3 |
| GOVERNANCE | Establish the policies and human oversight required for safe AI adoption across the organization. | 2 | 1 | 3 |
| INFRASTRUCTURE | Ensure the underlying AI assets and vendors are inventoried and managed securely. | 1 | 1 | 2 |