Twelve control domains. One composed verdict.
Each domain remains distinct in the registry, evidence model, prefixes, attestations, and runtime evaluation. The web experience is unified under Apeiris so the system reads as one evidence fabric, not a set of disconnected frameworks.
Security
Threats, controls, and detection
Model Assurance
Model trust, evaluation, and drift
Privacy
Consent, purpose, data rights
Compliance
Classification, dossiers, audit
Identity
Agent identity, delegation, revocation
Agentic
Tool use, action scope, orchestration
Ethics
Fairness, remedy, accountability
Resilience
Continuity, fallback, recovery
Finance
Financial governance, approval limits
Authority
Approvals, policy, contracts, intent
Knowledge
Source authority, citation fidelity
Data Governance
Classification, lineage, integrity
This is a work in progress — a complex one. I'm updating it based on feedback several times a week. If you see gaps, inaccuracies, or opportunities to make it more accurate or drive better outcomes, I'd love to hear from you. Eventually I'd like this to become a community resource. Send feedback →
Why we started here
The foundation has to be solid before anything built on top of it can be trusted.
Most governance frameworks start at the product layer — a tool that evaluates a model, a scanner that checks for drift, a policy workflow that records an approval. Those are valuable. But they each have their own vocabulary, their own evidence format, and no shared definition of what it means to compose those signals into a trustworthy verdict on an autonomous action.
We started with the public knowledge layer because the vocabulary has to be open. If the control definitions, evidence model, and cross-domain URI scheme are proprietary, then every enterprise that adopts them is locked to a vendor's version of what AI governance means. That is the wrong starting point for infrastructure that will govern consequential autonomous action at enterprise scale.
Solid
Precise control definitions, globally unique prefixes, an evidence schema, and an attestation DAG that leaves no ambiguity about what each domain is asking and what evidence it produces.
Public and verifiable
Every control, every prefix, every attestation artifact is ungated. Any team can read the specification, use the specification as an input to their own posture assessment, and cite it in their own governance documentation.
Community-informed
The definitions improve when practitioners building real systems push back, flag gaps, and propose additions. The twelve domains are a starting point, not a final answer. That is the point of publishing them openly.